AWS VPC CNI NetworkPolicy support has been available for a while.
I will demonstrate how to activate the NetworkPolicy plugin in an EKS cluster.
You may activate VPC CNI with the following command:
eksctl create addon --name vpc-cni --version v1.15.0-eksbuild.2 --cluster YOUR_CLUSTER_NAME --service-account-role-arn arn:aws:iam::account:role/AmazonEKSCNIAccess --forceYou may not be able to activate VPC CNI without the — forceargument.
You may enable VPC CNI through the AWS Management Console:
On your EKS Console, click add-ons:
Click more add-ons:
Select Amazon VPC CNI:
Click next. Then select the latest version:
Click next. Review your configuration:
Click create. You may see the progress in the Add-ons tab
It is enabled:
Open the Amazon VPC CNI’s configuration:
Expand the “Optional configuration settings”:
Update the configuration values with a JSON value:
Here’s the configuration value:
{"enableNetworkPolicy": "true"}Then, click “Save changes”
In the vpc-cni add-on page, you may see the progress:
Enjoy your Network Policies in your EKS Cluster:
