No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I have some questions about <https://blog.pulumi.com/simplify-kubernetes-rbac-in-amazon-eks-with-open-source-pulumi-packages> (although these might be more AWS questions than Pulumi-specific ones).

1) Is there something special about the number in the `Principal` snippet? Or will any number do?

```
"Principal": {
                  "AWS": "arn:aws:iam::153052954103:root"
                },
```

2) Is it possible to map the cluster admin role to an AWS IAM Group instead of just an IAM role?

1) The number is your AWS account number.
2) I'm not 100% sure, but I believe no, that's not possible and is an AWS restriction.

1) Principal element is used to specify the IAM user, federated user, IAM role, AWS account, AWS service, or other principal entity that is allowed or denied access to an AWS resource. 2) Should be possible but I am testing this to be certain iam-authenticator has the improvements that were WIP when I left AWS.