Update the EKS section to reflect the new endpoints Amazon exposed

content/en/containers/kubernetes/control_plane.md

@@ -317,7 +317,19 @@ scheduler:
 
 ## Kubernetes on Amazon EKS {#EKS}
 
-On Amazon Elastic Kubernetes Service (EKS), [API server metrics are exposed][5]. This allows the Datadog Agent to obtain API server metrics using endpoint checks as described in the [Kubernetes API server metrics check documentation][1]. To configure the check, add the following annotations to the `default/kubernetes` service:
+Amazon Elastic Kubernetes Service (EKS) supports monitoring all control plane components using cluster checks. 
+
+### Prerequisites
+- An EKS Cluster running on Kubernetes version >= 1.28
+- Deploy the Agent using one of:
+  - Helm chart version >= `3.90.1`
+  - Datadog Operator >= `v1.13.0`
+- Enable the Datadog [Cluster Agent][6]
+
+{{< tabs >}}
+{{% tab "Datadog Operator" %}}
+
+Add the following annotations. Operator installations are limited to API Server [metrics][1]. For support for `kube_controller_manager` and `kube_scheduler` metrics, use the Helm install.
 
 ```yaml
 annotations:
@@ -327,8 +339,28 @@ annotations:
     '[{ "prometheus_url": "https://%%host%%:%%port%%/metrics", "bearer_token_auth": "true" }]'
 ```
 
-Other control plane components are not exposed in EKS and cannot be monitored.
+[1]: https://aws.github.io/aws-eks-best-practices/reliability/docs/controlplane/#monitor-control-plane-metrics
+{{% /tab %}}
+{{% tab "Helm" %}}
+
+Add the following annotations to the `default/kubernetes` service:
+
+```yaml
+annotations:
+  ad.datadoghq.com/endpoints.check_names: '["kube_apiserver_metrics"]'
+  ad.datadoghq.com/endpoints.init_configs: '[{}]'
+  ad.datadoghq.com/endpoints.instances:
+    '[{ "prometheus_url": "https://%%host%%:%%port%%/metrics", "bearer_token_auth": "true" }]'
+  ad.datadoghq.com/service.check_names: '["kube_controller_manager","kube_scheduler"]'
+  ad.datadoghq.com/service.init_configs: '[{},{}]'
+  ad.datadoghq.com/service.instances: '[{"prometheus_url":"https://%%host%%:%%port%%/apis/metrics.eks.amazonaws.com/v1/kcm/container/metrics","extra_headers":{"accept":"*/*"},"tls_ignore_warning":"true","tls_verify":"false","bearer_token_auth":"true"},{"prometheus_url":"https://%%host%%:%%port%%/apis/metrics.eks.amazonaws.com/v1/ksh/container/metrics","extra_headers":{"accept":"*/*"},"tls_ignore_warning":"true","tls_verify":"false","bearer_token_auth":"true"}]'
+```
+{{% /tab %}}
+{{< /tabs >}}
 
+**Notes:**
+- Amazon exposes `kube_controller_manager` and `kube_scheduler` metrics under the [`metrics.eks.amazonaws.com`][11] API Group. 
+- The addition of `"extra_headers":{"accept":"*/*"}` prevents `HTTP 406` errors when querying the EKS metrics API.
 
 ## Kubernetes on OpenShift 4 {#OpenShift4}
 
@@ -1037,3 +1069,4 @@ On other managed services, such as Azure Kubernetes Service (AKS) and Google Kub
 [8]: https://docs.datadoghq.com/agent/cluster_agent/endpointschecks/
 [9]: https://rancher.com/docs/rancher/v2.0-v2.4/en/cluster-admin/nodes
 [10]: https://github.com/DataDog/helm-charts/blob/main/examples/datadog/agent_on_rancher_values.yaml
+[11]: https://docs.aws.amazon.com/eks/latest/userguide/view-raw-metrics.html