No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Whilst this may sound a lot like <https://eksctl.io/usage/troubleshooting/#kubectl-logs-and-kubectl-run-fails-with-authorization-error> I have checked and both DNS Hostnames and DNS Resolution is turned on in the VPC, and the working cluster is in the VPC too :confounded:

Hmmm a few pulumi refreshes and a pulumi up later and the issue seems to have gone away.
The pulumi up modified a ClusterIngressRule and the cloudformation stack for the nodes, which is likely what fixed the kluster