No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I believe it is indeed assuming the role-- I can see the lastactivity on the role updating as I kubectl.

however, some kubectl actions fail in the cluster with this error message: error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials

oddly, if I change my aws config via ~/.aws/credentials to that of the cluster creator, these errors will go away..