https://pulumi.com logo
#aws
Title
# aws
f

flat-insurance-25294

01/13/2020, 7:51 AM
@white-balloon-205 Is there any guide of setting up a bastion(s)/jump host(s) for accessing EKS with workers in private subnets over several that’s accessible by iAM users in a certain group but also for accessing kubectl? Right now we’re doing public control plane but want to get away from that. Is
UserLoginProfileArgs.pgpKey
the ssh key?
w

white-balloon-205

01/13/2020, 5:24 PM
Not sure there’s a guide on this specifically - but I have talked to at least one user who did set this up. Note that if you do this - you will have to do the Pulumi deployment from an environment that can reach the endpoint - so either run the Pulumi deployment from the bastion host, or vpn into the private network from the deployment environment.
f

flat-insurance-25294

01/13/2020, 9:05 PM
Yeah the CI would have to setup a proxy tunnel
👍 1
4 Views