Track inter-AZ and NAT gateway traffic with EKS Container Network Observability

This article explains how to use Amazon EKS Container Network Observability to identify and reduce network costs from inter-AZ traffic and NAT gateway processing charges.

• Enable Container Network Observability in EKS clusters running Kubernetes 1.35+ via the console
• Use Network Flow Monitor to track pod-level traffic across AWS services, cluster, and external destinations
• Identify inter-AZ traffic ($0.01/GB per direction) using Cluster view filtered by Local/Remote AZ
• Apply Kubernetes Traffic Distribution Control with PreferSameZone to route traffic locally
• Identify NAT gateway traffic ($0.045/GB) in External view for workloads accessing public endpoints
• Reduce NAT costs by implementing VPC endpoints for AWS services or private connectivity for SaaS
• Query Network Flow Monitor data via AWS CLI or automate analysis using AI agents with Bedrock
• Example code demonstrates using Strands-Agents framework to automatically surface top traffic contributors

Container Network Observability provides visibility into network spending patterns, enabling teams to optimize costs while maintaining high availability and security requirements.