[EKS] [request]: Support for OIDC endpoint with PrivateLink EKS VPC Endpoint

[heggenu]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request What do you want us to build? Ability to use the EKS VPC Endpoint together with OIDC

Which service(s) is this request for? EKS

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? We want to provide centralized VPC Endpoints for commonly used services, when the EKS endpoint came out, we wanted to offer private connectivity to this endpoint to avoid going out to the internet.

When we deployed the central VPC Endpoint for EKS com.amazonaws.${region}.eks this causes the DNS lookup for oidc.eks.${region}.amazonaws.com. to fail as OIDC is not supported by the VPC Endpoint.

Are you currently working around this issue? How are you currently solving this problem? Use the public Endpoint. Toggle Private DNS names enabled to false for the EKS VPC endpoint. Alternatively, removing the EKS VPC Endpoint if not in use at all.

Additional context Anything else we should know?

Attachments If you think you might have additional information that you'd like to include via an attachment, please do - we'll take a look. (Remember to remove any personally-identifiable information.)