No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

yes it can! does `kubectl` currently work?

Could it be that its trying to authenticate using the default aws profile? To get the kubeconfig I have to use a different profile with an assume role.

does your kubeconfig have a reference to the AWS authentictor?

It doesnt..
```apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: **********************=
    server: https://**************.<http://sk1.us-west-2.eks.amazonaws.com|sk1.us-west-2.eks.amazonaws.com>
  name: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
contexts:
- context:
    cluster: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
    user: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
  name: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
current-context: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
kind: Config
preferences: {}
users:
- name: arn:aws:eks:us-west-2:******:cluster/dev-default-cluster
  user:
    exec:
      apiVersion: <http://client.authentication.k8s.io/v1alpha1|client.authentication.k8s.io/v1alpha1>
      args:
      - --region
      - us-west-2
      - eks
      - get-token
      - --cluster-name
      - dev-default-cluster
      command: aws
      env:
      - name: AWS_PROFILE
        value: n-eks```
I just ran `aws eks update-kubeconfig` to get the config

Thanks <@UCWG26BH7> That was it. My kubeconfig was leveraging the `aws eks get-token` rather than `aws-iam-authenticator`

Glad you got it fixed! Looking forward to hearing about your Pulumi experience!