AWS EKS private endpoint access

hi Tailscale team,
I’m wondering how to overcome an issue I got regard accessing my Kubernetes(EKS) cluster running on AWS via the private endpoint, I have an EC2 instance(router for the VPC CIDR) that can route me to the EKS cluster, but the EKS endpoint DNS name is translated only within the VPC and not on my PC.
sound like a very common use case to me, but I could not find any idea.


Split DNS can be used to do this: DNS in Tailscale · Tailscale
For example if the domain name used within your EKS VPC is myeks.cluster, you’d add a DNS server for myeks.cluster pointing to the private VPC address of the EKS DNS server IP address.

There are examples of doing this for AWS names: Access AWS RDS privately using Tailscale · Tailscale
EKS would differ in the details, but the overall steps would be the same.

I see 2 challenges with this solution,

  1. I don’t have control of the DNS zone
  2. what will happen if I have multiple VPCs with EKS in each of them?