https://pulumi.com logo
#general
Title
# general
o

orange-tailor-85423

08/08/2019, 10:33 PM
Anybody else tackled roleMappings for EKS clusters and passing in dynamically retrieved objects such as roleARNs? Right now I’m passing them from an iam stack as outputs then retrieved for roleMappings via
.getOutput('roles').apply(etc etc)
. But part of me also wants the roleMappings to be a config block that passes into the cluster creation. How are most of y’all doing this?
b

breezy-hamburger-69619

08/08/2019, 10:43 PM
You’re approach is valid and is the proper decoupling with regards to how you’re splitting your stacks. I can see an argument for the user to provide this entire
roleMappings
config block, but
pulumi/eks
would also need the user to pass in the
instanceRole
mapping in the
roleMappings
as well, as it currently handles that: https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cluster.ts#L268-L323 - specifically Line 315. If this
roleMappings
is supplied, I believe
pulumi/eks
would at best load it to parse and validate that its valid YAML, as trying to validate anything further like if users and roles are properly configured in it, can be a bit of a guessing game. This would put the onus on the user to make sure it is complete and correct.
o

orange-tailor-85423

08/19/2019, 7:57 PM
thanks Mike - sorry for the slow feedback