https://pulumi.com logo
Powered by
d

dry-football-2639

10/04/2021, 2:26 PM
b

billowy-army-68599

10/04/2021, 3:01 PM
we saw this in one of our slack channels, hoping to respond shortly. The short answer is: we solved this already in the pulumi-eks package (part of crosswalk)
w

worried-city-86458

10/04/2021, 5:54 PM
You need to wait for the api server to be healthy, then create the aws auth config map before creating any node groups.
Also, are you asking about an iam role to assume before creating the eks cluster, given such an iam role would implicitly have admin access, or another iam role that you're also mapping to k8s rbac? I would definitely look at using pulumi eks or using it for guidance. I don't use it myself and have done exactly what you're asking. What language are you using? If dotnet/c# then I can point you at some code fwiw...
d

dry-football-2639

10/05/2021, 9:45 AM
@billowy-army-68599 Thx so much. Yeah, we started looking at the new eks package today, but are now thinking about the implication of the migration. We are currently using the 
@pulumi/aws
package, but I guess it's old and we should prefer the 
@pulumi/eks
one. @worried-city-86458 Thats a great suggestion, thanks so much. I will try it out - maybe that'll work. We are attaching our custom admin role ARN to the 
aws-auth
, which can be assumed by our SREs. We use TS.
4 Views
Powered by