i have an EKS cluster version 1.30 running on which i have installed istio-base, istiod, istio-ingressgateway using terraform helm resource.I have not installed egress gateway. It is all fine untill i inject the istio envoy proxy to the application pods. At that time i am unable to reach public internet. Even nslookup fails. and yes on my VPC settings both Enable DNS hostnames and Enable DNS resolution are enabled. I am attaching errors below which i encountered for resolving an s3 bucket, as you can see the domain name is pointing to es.amazonaws in output.

i also have a basic alpine pod that installs certain packages in bootup(pod yaml below). this also crashes as the packages do not get instaled.

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: alpine
  name: alpine
spec:
  containers:
  - image: alpine
    name: alpine
    command: ["sh","-c","apk update && apk add aws-cli &&  apk add mysql-client && apk add openssh && sleep 365d" ]
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

how can i fix this issue, really appreciate the help.