I had the same issue, and what solved this for me was installing the AWS EKS Pod Identity Agent as an Add-on in the cluster.

I basically followed this guide, and after installing it, the VPC CNI pod immediately started working: https://docs.aws.amazon.com/eks/latest/userguide/pod-id-agent-setup.html

Is there any chance you had this add-on in the pre-production cluster, but not in the production one?