# Enable EKS endpoints

AWS SDKs and the AWS Command Line Interface (AWS CLI) automatically use the default public endpoint for each service in an AWS Region. However, when you create an Infrastructure in DuploCloud, you can specify a custom **Private** endpoint, a custom **Public** endpoint, or **Both public and private** custom endpoints. If you specify no endpoints, the default **Public** endpoint is used.

For more information about AWS Endpoints, see the [AWS documentation](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html#private-access).

## Specifying public and private endpoints

1. Follow the steps in the section [Creating an Infrastructure](https://docs.duplocloud.com/docs/automation-platform/overview/use-cases/creating-an-infrastructure-and-plan-for-aws). Before clicking **Create**, specify **EKS Endpoint Visibility**.
2. From the **EKS Endpoint Visibility** list box, select **Public**, **Private**, or **Both public and private**. If you select **private** or **Both public and private**, the **Allow VPN Access to the EKS Cluster** option is enabled.
3. Click **Advanced Options.**
4. Using the **Private Subnet CIDR** and **Public Subnet CIDR** fields, specify CIDRs for alternate public and private endpoints.
5. Click **Create**.

<div align="left"><figure><img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2F6Wj69VkuazKJe2aajXj8%2Finfraend5.png?alt=media&#x26;token=240667bc-7a37-45ca-a72a-265ba1496a74" alt=""><figcaption><p><strong>Infrastructure</strong> page with <strong>EKS Endpoint Visibility</strong> field and <strong>Advanced Options</strong> for specifying custom subnet CIDRs</p></figcaption></figure></div>

<div align="left"><figure><img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2FX9zNuZefAE8ArLLImyhY%2Finfraend2.png?alt=media&#x26;token=254abd84-8c36-4f15-af70-fc782e00c7c8" alt=""><figcaption><p><strong>Infrastructure</strong> page with <strong>EKS Endpoint Visibility Private</strong> option preconfigured</p></figcaption></figure></div>

## Changing VPN visibility from public to private (optional)

To change VPN visibility from public to private after you have [created an Infrastructure](https://docs.duplocloud.com/docs/automation-platform/overview/use-cases/creating-an-infrastructure-and-plan-for-aws), follow these steps.

1. In the DuploCloud Portal, navigate to **Administrator** -> **Infrastructure**. The **Infrastructure** page displays.
2. From the **NAME** column, select the Infrastructure.
3. Click the **Settings** tab.
4. In the **EKS Endpoint Visibility** row, in the **Actions** column, click the ( <img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2FiNwYVMf4fky7ZPl41t38%2FKabab_three_Vertical_dots.png?alt=media&#x26;token=566b1d4e-a9bc-43c8-995a-044ceab9f38b" alt="" data-size="line"> ) icon and select **Update Setting**. The **Infra - Set Custom Data** pane displays.<br>

   <div align="left"><figure><img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2F0wLgvQSIKxGJDQS4xV7L%2Finfraend1.png?alt=media&#x26;token=623d0964-ed34-4ed9-83b1-a8824ac99523" alt=""><figcaption><p><strong>Infra - Set Custom Data</strong> pane with <strong>Enable VPN Access to EKS Cluster</strong> option</p></figcaption></figure></div>
5. From the **Setting Name** list box, select **Enable VPN Access to EKS Cluster**.
6. Select **Enable** to enable VPN.
7. Click **Set**. When you [create an Infrastructure](https://docs.duplocloud.com/docs/automation-platform/overview/use-cases/creating-an-infrastructure-and-plan-for-aws), the **Allow VPN Access to the EKS Cluster** option will be enabled.<br>

   <figure><img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2FMknuI7XpfE8aDGrAVknA%2Fsettings%20marked.png?alt=media&#x26;token=74dc4b64-a224-44e6-bcb9-8e512611b2e0" alt=""><figcaption></figcaption></figure>

## Changing EKS endpoint visibility (optional)

{% hint style="warning" %}
Modifying endpoints can incur an outage of up to thirty (30) minutes in your EKS cluster. Plan your update accordingly to minimize disruption for your users.
{% endhint %}

To modify the visibility for EKS endpoints you have already created:

1. In the DuploCloud Portal, navigate to **Administrator** -> **Infrastructure**. The **Infrastructure** page displays.
2. From the **Name** column, select the Infrastructure for which you want to modify EKS endpoints.
3. Click the **Settings** tab.
4. In the **EKS Endpoint Visibility** row, in the **Actions** column, click the ( <img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2FiNwYVMf4fky7ZPl41t38%2FKabab_three_Vertical_dots.png?alt=media&#x26;token=566b1d4e-a9bc-43c8-995a-044ceab9f38b" alt="" data-size="line"> ) icon and select **Update Setting**. The **Infra - Set Custom Data** pane displays.
5. From the **Setting Value** list box, select the desired type of visibility for endpoints (**private**, **public**, or **both**).
6. Click **Set**.

<div align="left"><figure><img src="https://2471407984-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F68cb0s9ce5UIUKWPuYs8%2Fuploads%2FjrCDaPZ63IH4Zl41vaIC%2FInfra_Endpoints_1.png?alt=media&#x26;token=f250c8a4-b519-47ae-900f-81a660c570b8" alt=""><figcaption><p><strong>Infra - Custom Data</strong> pane with <strong>Setting Value</strong> for <strong>EKS Endpoint Visibility</strong></p></figcaption></figure></div>