This message was deleted.
# general
s
This message was deleted.
b
hey Till, you're using Go right? you need to create a `provider`: https://www.pulumi.com/docs/reference/pkg/kubernetes/provider/ and then pass that provider to your resources resource options: https://github.com/pulumi/examples/blob/ca40203279f393c0c159dadcadc97c6007122997/aws-go-eks/main.go#L158
q
Thanks for the quick response! This seems to make sense, but im using the eks library from
<http://github.com/pulumi/pulumi-eks/sdk/go/eks|github.com/pulumi/pulumi-eks/sdk/go/eks>
in comparison to
<http://github.com/pulumi/pulumi-aws/sdk/v4/go/aws/eks|github.com/pulumi/pulumi-aws/sdk/v4/go/aws/eks>
as you linked in the example. Im kinda wondering here whats the difference between them since both expose somewhat comparable methods (for example .newCluster()), but also dont seem to be interchangable.
b
EKS is a component, or a convenience wrapper around the AWS libraries. It does expose a kubeconfig which can be passed to a kubernetes provider https://github.com/pulumi/pulumi-eks/blob/master/examples/cluster-go/main.go#L28
q
Thats how I initially thought of it too, but the type conversion doesnt seem very intuitive. How would you approach that?
b
you do need to create the provider using an apply unfortunately https://github.com/pulumi/pulumi-eks/blob/master/examples/aws-go-eks-helloworld/main.go#L23
oh sorry, it actually has a
cluster.Provider
object now!
q
That seems to have done the trick! Thank you so much! Another question I was wondering earlier about: do you happen to know if there is a way to configure a manifest for a eks-cluster in the declaration as you would manually do with
$ kubectl apply -f eks-console-full-access.yaml
(https://aws.amazon.com/de/premiumsupport/knowledge-center/eks-kubernetes-object-access-error/)?
b
ah this is the good old
aws-auth
configmap problem 🙂 this is handled by the rolemappings property: https://www.pulumi.com/docs/reference/pkg/eks/cluster/#rolemapping
q
Thats what I did, but that doesnt replace the
kubectl apply
right? Its just mapping and not creating the group configured in the .yaml or am I missing a crucial point here?
b
Ah, I see what you're saying - you're right, you'll need to create a clusterrole and clusterolebinding with the Kubernetes provider: https://www.pulumi.com/docs/reference/pkg/kubernetes/rbac/v1/clusterrole/ https://www.pulumi.com/docs/reference/pkg/kubernetes/rbac/v1/clusterrolebinding/
or, you can point directly at the YAML file with the
ConfigFile
resource: https://www.pulumi.com/docs/reference/pkg/kubernetes/yaml/configfile/
q
do you happen to have a code example for this? I dont think I completely got how that would look implemented