Hello all, is there a way to create an eks.Cluster without it setting up an Access Entry for your current profile?

Hey, are you referring to the

pulumi-eks

provider or

pulumi-aws

? For

pulumi-aws

you can set that setting using this property: https://www.pulumi.com/registry/packages/aws/api-docs/eks/cluster/#bootstrapclustercreatoradminpermissions_nodejs

pulumi-eks

currently doesn't expose that setting because it makes several assumptions that it has access to the cluster. If you're interested in this feature, please open an issue here. As a workaround you could use the

transforms

resource option to override that setting yourself: https://www.pulumi.com/docs/iac/concepts/options/transforms/

@quick-house-41860 I was talking about pulumi-eks, yes. I switched to that from the regular AWS provider's EKS cluster because the pulumi-eks one can generate the kubeconfig. Our use case here is that occasionally we need to perform quick deployments from our local machine, but most of the time it will be done from a ci/cd pipeline, and these two methods use different AWS profiles. It's not going to work well if that results in different Access Entries getting created.

With quick-deployments, do you mean creating the cluster or just changing things? The access entry is only set up on cluster creation, so if this is mainly about doing updates locally after the cluster's been created then you should be good. Generally, we should be able to expose an option to not create these entries at all (at the cost of not being able to offer some of the features that directly interface with the cluster endpoint). If that's something you're interested in, please cut an issue in the repo I've linked above; explaining your use case

One case I see us wanting to use this is in an emergency situation where we need to recreate a cluster but the ci/cd pipeline is down, so it has to be done locally. Whatever is created then needs to be the same as what would be created in the pipeline.