Amazon EKS managed node groups allow fully private cluster networking

Posted on: Apr 22, 2020

Amazon Elastic Kubernetes Service (EKS) managed node groups now allow fully private cluster networking by ensuring that only private IP addresses are assigned to EC2 instances managed by EKS. 

Previously, EKS managed node groups assigned public IP addresses to every EC2 instance started as part of a managed node group. This ensured cluster connectivity in most networking scenarios, but also meant that public IPs would be assigned to nodes running in private subnets where connectivity to the public internet was not desired. 

Now, EKS managed node groups no longer assign public IP addresses to EC2 instances. For public subnets, you can ensure that your EC2 instances receive public IP addresses by setting the IP assignment to TRUE in the subnet configuration. 

Note this change will only apply to new managed node groups that you create. The behavior of existing managed node groups will not change.  

To learn more, see the Amazon EKS documentation or read our blog on this change. You can also get a deep dive on how cluster networking for EC2 instances work in our blog.