Summary
Enable Application Network Policies (ANP) support for self-managed Amazon EKS clusters, not just EKS Auto Mode.
Problem
Amazon EKS recently introduced Application Network Policies that allow configuring DNS/FQDN-based egress.
However, this feature is only available for EKS auto-mode clusters. Standard EKS clusters are still limited to L3/L4 Kubernetes NetworkPolicy.
This leads to:
- overly permissive CIDR allowlists when using standard Kubernetes NetworkPolicy.
- forces to use and maintain external CNI components to implement DNS/FQDN-based policies.
Proposal
Extend ANP support to standard EKS clusters.
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Summary
Enable Application Network Policies (ANP) support for self-managed Amazon EKS clusters, not just EKS Auto Mode.
Problem
Amazon EKS recently introduced
Application Network Policiesthat allow configuring DNS/FQDN-based egress.However, this feature is only available for EKS auto-mode clusters. Standard EKS clusters are still limited to L3/L4 Kubernetes NetworkPolicy.
This leads to:
Proposal
Extend ANP support to standard EKS clusters.
Community Note