busy-umbrella-36067
06/26/2019, 9:12 PM@pulumi/eks/Cluster
with multiple people and IAM creds?
If one of us creates the cluster, others can’t even refresh the stack since some K8S resources are created with a provider that doesn’t give them access. (no assume role inside of the aws-iam-authenticator
section
We can create a new provider with the necessary changes to deploy things on top of the cluster but there are still resources created by the @pulumi/eks/Cluster
class (configmaps, rbac, dashboard) which use the default provider
This is blocking us from having multiple people work with the same stack.white-balloon-205
busy-umbrella-36067
06/27/2019, 12:56 AMroleMappings
but the default kubeconfig generated for the provider doesn’t inject it.
https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cluster.ts#L192busy-umbrella-36067
06/27/2019, 12:58 AMUnauthorized
when pulumi tries to refresh resources that are deployed using the cluster providerbusy-umbrella-36067
06/27/2019, 1:03 AM