WARNING: This hasn't been tested extensively outside of my environment. Your mileage may vary.
Assumptions:
- Any security group modifications or creation that CAPA does that's not specifically flagged below are acceptable for a brief disruption when modified
- This is valid as of CAPA 2.0.2. This may not work with new versions (e.g., the steps were different pre-2.x and it was easier to import even the VPC itself pre-2.x)
Importing CAPA Cluster (using BYO VPC):
- Make sure
AWSManagedControlPlane.spec.eksClusterNamematches the EKS cluster name - Optionally set
AWSManagedControlPlane.spec.network.securityGroupOverrides.controlplaneto match the security group you have on the EKS controlplane. If you have extra security groups I haven't been able to figure out how to import those into CAPA but they stay attached to the EKS cluster and are just ignored by CAPA - Set the VPC information according to the BYO VPC specs https://cluster-api-aws.sigs.k8s.io/topics/bring-your-own-aws-infrastructure.html#configur