No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<@UB3BGTV63> Is there any guide of setting up a bastion(s)/jump host(s) for accessing EKS with workers in private subnets over several that’s accessible by iAM users in a certain group but also for accessing kubectl? Right now we’re doing public control plane but want to get away from that.

Is `UserLoginProfileArgs.pgpKey`  the ssh key?

Not sure there’s a guide on this specifically - but I have talked to at least one user who did set this up. 

Note that if you do this - you will have to do the Pulumi deployment from an environment that can reach the endpoint - so either run the Pulumi deployment from the bastion host, or vpn into the private network from the deployment environment. 

Yeah the CI would have to setup a proxy tunnel