diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index d35c6ac3..438725d5 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -77,7 +77,7 @@ jobs:
       run: |
         export NAME=cdk-${GITHUB_SHA:0:6}-$(date +%s)
         echo "NAME=$NAME" >> $GITHUB_ENV
-        ./util.py generate_config_template --name $NAME --aws-region=$AWS_REGION --aws-account-id=$AWS_ACCOUNT_ID --dev --platform-nodegroups 2 --registry-username $REGISTRY_USERNAME --registry-password $REGISTRY_PASSWORD --hostname $NAME.$BASE_DOMAIN --acm-cert-arn $ACM_CERT_ARN --disable-flow-logs > config.yaml
+        ./util.py generate_config_template --name $NAME --aws-region=$AWS_REGION --aws-account-id=$AWS_ACCOUNT_ID --dev --platform-nodegroups 2 --registry-username $REGISTRY_USERNAME --registry-password $REGISTRY_PASSWORD --hostname $NAME.$BASE_DOMAIN --acm-cert-arn $ACM_CERT_ARN --disable-flow-logs | tee config.yaml
         ./util.py load_config -f ./config.yaml
     - name: Test default config (single and nested stacks)
       env:
@@ -151,7 +151,7 @@ jobs:
       if: (contains(github.event.pull_request.labels.*.name, 'deploy-test') || github.ref == 'refs/heads/master')
       working-directory: ./convert/cloudformation-only
       run: |
-        echo "{\"region\":\"us-west-2\",\"tags\":{},\"suffix\":\"$NAME\"}" > terraform.tfvars.json
+        echo "{\"region\":\"us-west-2\",\"tags\":{},\"suffix\":\"$NAME\"}" | tee terraform.tfvars.json
         terraform init
         terraform plan -out=terraform.plan
         terraform apply -auto-approve terraform.plan
@@ -177,11 +177,12 @@ jobs:
         ssh-keygen -t rsa -f dummy.pem -N ''
 
         export DEPLOY_ID="$NAME"
-        export MOD_VERSION="v3.0.8"
+        export MOD_VERSION="v3.0.11"
+
 
         envsubst < config.tpl | tee config.yaml
         ./convert.py check-requirements
-        ./convert.py print-stack --verbose --yaml > stack-data.yaml
+        ./convert.py print-stack --verbose --yaml >stack-data.yaml
         ./convert.py setup-tf-modules
         ./convert.py create-tfvars --ssh-key-path ./dummy.pem
         ./convert.py set-imports
diff --git a/convert/README.md b/convert/README.md
index 339832c9..cd88e403 100644
--- a/convert/README.md
+++ b/convert/README.md
@@ -70,11 +70,11 @@ Set `AWS_REGION`, `DEPLOY_ID` and `MOD_VERSION` environment variables with appro
 
 * `AWS_REGION`  AWS region for the CloudFormation stack.
 * `DEPLOY_ID` : Name of the main CloudFormation stack.
-* `MOD_VERSION`: Release tag for [terraform-aws-eks](https://github.com/dominodatalab/terraform-aws-eks/releases) in the form `vX.Y.Z` (using `v3.0.0` as an example).
+* `MOD_VERSION`: :warning: Use version `v3.0.11` or higher. Release tag for [terraform-aws-eks](https://github.com/dominodatalab/terraform-aws-eks/releases) in the form `vX.Y.Z` (using `v3.0.11` as an example).
 
 Command:
 
-    export AWS_REGION='us-east-1' DEPLOY_ID='my-main-stack-name' MOD_VERSION='v3.0.0'
+    export AWS_REGION='us-east-1' DEPLOY_ID='my-main-stack-name' MOD_VERSION='v3.0.11'
 
 
 ### Set Config values
@@ -171,7 +171,7 @@ v1beta1.metrics.k8s.io - True (Passed)
 ```
 
 If either are `False`, make sure the corresponding `prometheus-adapter` and `metrics-server` pods are up and running.
-If it's not possible get them running, take a backup, delete the `apiservice` objects and then proceed with the infrastructure changes. 
+If it's not possible get them running, take a backup, delete the `apiservice` objects and then proceed with the infrastructure changes.
 
 ```
 kubectl get apiservice v1beta1.external.metrics.k8s.io -oyaml > v1beta1.external.metrics.k8s.io.yml
diff --git a/convert/lib/convert.py b/convert/lib/convert.py
index 2859efcc..3ff7f03c 100755
--- a/convert/lib/convert.py
+++ b/convert/lib/convert.py
@@ -568,10 +568,14 @@ def get_subnet_ids(subnet_type: str, prefix: str = "VPC"):
         eks_cluster_result = self.eks.describe_cluster(name=self.cdkconfig["name"])
         eks_k8s_version = eks_cluster_result["cluster"]["version"]
         eks_cluster_auto_sg = eks_cluster_result["cluster"]["resourcesVpcConfig"]["clusterSecurityGroupId"]
+        k8s_service_ipv4_cidr = eks_cluster_result["cluster"]["kubernetesNetworkConfig"]["serviceIpv4Cidr"]
 
         route53_hosted_zone_name = None
+        route53_hosted_zone_private = False
         if r53_zone_ids := self.cdkconfig["route53"]["zone_ids"]:
-            route53_hosted_zone_name = self.r53.get_hosted_zone(Id=r53_zone_ids[0])["HostedZone"]["Name"]
+            hosted_zone = self.r53.get_hosted_zone(Id=r53_zone_ids[0])["HostedZone"]
+            route53_hosted_zone_name = hosted_zone["Name"]
+            route53_hosted_zone_private = hosted_zone["Config"]["PrivateZone"]
 
         subnet_result = self.ec2.describe_subnets(SubnetIds=get_subnet_ids("Private"))
         az_zone_ids = [s["AvailabilityZoneId"] for s in subnet_result["Subnets"]]
@@ -592,6 +596,7 @@ def get_subnet_ids(subnet_type: str, prefix: str = "VPC"):
         }
 
         eks = {
+            "service_ipv4_cidr": k8s_service_ipv4_cidr,
             "k8s_version": eks_k8s_version,
             "public_access": {
                 "enabled": eks_cluster_result["cluster"]["resourcesVpcConfig"]["endpointPublicAccess"],
@@ -650,6 +655,7 @@ def get_subnet_ids(subnet_type: str, prefix: str = "VPC"):
                 "enabled": False,
             },
             "route53_hosted_zone_name": route53_hosted_zone_name,
+            "route53_hosted_zone_private": route53_hosted_zone_private,
             "bastion": {
                 "enabled": eks_cluster_result["cluster"]["resourcesVpcConfig"]["endpointPrivateAccess"],
             },