Gitlab.com premium - integrating EKS with Gitlab Kubernetes Agent - agent can't reach wss address

I’m trying to use gitlab ci to deploy applications from individual projects in our account to a new EKS cluster.

We use gitlab.com, and I am able to get through the process including installing the gitlab-kubernetes-agent into the cluster. However, when I check the logs of the running pod of the agent, I get the error:

{“level”:“error”,“time”:“2021-10-01T16:30:39.686Z”,“msg”:“Error handling a connection”,“mod_name”:“reverse_tunnel”,“error”:“Connect(): rpc error: code = Unavailable desc = connection error: desc = “transport: Error while dialing failed to WebSocket dial: failed to send handshake request: Get \“https://kas.gitlab.com/\”: dial tcp: i/o timeout””}

I found an error about not having a trailing slash on wss://kas.gitlab.com/ - and at first I didn’t have that but I corrected it, and I used this to install that agent:

docker run --pull=always --rm registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate --agent-token=AGENT_TOKEN --kas-address=wss://kas.gitlab.com/ --agent-version=stable --namespace gitlab-kubernetes-agent | kubectl apply -f

… and, as you can see the error message does include the trailing slash as well.

So - I am unsure about why the agent is unable to make this connection. The security group on these nodes allows full outbound internet access.