https://pulumi.com logo
Powered by
t

thankful-optician-22583

12/12/2019, 8:03 PM
Now should this be automatic? Because the roles are attached to the pod/worker node there is no aws_credentials etc. so this would mean that Pulumi will not be able to view the ./aws/ folder for configs
a

astonishing-cartoon-37000

12/12/2019, 8:38 PM
not 100% sure if this is what you want. But we explicitly state what gets what provider in aws using https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/#Provider
here is an example that should help. They actually get the roleArn from a different stack which you may or may not need. https://github.com/pulumi/examples/blob/master/aws-ts-assume-role/assume-role/index.ts
essentially make a provider, pass it to things that you want to have explicitly use that provider
also you don't have to have a 
./aws/credentials
file you can simply export
Copy code
export AWS_ACCESS_KEY_ID=blahblah
export AWS_SECRET_ACCESS_KEY=alsdfalsdf
t

thankful-optician-22583

12/12/2019, 10:58 PM
thanks @astonishing-cartoon-37000 So the mandate was no Access Key or Secret Key. To just use the role provided by the Service Account. I will look into the examples you gave thanks 🙂
Powered by