No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

What is the preferred way to make sure Pulumi can validate the existence of a new EKS cluster and keep the EKS API endpoint private?

Hi,

Not sure what you mean. But I think you are asking how can you ensure that Pulumi succeeded without exposing the cluster URL?

Yes, that's what I meant. Clearly haven't had enough :coffee: yet.

if you are on TypeScript then you can do something like:


```export const clusterId = myCluster.Id;```

``` // Create an EKS cluster
const cluster = new eks.Cluster(
  "cluster",
  {
   ...
  },
  {
    customTimeouts: { create: "30m", delete: "30m", update: "30m" }
  }
);
export const kubeconfig = pulumi.secret(cluster.kubeconfig);```

it’ll outputs:

```Outputs:
    kubeconfig: "[secret]"```
then when you need to use it for kubectl

```pulumi stack output --show-secrets kubeconfig > ~/.kube/config```