# aws


08/26/2020, 11:25 PM
👋 hello! New to pulumi. I have a couple questions: Q1. Is there an example that exposes a service running in Kubernetes (EKS) through an ALB with pulumi in Python? Doing the task (i.e. exposing an EKS service through an ALB) has a number of steps, including: 1. Create an identity provider and associate it to the cluster (this might already be done? see Q2) 2. Create an IAM role with a policy that (a) grants it permissions to manage ALBs, and (b) trusts the identity provider created in (1). 3. Create a ServiceAccount and ClusterRole in k8s and annotate it with the arn of the role in (2). 4. Create an ALB ingress controller with the role created in (3). 5. Create an actual Ingress for the service! Seems like a lot of moving parts. Before I spend hours miserably trying to do it, I wanted to see if there’s prior art. I think steps 3-5 are easy (just k8s config). But steps 1-2 (esp. step 1) may not be as easy? Any pointers very much appreciated!


08/27/2020, 3:32 PM
Not sure about example, but yes that is the process. You could prolly get around number 5
Create an actual ingress for the service!
by using istio or traefik, nginx. But again, you still need to update the config for those services to know which service to route the traffic to.