diff --git a/latest/ug/networking/security-groups-for-pods.adoc b/latest/ug/networking/security-groups-for-pods.adoc index 91feaa749..38838a0ff 100644 --- a/latest/ug/networking/security-groups-for-pods.adoc +++ b/latest/ug/networking/security-groups-for-pods.adoc @@ -35,7 +35,7 @@ Before deploying security groups for Pods, consider the following limitations an -* Security groups for Pods can't be used with Windows nodes. +* Security groups for Pods can't be used with Windows nodes or EKS Auto Mode. * Security groups for Pods can be used with clusters configured for the `IPv6` family that contain Amazon EC2 nodes by using version 1.16.0 or later of the Amazon VPC CNI plugin. You can use security groups for Pods with clusters configure `IPv6` family that contain only Fargate nodes by using version 1.7.7 or later of the Amazon VPC CNI plugin. For more information, see <> * Security groups for Pods are supported by most link:AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances[Nitro-based,type="documentation"] Amazon EC2 instance families, though not by all generations of a family. For example, the `m5`, `c5`, `r5`, `m6g`, `c6g`, and `r6g` instance family and generations are supported. No instance types in the `t` family are supported. For a complete list of supported instance types, see the https://github.com/aws/amazon-vpc-resource-controller-k8s/blob/v1.5.0/pkg/aws/vpc/limits.go[limits.go] file on GitHub. Your nodes must be one of the listed instance types that have `IsTrunkingCompatible: true` in that file. * If you're using custom networking and security groups for Pods together, the security group specified by security groups for Pods is used instead of the security group specified in the `ENIConfig`.