steep-toddler-94095
07/23/2021, 12:29 AMpulumi up
failed when trying to create kubernetes objects afterward, as part of the same stack. How can I access the EKS cluster I just created?bored-table-20691
07/23/2021, 12:32 AMProfileArn
flag?steep-toddler-94095
07/23/2021, 12:32 AMroleArn
in my Pulumi stack config filebored-table-20691
07/23/2021, 12:34 AMProviderCredentialOpts: eks.KubeconfigOptionsArgs{
ProfileName: pulumi.Sprintf("ssa-%s", awsCfg.Require("region")),
},
steep-toddler-94095
07/23/2021, 12:35 AMbored-table-20691
07/23/2021, 12:36 AMsteep-toddler-94095
07/23/2021, 12:46 AMbored-table-20691
07/23/2021, 12:48 AMsteep-toddler-94095
07/23/2021, 12:48 AMbored-table-20691
07/23/2021, 12:48 AMaws eks get-token
and that invocation is very limited, it can basically either use a profile or a role ARNRoleArn
when you create the clustersteep-toddler-94095
07/23/2021, 12:57 AMbored-table-20691
07/23/2021, 12:58 AMkubeconfig
probably looks different than the one Pulumi is generatingsteep-toddler-94095
07/23/2021, 1:07 AM~/.kube/config
. I manually edited the aws-auth
configmap to have my IAM ARN (from a different account) and it appears to be working now.
I guess I don't totally understand what you mean by
So you can specifywhere would this be specified? in the pulumi stack config or the eks cluster parameters?when you create the clusterRoleArn
bored-table-20691
07/23/2021, 1:11 AMsteep-toddler-94095
07/23/2021, 1:15 AMroleArn
input parameter in https://www.pulumi.com/docs/reference/pkg/eks/cluster/bored-table-20691
07/23/2021, 1:16 AMsteep-toddler-94095
07/23/2021, 1:17 AMbored-table-20691
07/23/2021, 1:18 AMsteep-toddler-94095
07/23/2021, 1:19 AMbored-table-20691
07/23/2021, 1:55 AMbillowy-army-68599
07/23/2021, 4:49 AMbored-table-20691
07/23/2021, 5:15 AM