Skip to content

Commit 0c0dee3

Browse files
author
Lukonde Mwila
committed
Squashed commit of the following:
commit e37135b6a7540fa716babfcf6379177e73160a99 Author: Lukonde Mwila <lukondef@amazon.com> Date: Mon Nov 24 14:48:01 2025 -0800 updated the styling for the irsa text in the docs commit ad99908e5c4959b874ce40d848ee161e7d31368f Author: Lukonde Mwila <lukondef@amazon.com> Date: Mon Nov 24 14:39:37 2025 -0800 included information that the NFM agent can also receive permissions through IRSA
1 parent 2746357 commit 0c0dee3

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

latest/ug/observability/container-network-observability.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ When using Network Flow Monitor in EKS, you can maintain your existing observabi
3939
== Prerequisites and important notes
4040

4141
. As mentioned above, if you enable Container Network Observability from the EKS console, the underlying NFM resource dependencies (Scope and Monitor) will be automatically created on your behalf, and you will be guided through the installation process of the EKS add-on for NFM.
42-
. If you want to enable this feature using Infrastructure as Code (IaC) like Terraform, you will have to define the following dependencies in your IaC: NFM Scope, NFM Monitor, EKS add-on for NFM. In addition, you'll have to grant the https://docs.aws.amazon.com/aws-managed-policy/latest/reference/CloudWatchNetworkFlowMonitorAgentPublishPolicy.html[relevant permissions] to the EKS add-on using https://docs.aws.amazon.com/eks/latest/userguide/pod-id-agent-setup.html[Pod Identity].
42+
. If you want to enable this feature using Infrastructure as Code (IaC) like Terraform, you will have to define the following dependencies in your IaC: NFM Scope, NFM Monitor, EKS add-on for NFM. In addition, you'll have to grant the https://docs.aws.amazon.com/aws-managed-policy/latest/reference/CloudWatchNetworkFlowMonitorAgentPublishPolicy.html[relevant permissions] to the EKS add-on using https://docs.aws.amazon.com/eks/latest/userguide/pod-id-agent-setup.html[Pod Identity] or https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IAM roles for service accounts (IRSA)].
4343
. You must be running a minimum version of 1.1.0 for the NFM agent's EKS add-on.
4444

4545
=== Required IAM permissions

0 commit comments

Comments
 (0)