Deployed on EKS Wed Feb 11 09:46:41 UTC 2026
curl k8s-default-nginxing-a42064aa7e-1786392641.ap-east-1.elb.amazonaws.comDeployed on EKS Wed Feb 11 09:46:41 UTC 2026
curl k8s-default-nginxing-a42064aa7e-1786392641.ap-east-1.elb.amazonaws.comDeployed on EKS Wed Feb 11 09:46:45 UTC 2026
``` ## Notes on IPv6 EKS could not be deployed on ipv6-only private subnets. It appears AWS requires at least 2 free IPv4 addresses in the subnet. I tried and the following error was returned. ``` Error: creating EKS Cluster (xpk-eks01-akita): operation error EKS: CreateCluster, https response error StatusCode: 400, RequestID: b25794cc-3220-4393-a435-c92e2f8aafdd, InvalidParameterException: Atleast one subnet in each AZ should have 2 free IPs. Invalid AZs: { [ap-east-1c, ap-east-1b] }, provided subnets: { subnet-02aaf75a3e4700f74, subnet-02071b29e2883d5b1 } ``` ## Notes on KMS key I tried using aws-managed key for EKS, but it failed to deploy with an error. ```hcl encryption_config = { provider_key_arn = "arn:aws:kms:${data.aws_region.this.id}:${data.aws_caller_identity.current.account_id}:alias/aws/secretsmanager" resources = ["secrets"] } ``` ``` Error: creating EKS Cluster (xpk-eks01-vervet): operation error EKS: CreateCluster, https response error StatusCode: 400, RequestID: 0b866e07-352a-439c-9196-f7a671bdd0ee, api error InvalidRequestException: User not authorized to perform kms:CreateGrant operation ``` When I used ```create_kms_key = true```, EKS was created successfully. I can see that the EKS cluster role is explicitly allowed in the key policy.