diff --git a/examples/from-private-vpc/main.tf b/examples/from-private-vpc/main.tf
index 4605fa7..c2d21be 100644
--- a/examples/from-private-vpc/main.tf
+++ b/examples/from-private-vpc/main.tf
@@ -55,6 +55,68 @@ module "eks" {
 
 }
 
+
+################################################################################
+# Install EKS ADD-ONs with necessary IAM resources
+# (ebs-csi, vpc-cni, core-dns, proxy)
+################################################################################
+
+module "vpc_cni_ipv4_irsa_role" {
+  source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
+  version = "5.17.0"
+
+  role_name             = "${var.cluster_name}-vpc-cni"
+  attach_vpc_cni_policy = true
+  vpc_cni_enable_ipv4   = true
+  vpc_cni_enable_ipv6   = true
+
+  oidc_providers = {
+    ex = {
+      provider_arn               = module.eks.oidc_provider_arn
+      namespace_service_accounts = ["kube-system:aws-node"]
+    }
+  }
+
+}
+
+data "aws_eks_addon_version" "vpc-cni" {
+  addon_name         = "vpc-cni"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "kube-proxy" {
+  addon_name         = "kube-proxy"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "core-dns" {
+  addon_name         = "coredns"
+  kubernetes_version = var.cluster_version
+}
+
+resource "aws_eks_addon" "vpc-cni" {
+  cluster_name      = data.aws_eks_cluster.this.id
+  addon_name        = "vpc-cni"
+  addon_version     = data.aws_eks_addon_version.vpc-cni.version
+  resolve_conflicts = "OVERWRITE"
+
+  service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
+}
+
+resource "aws_eks_addon" "core-dns" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "coredns"
+  addon_version     = data.aws_eks_addon_version.core-dns.version
+  resolve_conflicts = "OVERWRITE"
+}
+
+resource "aws_eks_addon" "kube-proxy" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "kube-proxy"
+  addon_version     = data.aws_eks_addon_version.kube-proxy.version
+  resolve_conflicts = "OVERWRITE"
+}
+
 ################################################################################
 # Create aws-auth configmap
 # (the eks module recently removed their support for aws-auth management (>=18))
diff --git a/examples/from-scratch-with-private-link/main.tf b/examples/from-scratch-with-private-link/main.tf
index f006fcb..45f203d 100644
--- a/examples/from-scratch-with-private-link/main.tf
+++ b/examples/from-scratch-with-private-link/main.tf
@@ -180,6 +180,68 @@ module "eks" {
 
 }
 
+
+################################################################################
+# Install EKS ADD-ONs with necessary IAM resources
+# (ebs-csi, vpc-cni, core-dns, proxy)
+################################################################################
+
+module "vpc_cni_ipv4_irsa_role" {
+  source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
+  version = "5.17.0"
+
+  role_name             = "${var.cluster_name}-vpc-cni"
+  attach_vpc_cni_policy = true
+  vpc_cni_enable_ipv4   = true
+  vpc_cni_enable_ipv6   = true
+
+  oidc_providers = {
+    ex = {
+      provider_arn               = module.eks.oidc_provider_arn
+      namespace_service_accounts = ["kube-system:aws-node"]
+    }
+  }
+
+}
+
+data "aws_eks_addon_version" "vpc-cni" {
+  addon_name         = "vpc-cni"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "kube-proxy" {
+  addon_name         = "kube-proxy"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "core-dns" {
+  addon_name         = "coredns"
+  kubernetes_version = var.cluster_version
+}
+
+resource "aws_eks_addon" "vpc-cni" {
+  cluster_name      = data.aws_eks_cluster.this.id
+  addon_name        = "vpc-cni"
+  addon_version     = data.aws_eks_addon_version.vpc-cni.version
+  resolve_conflicts = "OVERWRITE"
+
+  service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
+}
+
+resource "aws_eks_addon" "core-dns" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "coredns"
+  addon_version     = data.aws_eks_addon_version.core-dns.version
+  resolve_conflicts = "OVERWRITE"
+}
+
+resource "aws_eks_addon" "kube-proxy" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "kube-proxy"
+  addon_version     = data.aws_eks_addon_version.kube-proxy.version
+  resolve_conflicts = "OVERWRITE"
+}
+
 ################################################################################
 # Create aws-auth configmap
 # (the eks module recently removed their support for aws-auth management (>=18))
diff --git a/examples/from-scratch/main.tf b/examples/from-scratch/main.tf
index cefc9b7..066a8f9 100644
--- a/examples/from-scratch/main.tf
+++ b/examples/from-scratch/main.tf
@@ -194,6 +194,67 @@ module "ocean-controller" {
   cluster_identifier = module.eks.cluster_id
 }
 
+################################################################################
+# Install EKS ADD-ONs with necessary IAM resources
+# (ebs-csi, vpc-cni, core-dns, proxy)
+################################################################################
+
+module "vpc_cni_ipv4_irsa_role" {
+  source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
+  version = "5.17.0"
+
+  role_name             = "${var.cluster_name}-vpc-cni"
+  attach_vpc_cni_policy = true
+  vpc_cni_enable_ipv4   = true
+  vpc_cni_enable_ipv6   = true
+
+  oidc_providers = {
+    ex = {
+      provider_arn               = module.eks.oidc_provider_arn
+      namespace_service_accounts = ["kube-system:aws-node"]
+    }
+  }
+
+}
+
+data "aws_eks_addon_version" "vpc-cni" {
+  addon_name         = "vpc-cni"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "kube-proxy" {
+  addon_name         = "kube-proxy"
+  kubernetes_version = var.cluster_version
+}
+
+data "aws_eks_addon_version" "core-dns" {
+  addon_name         = "coredns"
+  kubernetes_version = var.cluster_version
+}
+
+resource "aws_eks_addon" "vpc-cni" {
+  cluster_name      = data.aws_eks_cluster.this.id
+  addon_name        = "vpc-cni"
+  addon_version     = data.aws_eks_addon_version.vpc-cni.version
+  resolve_conflicts = "OVERWRITE"
+
+  service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
+}
+
+resource "aws_eks_addon" "core-dns" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "coredns"
+  addon_version     = data.aws_eks_addon_version.core-dns.version
+  resolve_conflicts = "OVERWRITE"
+}
+
+resource "aws_eks_addon" "kube-proxy" {
+  cluster_name      = module.eks.cluster_id
+  addon_name        = "kube-proxy"
+  addon_version     = data.aws_eks_addon_version.kube-proxy.version
+  resolve_conflicts = "OVERWRITE"
+}
+
 ################################################################################
 # Import Ocean cluster into Ocean Spark
 ################################################################################