This message was deleted.
# kubernetes
s
This message was deleted.
b
I use RBAC and have Pulumi store a role that's assumed on deploy. However, this still requires AWS credentials that can assume that role in order to run Pulumi. Is this what you mean, or are you looking to embed static credentials in the configuration file?
p
we store credz + role to assume in the stack config and then use that to auth to eks
so yes basically static credz in our stack config
p
in our CI pipe, we subprocess out a call to `aws eks update-kubeconfig and then
Copy code
k8s_provider = k8s.Provider(
    "k8s_provider",
    # cluster=current_context,
    context=current_context,
    kubeconfig='~/.kube/config',