diff --git a/common/variables.awscli.tf b/common/variables.awscli.tf
new file mode 100644
index 0000000..69ec329
--- /dev/null
+++ b/common/variables.awscli.tf
@@ -0,0 +1,10 @@
+variable "region" {
+  description = "AWS region (default: pull from current running provider)"
+  type        = string
+  default     = ""
+}
+
+variable "profile" {
+  description = "AWS config profile. This is needed because we call the AWSCLI."
+  type        = string
+}
diff --git a/patch-aws-auth/README.md b/patch-aws-auth/README.md
index 5e3f42e..0636c42 100644
--- a/patch-aws-auth/README.md
+++ b/patch-aws-auth/README.md
@@ -82,6 +82,8 @@ No modules.
 | <a name="input_nodegroup_instance_disk_size"></a> [nodegroup\_instance\_disk\_size](#input\_nodegroup\_instance\_disk\_size) | The size of EKS nodegroup EBS disk in gigabytes (default: 40) | `number` | `40` | no |
 | <a name="input_nodegroup_maximum_size"></a> [nodegroup\_maximum\_size](#input\_nodegroup\_maximum\_size) | EKs Nodegroup maximum size (default: 16) | `number` | `16` | no |
 | <a name="input_nodegroup_minumum_size"></a> [nodegroup\_minumum\_size](#input\_nodegroup\_minumum\_size) | EKS Nodegroup minimum size (default: 1) | `number` | `1` | no |
+| <a name="input_profile"></a> [profile](#input\_profile) | AWS config profile. This is needed because we call the AWSCLI. | `string` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | AWS region (default: pull from current running provider) | `string` | `""` | no |
 
 ## Outputs
 
diff --git a/patch-aws-auth/kubeconfig.tf b/patch-aws-auth/kubeconfig.tf
index 6adbdd7..2f298bd 100644
--- a/patch-aws-auth/kubeconfig.tf
+++ b/patch-aws-auth/kubeconfig.tf
@@ -8,13 +8,16 @@ resource "null_resource" "kubeconfig" {
   provisioner "local-exec" {
     command = "which kubectl > /dev/null 2>&1; if [ $? != 0 ]; then 'echo missing kubectl'; exit 1; else exit 0; fi"
   }
+  provisioner "local-exec" {
+    command = "which aws > /dev/null 2>&1; if [ $? != 0 ]; then 'echo missing aws-cli (v2)'; exit 1; else exit 0; fi"
+  }
   provisioner "local-exec" {
     command = "test -d '${path.root}/setup' || mkdir '${path.root}/setup'"
   }
   provisioner "local-exec" {
     environment = {
       AWS_PROFILE = var.profile
-      AWS_REGION  = var.region
+      AWS_REGION  = local.region
     }
     command = "aws eks update-kubeconfig --name ${var.cluster_name} --kubeconfig ${path.root}/setup/aws-auth.kube.config"
   }
diff --git a/patch-aws-auth/locals.tf b/patch-aws-auth/locals.tf
index a6f1b34..37bfcf0 100644
--- a/patch-aws-auth/locals.tf
+++ b/patch-aws-auth/locals.tf
@@ -1,5 +1,5 @@
 locals {
-  region               = data.aws_region.current.name
+  region               = var.region == "" ? data.aws_region.current.name : var.region
   aws_eks_cluster_auth = data.aws_eks_cluster_auth.cluster
   aws_eks_cluster      = data.aws_eks_cluster.cluster
 }
diff --git a/patch-aws-auth/variables.awscli.tf b/patch-aws-auth/variables.awscli.tf
new file mode 120000
index 0000000..2b4bec3
--- /dev/null
+++ b/patch-aws-auth/variables.awscli.tf
@@ -0,0 +1 @@
+../common/variables.awscli.tf
\ No newline at end of file