Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
f
flat-insurance-25294
01/13/2020, 7:51 AM@white-balloon-205 Is there any guide of setting up a bastion(s)/jump host(s) for accessing EKS with workers in private subnets over several that’s accessible by iAM users in a certain group but also for accessing kubectl? Right now we’re doing public control plane but want to get away from that.
Is
UserLoginProfileArgs.pgpKeyw
white-balloon-205
01/13/2020, 5:24 PMNot sure there’s a guide on this specifically - but I have talked to at least one user who did set this up.
Note that if you do this - you will have to do the Pulumi deployment from an environment that can reach the endpoint - so either run the Pulumi deployment from the bastion host, or vpn into the private network from the deployment environment.
f
flat-insurance-25294
01/13/2020, 9:05 PMYeah the CI would have to setup a proxy tunnel
👍 1