No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I've trying to assume a role when accessing my eks cluster with kubectl. In my kubeconfig, under the user: section, I've got aws eks get-token --cluster-name --role &lt;myrolearn&gt;... I'm expecting for this for the get-token call to be run prior to my kubectl call and used in my kubectl call and thus ignoring whatever aws config i've got setup via ~/.aws/credentials. Am I understanding this correctly?

I believe it is indeed assuming the role-- I can see the lastactivity on the role updating as I kubectl.

however, some kubectl actions fail in the cluster with this error message: error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials

oddly, if I change my aws config via ~/.aws/credentials to that of the cluster creator, these errors will go away..