No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I haven’t used `kube2iam` myself before - but I believe:
1. That parameter isn’t required, it’s just a convenience so you don’t have to repeat the whole ARN on every pod
2. Assuming all the roles you will be applying to pods are from the same account, you can construct the base arn just knowing the account number (which can also be looked up via `aws.iam.getCallerIdentity()`)
3.  The actual roles you want to assign will need to be created separately from what `@pulumi/EKS` provides. The roles you create will be based on specific needs of your application code, not general needs of the cluster. You can of course create these using `aws.iam.Role` and integrate this with your Pulumi deployment of the cluster for easy management. 