Skip to content

Releases: crossplane-contrib/provider-upjet-aws

v1.6.0

07 Jun 13:37
@turkenf turkenf
v1.6.0
719eef4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0

The v1.6.0 release introduces a new family provider provider-aws-codeguruprofiler, new resources, bug fixes, enhancements, and dependency updates.

Support for New Resources

  • Connector.v1beta1.transfer.aws.upbound.io
  • ProfilingGroup.v1beta1.codeguruprofiler.aws.upbound.io
  • EndpointAccess.v1beta1.redshift.aws.upbound.io

Bug Fixes and Enhancements

  • Fixes Topic.sns update loops #1347
  • Fixes AccessKey.iam reconciliation #1344, related issue crossplane/upjet#416
  • Adds option autoGenerateAuthToken for ElastiCache ReplicationGroup #1322
  • Bug Fixes: Elasticache ReplicationGroup connection secret is empty #1043
  • Adds selectors and references for Certificate.acm #1336, Domain.opensearch #1337
  • Switches the order of the SYNCED and READY printer columns for ClusterAuth.eks #1276

What's Changed

  • Update dependency kubernetes-sigs/kind to v0.23.0 by @renovate in #1309
  • Update dependency upbound/up to v0.30.0 by @renovate in #1302
  • Update actions/checkout digest to a5ac7e5 by @renovate in #1327
  • Update alpine Docker tag to v3.20.0 by @renovate in #1328
  • Fix documentation of rule.filter.prefix field for BucketLifecycleConfiguration.s3 by @turkenf in #1331
  • feat(acm): add reference and selector for certificate_authority_arn by @haarchri in #1336
  • feat(sftp): add aws_transfer_connector by @haarchri in #1341
  • feat(opensearch): domain add more selector and references by @haarchri in #1337
  • ElastiCache ReplicationGroup auth token generation and connection details by @chlunde in #1322
  • CodeGuru Profiler Profiling Group by @chlunde in #1316
  • Fix AccessKey.iam reconciliation by @ulucinar in #1344
  • Use newlines in config/generated.lst to prevent git conflicts by @mbbush in #1245
  • Update dependency go to v1.22.4 by @renovate in #1342
  • Configure EndpointAccess.redshift resource and add example by @turkenf in #1314
  • Fix Topic.sns update loops by @ulucinar in #1347
  • re-order columns for handwritten ClusterAuth.eks by @mbbush in #1276

New Contributors

Full Changelog: v1.5.0...v1.6.0

Contributors

chlunde, mbbush, and 4 other contributors
Assets 2
Loading

v1.5.0

24 May 15:10
@turkenf turkenf
v1.5.0
0bc985c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.0

In the v1.5.0 release, we've upgraded the underlying Terraform provider version from v5.31.0 to v5.50.0. This release also introduces a new resource, bug fixes, and dependency updates.

Support for a New Resource:

  • User.v1alpha1.mq.aws.upbound.io: If you'd like to use the User.mq MRs together with Broker.mq, you need to specify the broker's bootstrap users under spec.initProvider.user instead of spec.forProvider.user. This will prevent a race condition between the two controllers. Please see #1325 for some more context.

Bug Fixes and Enhancements

  • Bumps the upjet dependency to v1.4.0 and generates the secret references under spec.initProvider API trees for the sensitive MR parameters: #1325
  • Fixes MR state metrics when MRs are deleted #1312
  • Bumps the Terraform provider version to v5.50.0 and the Go version to 1.22 #1315
  • Fixes late init issue for the ClusterInstance.rds resource #1326
  • Upjet v1.4.0 depracates config.Reference.Type. All usages of config.Reference.Type have been replaced with config.Reference.TerraformName in the provider #1310
  • We now depend on the crossplane/build submodule #1313
  • Authentication documentation improvements #1321

What's Changed

New Contributors

Full Changelog: v1.4.0...v1.5.0

Contributors

ytsarev, negz, and 6 other contributors
Assets 2
Loading

v1.4.0

25 Apr 16:05
@turkenf turkenf
v1.4.0
58c7765
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.0

The v1.4.0 release introduces MR metrics, bug fixes, enhancements, and dependency updates.

We are excited to introduce a new set of managed resource (MR) metrics in this release. These metrics are pivotal for monitoring the state and performance of resources managed through Crossplane. This enhancement follows the implementation guidelines from the provider-kubernetes and incorporates changes from crossplane/crossplane-runtime#683. The newly available metrics include:

  • crossplane_managed_resource_exists{"gvk"}
  • crossplane_managed_resource_ready{"gvk"}
  • crossplane_managed_resource_synced{"gvk"}
  • crossplane_managed_resource_first_time_to_reconcile_seconds{"gvk"}
  • crossplane_managed_resource_first_time_to_readiness_seconds{"gvk"}
  • crossplane_managed_resource_deletion_seconds{"gvk"}
  • crossplane_managed_resource_drift_seconds{"gvk"}

For a detailed overview of the implementation, please refer to this crossplane/crossplane-runtime#683.

Note that, for async resources, upjet_resource_ttr_bucket{"group","kind","version"} gives a more accurate measurement of when the external resource becomes available, compared to crossplane_managed_resource_first_time_to_readiness_seconds{"gvk"} .

Bug Fixes and Enhancements

  • Bug Fix: Addresses a critical bug related to asynchronous operation failures (#1164). With this fix, the "Synced" status will immediately reflect as "False" upon any failure in asynchronous operations, ensuring compliance with the XRM contract and improving reliability in status reporting. Previously, the error handling only updated the LastAsyncOperation status without properly setting the Synced condition to False. For more information, please see the crossplane/upjet#391 (comment).
  • Bug Fix: Lambda Functions keeps updating after few seconds with Diff Detected #1027
  • Enhancement: Adds ClusterParameterGroup and ParameterGroup Selectors for the Cluster.rds resource

What's Changed

  • Monitor, mark and close issues and PRs with github workflow by @turkenf in #1250
  • pin aws-sdk-go-v2 dependency versions for ClusterAuth presign breaking change by @erhancagirici in #1251
  • Change the value of meta.crossplane.io/source by @turkenf in #1246
  • Update docker/setup-buildx-action digest to d70bba7 by @renovate in #1258
  • Update module sigs.k8s.io/controller-runtime to v0.17.3 by @renovate in #1259
  • Removes GitHub issue triage workflow by @jeanduplessis in #1263
  • Update kubernetes patches to v0.29.4 by @renovate in #1267
  • Select spec fields specific to Upbound OIDC by @jastang in #1265
  • Remove ARN Parameter from Firehose DeliveryStream Resource by @blakeromano in #1233
  • Update actions/upload-artifact digest to 1746f4a by @renovate in #1269
  • Remove resource from externalnamenottested that is already implemented by @mbbush in #1270
  • Update slack channel name in readme by @turkenf in #1275
  • Update actions/checkout digest to 1d96c77 by @renovate in #1283
  • Rename upbound provider ci repo by @mbbush in #1287
  • [Cluster.RDS] Add ClusterParameterGroup and ParameterGroup Selectors by @ytsarev in #1288
  • Fix update loop for Function.lambda resource by @turkenf in #1266
  • Introduce MR metrics by @mergenci in #1281

Full Changelog: v1.3.1...v1.4.0

Contributors

jeanduplessis, ytsarev, and 7 other contributors
Assets 2
Loading

v1.3.1

04 Apr 16:16
@turkenf turkenf
v1.3.1
d770b08
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.1

The release v1.3.1 introduces an important bug fix: [Bug]: EKS ClusterAuth v1.3.0 kubeconfig results in Unauthorized#1248

What's Changed

  • [Backport release-1.3] pin aws-sdk-go-v2 dependency versions for ClusterAuth presign breaking change by @github-actions in #1257

Full Changelog: v1.3.0...v1.3.1

Assets 2
Loading

v1.3.0

28 Mar 18:30
@turkenf turkenf
v1.3.0
053d318
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0

The v1.3.0 release introduces a new family provider provider-aws-kafkaconnect, new resources, bug fixes, and dependency updates.

This release also introduces a credential cache for IRSA authentication, which greatly reduces the number of AWS STS calls the provider makes. This cache is currently only employed for IRSA configurations. Please refer to the description here for the results of some experiments and the observed improvements in those experiments.

Also in this release, we add the API call counters for the provider. An example for the new metrics is as follows:

# HELP upjet_resource_external_api_calls_total The number of external API calls.
# TYPE upjet_resource_external_api_calls_total counter
upjet_resource_external_api_calls_total{operation="AssumeRole",service="STS"} 2
upjet_resource_external_api_calls_total{operation="AssumeRoleWithWebIdentity",service="STS"} 1
upjet_resource_external_api_calls_total{operation="CreateRole",service="IAM"} 1
upjet_resource_external_api_calls_total{operation="GetCallerIdentity",service="STS"} 1
upjet_resource_external_api_calls_total{operation="GetRole",service="IAM"} 61
upjet_resource_external_api_calls_total{operation="GetRolePolicy",service="IAM"} 60
upjet_resource_external_api_calls_total{operation="ListAttachedRolePolicies",service="IAM"} 60
upjet_resource_external_api_calls_total{operation="ListRolePolicies",service="IAM"} 60
upjet_resource_external_api_calls_total{operation="PutRolePolicy",service="IAM"} 1

Please refer to the description of this PR for the details.

Support for New Resources

  • User.memorydb.aws.upbound.io/v1beta1
  • Connector.kafkaconnect.aws.upbound.io/v1beta1
  • CustomPlugin.kafkaconnect.aws.upbound.io/v1beta1
  • WorkerConfiguration.kafkaconnect.aws.upbound.io/v1beta1

Bug Fixes

  • [Bug]: IAM Role inlinePolicy conflicting with IAM RolePolicy #1207
  • Excessive calls to AssumeRoleWithWebIdentity w/ IRSA #997

What's Changed

Full Changelog: v1.2.1...v1.3.0

Contributors

stevendborrelli, jeanduplessis, and 8 other contributors
Assets 2
Loading

v1.2.1

18 Mar 13:20
@turkenf turkenf
v1.2.1
86eb095
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.1

The release v1.2.1 includes a bug fix: [Bug]: SNS Topics Not Creating #1220

What's Changed

  • [Backport release-1.2] Add region parameter back to TF setup.Configuration by @github-actions in #1222

Full Changelog: v1.2.0...v1.2.1

Assets 2
Loading

v1.2.0

14 Mar 17:56
@turkenf turkenf
v1.2.0
74d77de
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.0

The release v1.2.0 includes bug fixes, and updating dependencies, with the most significant ones detailed below.

  • Sets a default io.Discard logger for the controller-runtime if debug logging is not enabled which fixes #974 and #854. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual.
  • Refactors AWS client configuration logic with a single path #1204. This refactoring also leads to a 50% reduction in the number of STS calls made per reconcile.
  • Adds ability to auto-generate password in referenced secret for Cluster.rds resource #1169
  • Fixes the update loop in Firewall.networkfirewall resource #1167

Breaking UX Changes

The release switches the order of the SYNCED and READY printer columns so that the SYCNED column is now printed before the READY column as follows:

❯ kubectl get managed

NAME                                SYNCED   READY   EXTERNAL-NAME           AGE
vpc.ec2.aws.upbound.io/sample-vpc   True     True    vpc-0c4b6ee9568fe7a16   30s

This used to be first the READY column and then the SYNCED column previously. Please see crossplane/upjet#360 for further details.

What's Changed

New Contributors

Full Changelog: v1.1.1...v1.2.0

Contributors

renovate, ulucinar, and 3 other contributors
Assets 2
Loading

v0.47.4

14 Mar 17:41
@turkenf turkenf
v0.47.4
7b18c59
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.47.4

The release 0.47.4 sets a default io.Discard logger for the controller-runtime if debug logging is not enabled which fixes #974 and #854. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual.

What's Changed

Full Changelog: v0.47.3...v0.47.4

Contributors

ulucinar
Assets 2
Loading

v1.1.1

07 Mar 19:10
@turkenf turkenf
v1.1.1
2a806d7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.1

The release v1.1.1 includes two important bug fixes detailed below:

  • The first fix is related to sensitive fieldpath generation for slice-type fields. In the current behavior, we do not have any handling mechanism for slices while calculating the fieldpath for sensitive fields. With this PR we will have this and correctly generate the fieldpaths for sensitive slice typed fields. We started to generate the correct fieldpath for the passwordsSecretRef field of the elasticache.User resource. In this way, we will correctly resolve the sensitive data for this field. Related upstream fix: crossplane/upjet#355
  • The second fix removes the applying of StateFuncs to parameters in the upstream with this PR. We noticed that the user_data field of the ec2.Instance resource does not work properly. Please see this issue. The related field started working correctly with the fix of a bug we found in Upjet.

What's Changed

Full Changelog: v1.1.0...v1.1.1

Contributors

sergenyalcin
Assets 2
Loading

v0.47.3

07 Mar 18:25
@turkenf turkenf
v0.47.3
cae7aab
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.47.3

The release v0.47.3 includes two important bug fixes detailed below:

  • The first fix is related to sensitive fieldpath generation for slice-type fields. In the current behavior, we do not have any handling mechanism for slices while calculating the fieldpath for sensitive fields. With this PR we will have this and correctly generate the fieldpaths for sensitive slice typed fields. We started to generate the correct fieldpath for the passwordsSecretRef field of the elasticache.User resource. In this way, we will correctly resolve the sensitive data for this field. Related upstream fix: crossplane/upjet#355
  • The second fix removes the applying of StateFuncs to parameters in the upstream with this PR. We noticed that the user_data field of the ec2.Instance resource does not work properly. Please see this issue. The related field started working correctly with the fix of a bug we found in Upjet.

What's Changed

Full Changelog: v0.47.2...v0.47.3

Contributors

ulucinar and sergenyalcin
Assets 2
Loading