diff --git a/cluster/manifests/ingress-controller/01-rbac.yaml b/cluster/manifests/ingress-controller/01-rbac.yaml
index 8b68079ca6..df3fc2c558 100644
--- a/cluster/manifests/ingress-controller/01-rbac.yaml
+++ b/cluster/manifests/ingress-controller/01-rbac.yaml
@@ -45,6 +45,15 @@ rules:
   verbs:
   - patch
   - update
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - pods/status
+  verbs:
+  - get
+  - list
+  - watch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
diff --git a/cluster/manifests/ingress-controller/deployment.yaml b/cluster/manifests/ingress-controller/deployment.yaml
index e01da01a94..43dd3a62f6 100644
--- a/cluster/manifests/ingress-controller/deployment.yaml
+++ b/cluster/manifests/ingress-controller/deployment.yaml
@@ -8,7 +8,7 @@ metadata:
   namespace: kube-system
   labels:
     application: kube-ingress-aws-controller
-    version: "{{ $version }}"
+    version: pr-752-7
 spec:
   replicas: 1
   selector:
@@ -18,7 +18,7 @@ spec:
     metadata:
       labels:
         application: kube-ingress-aws-controller
-        version: "{{ $version }}"
+        version: pr-752-7
       annotations:
         kubernetes-log-watcher/scalyr-parser: |
           [{"container": "controller", "parser": "keyValue"}]
@@ -35,9 +35,12 @@ spec:
       serviceAccountName: kube-ingress-aws-controller
       containers:
         - name: controller
-          image: "{{ $image }}"
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/staging_namespace/teapot/kube-ingress-aws-controller-test-eks:pr-752-7
           args:
-            - --target-access-mode=HostPort
+            - --ip-addr-type=dualstack
+            - --target-access-mode=AWSCNI
+            - --target-cni-namespace=kube-system
+            - --target-cni-pod-labelselector=application=skipper-ingress,component=ingress
             - --stack-termination-protection
             - --ssl-policy={{ .Cluster.ConfigItems.kube_aws_ingress_controller_ssl_policy }}
             - --idle-connection-timeout={{ .Cluster.ConfigItems.kube_aws_ingress_controller_idle_timeout }}
diff --git a/cluster/manifests/skipper/deployment.yaml b/cluster/manifests/skipper/deployment.yaml
index f3b9376d64..ede3644068 100644
--- a/cluster/manifests/skipper/deployment.yaml
+++ b/cluster/manifests/skipper/deployment.yaml
@@ -96,7 +96,6 @@ spec:
       serviceAccountName: skipper-ingress
       terminationGracePeriodSeconds: {{ .Cluster.ConfigItems.skipper_termination_grace_period }}
       dnsPolicy: ClusterFirstWithHostNet
-      hostNetwork: true
       containers:
       - name: skipper-ingress
         image: "{{ .image }}"
@@ -104,12 +103,10 @@ spec:
         ports:
         - name: ingress-port
           containerPort: 9999
-          hostPort: 9999
           protocol: TCP
 {{ if or (eq .Cluster.ConfigItems.nlb_switch "pre") (eq .Cluster.ConfigItems.nlb_switch "exec") }}
         - name: http-redirect
           containerPort: 9998
-          hostPort: 9998
           protocol: TCP
 {{ end }}
         env: