Update security-groups-for-pods.md

[joebowbeer]

Issue #, if available:

Fixes #557

Description of changes:

Improve guidance for terminationGracePeriodSeconds

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[abhipth]

lgtm! This limitation is fixed with v1.10.3 onward with this PR. Would appreciate if you could add this information as well. Thanks

[jimdial-aws]

Thank you for the contribution.

[joebowbeer]

@abhipth Thanks for update. I'm sorry I didn't see it in time to update the PR:

Pods using security groups must not have terminationGracePeriodSeconds set to 0 in their pod spec. (The default value is 30.) This is because the Amazon EKS VPC CNI plugin [prior to v1.10.3] queries the API server to retrieve the pod IP address before deleting the pod network on the host. Without this setting, the plugin doesn't remove the pod network on the host.

In time, the entire paragraph can be deleted.

[jimdial-aws]

No worries, I'll add the text about the version. I'm also going to modify that sentence altogether, after speaking with the engineers. Thanks again.