https://pulumi.com logo
#general
Title
# general
b

big-angle-30002

01/12/2024, 2:59 PM
hi folks! Currently I have an aws lambda with docker image to run the pulumi program with which I create an aws cluster and kubernetes service. my kubeconfig is built by adding some aws keys
Copy code
"command": "aws",
                        "args": [
                            "eks",
                            "get-token",
                            "--cluster-name",
                            cluster.name,
                            "--region",
                            region,
                            "--output",
                            "json"
                            ],
                            "env": [
                                {
                                    "name": "AWS_ACCESS_KEY_ID",
                                    "value": "XXXXXXX"
                                },
                                {
                                    "name": "AWS_SECRET_ACCESS_KEY",
                                    "value": "XXXXXXXXX"
                                }
                            ]
Instead of using the aws keys I want to use a role
Copy code
"args": [
                            "eks",
                            "get-token",
                            "--cluster-name",
                            cluster.name,
                            "--region",
                            region,
                            "--role",
                            role_arn,
                            "--output",
                            "json"
                            ],
but an error occurs, I emphasize that I have given the role administrative privileges for these tests [PULUMI LOG] error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get "https://EB5CF32E90F564339E329B6399F46E53.gr7.us-east-1.eks.amazonaws.com/openapi/v2?timeout=32s": getting credentials: exec: executable aws failed with exit code 252 I don't quite understand how authentication with a role account should be in these cases