Releases: kubernetes-sigs/aws-iam-authenticator
Releases · kubernetes-sigs/aws-iam-authenticator
v0.5.5
Changelog
- Use full package name for goreleaser version (#433, @nckturner)
- add sts error metric (#430, @jyotimahapatra)
- emit metric for EC2 describeInstance calls (#428, @jyotimahapatra)
- Rename configmap_watch_failures to configmap_watch_failures_total (#432, @nckturner)
- Simplify goreleaser Dockerfiles (#431, @jyotimahapatra)
- Don't pass metrics around (#423, @nckturner)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.5docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.5-arm64docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.5-amd64
Contributors
nckturner and jyotimahapatra
Assets 8
v0.5.4
Release v0.5.4
- Embed go-runner into the image (#426, @jyotimahapatra)
- Bump Go to 1.17 in Travis (#414, @gliptak)
- Build multi-arch images (#417, @glebiller)
- Add kind-based development environment (#422, @nckturner)
- Add jaypipes to approvers/reviewers (#407, @nckturner)
- Fix deps (#396, @frioux)
- Fix panic when cache file can't be Stat-ed (#410, @sarahhodne)
- Fix missing status definition in v1 CRD (#411, @rifelpet)
- Use ./hack/install-etcd.sh (#405, @nckturner)
- Run integration tests with per-test role (#402, @nckturner)
- Add a counter for API server watch failures (#400, @nckturner)
- Upgrade CRD manifest to v1 (#397, @rifelpet)
- Move inactives to emeritus_approvers and add active users (#399, @nckturner)
- Fix tests add vendor (#398, @nckturner)
- Integration test framework (#395, @nckturner)
- Add cloudbuild & improvements (#394, @nckturner)
- Fix typo (#390, @shyr)
- *: add user/role subcommands (#381, @gyuho)
- goreleaser: bump release to 0.164.0 and fix config deprecations (#371, @antoinedeschenes)
- Run go mod vendor (#388, @nckturner)
- doc: fix typo in RELEASE.md (#376, @stig)
- [pkg/token]: Update credential API version (#386, @micahhausler)
- Enrich Audit Logs with additional AWS Identity details (via audit logs' "extra" map) (#372, @adrianosela)
Docker Images
Please use release v0.5.5
Contributors
frioux, glebiller, and 11 other contributors
Assets 2
v0.5.3
Changelog
- Bump Go to 1.15 in Travis (#361, @gliptak)
- Update aws sdk go v1.37.1 (#360, @gaffneyd4)
- (arn): validate partition against all partitions returned by the aws sdk (#348, @cmdallas)
- Document AccessKeyId from UserInfo (#332, @ryanmt)
- Support IPv6 listen address (#352, @anguslees)
- Added user agent to AWS SDK (#359, @micahhausler)
- Remove Chris Hein from OWNERS (#351, @christopherhein)
- Add instructions for the release process (#346, @nckturner)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-debian-jessiedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-amazonlinux-2docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.3-scratch
v0.5.2
Changlelog
- Added partition flag (#341, @micahhausler)
- Update link to Kops docs site (#338, @rifelpet)
- Security Improvements on the example yaml (#335, @pjbgf)
- Fix RBAC on example file: service account requires get to ConfigMap (#334, @pjbgf)
- Add AccessKeyID as variable for username (#337, @pjbgf)
- Added server side AWS account ID log redaction (#327, @micahhausler)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-debian-jessiedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-amazonlinux-2docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.2-scratch
v0.5.1
Changlelog
- Update examples/README (#317, @otterley)
- Changelog gen (#318, @nckturner)
- Fix CRD mapper blocking all others because caches never sync and revamp backend-mode flag (#303, @wongma7)
- Update aws-sdk-go to version v1.30.0 (#306, @nckturner)
- Bump k8s.io/ dependencies to 1.16.8 (#305, @wongma7)
- chown aws-iam-authenticator to avoid permission denied (#302, @wongma7)
- Indentation and unit test improvements (#298, @bhagwat070919)
- Adding Rate limiting ec2:DescribeInstances API along with Batching for high TPS (#292, @bhagwat070919)
- Restrict ClusterRole to readonly IAMIdentityMapping access (#287, @rifelpet)
- added selector to spec and changed from extenstions to apps/v1 (#291, @andarob)
- Add AWS AccessKeyID as an extra field in UserInfo (#286, @pepov)
- Allow server port customization (#278, @diversario)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-debian-jessiedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-amazonlinux-2docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-scratch
v0.5.1-alpha.1
Changelog
- Fix CRD mapper blocking all others because caches never sync and revamp backend-mode flag (#303, @wongma7)
- Update aws-sdk-go to version v1.30.0 (#306, @nckturner)
- Bump k8s.io/ dependencies to 1.16.8 (#305, @wongma7)
- chown aws-iam-authenticator to avoid permission denied (#302, @wongma7)
- Indentation and unit test improvements (#298, @bhagwat070919)
- Adding Rate limiting ec2:DescribeInstances API along with Batching for high TPS (#292, @bhagwat070919)
- Restrict ClusterRole to readonly IAMIdentityMapping access (#287, @rifelpet)
- added selector to spec and changed from extenstions to apps/v1 (#291, @andarob)
- Add AWS AccessKeyID as an extra field in UserInfo (#286, @pepov)
- Allow server port customization (#278, @diversario)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-amazonlinux-2docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-scratchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-debian-jessiedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.1-alpha.1-debian-stretch
v0.5.0
Changelog
- Remove DNS-1123 validation of usernames and groups (#260, @richardmarshall)
- switch to use regional sts endpoint & imdsV2 (#283, @M00nF1sh)
- Add AWS Access Key ID to log (#282, @otterley)
- Require to pass in interface instead of the concrete type (#279, @Skarlso)
- Refactor to allow configurable backends (configmap, eks configmap, crd) (#269, @wongma7)
- Update go version (#255, @christopherhein)
- Adding session name parameter to TokenGenerator (#272, @SaranBalaji90)
- Rename prometheus metrics to match new project name (#249, @rifelpet)
- Remove inactive approvers, add wongma7 (#266, @nckturner)
- Update aws-sdk-go to v1.23.11 (#257, @bdwyertech)
- Added go module download check (#259, @micahhausler)
- Updating goreleaser yaml to fix deprecated options (#252, @hyperbolic2346)
- Remove deprecated language from README (#244, @nckturner)
- Lowercase ARN inside doMapping and log about it (#239, @wongma7)
- IAMIdentityMapping CRD Implementation (#116, @christopherhein)
- Adding micahhausler as approver (#237, @christopherhein)
- add support for passing externalID to assume role (#228, @jeffmhastings)
- Update README.md (#231, @MIJOTHY)
- Using sigs.k8s.io domain instead of github.com (#223, @christopherhein)
- Refactored EC2 API calls to be testable (#226, @micahhausler)
- Include aws request ID when logging errors (#178, @doublerainbo)
Docker Images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-debian-jessiedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-amazonlinux-2docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.5.0-scratch
v0.4.0
- Update aws-sdk version to 1.19.11 (#216, @nckturner)
- Add credentials cache for expiring credentials (#193, @llamahunter)
- Support Global Different Region STS Endpoints (#173, @sunfuze)
- Add expiration to token creation. (#160, @nckturner)
- Log STS response on successful authentication. (#161, @nckturner)
- Allow session names to be forwarded with
--forward-session-name. (#134, @jrnt30) - Add output format option for verify command. (#126, @joshkurz)
- Add flags to configure the address and port to allow running the server locally. (#124, @christopherhein)
- Add a flag to only output the token. (#122, @christopherhein)
- Add --log-format server flag to configure output format. (#73, @phillipj)
- Build release for windows. (#113, acaire)
- Add support for ARNs with paths. (#103, @mattlandis)
- GetWithSTS and GetWithRoleForSession added to Generator interface to allow tools integrating with Authenticator to pass an existing STS client or existing session. (#101, @errordeveloper)
Docker images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-scratchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-alpinedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-debiandocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:v0.4.0-debian-jessie
v0.4.0-alpha.3
- Update aws-sdk version to 1.19.11 (#216, @nckturner)
- Add credentials cache for expiring credentials (#193, @llamahunter)
- Support Global Different Region STS Endpoints (#173, @sunfuze)
- Add expiration to token creation. (#160, @nckturner)
- Log STS response on successful authentication. (#161, @nckturner)
- Allow session names to be forwarded with
--forward-session-name. (#134, @jrnt30) - Add output format option for verify command. (#126, @joshkurz)
- Add flags to configure the address and port to allow running the server locally. (#124, @christopherhein)
- Add a flag to only output the token. (#122, @christopherhein)
- Add --log-format server flag to configure output format. (#73, @phillipj)
- Build release for windows. (#113, acaire)
- Add support for ARNs with paths. (#103, @mattlandis)
- GetWithSTS and GetWithRoleForSession added to Generator interface to allow tools integrating with Authenticator to pass an existing STS client or existing session. (#101, @errordeveloper)
Docker images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 602401143452)
docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-debian-stretchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-scratchdocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-alpine-3.7docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-debiandocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-alpine-3.6docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-alpinedocker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-iam-authenticator:0.4.0-alpha.3-debian-jessie
v0.4.0-alpha.1
- Log STS response on successful authentication. (#161, @nckturner)
- Add expiration to token creation. (#160, @nckturner)
- Allow session names to be forwarded with
--forward-session-name. (#134, @jrnt30) - Add output format option for verify command. (#126, @joshkurz)
- Add flags to configure the address and port to allow running the server locally. (#124, @christopherhein)
- Add a flag to only output the token. (#122, @christopherhein)
- Build release for windows. (#113, acaire)
- Add support for ARNs with paths. (#103, @mattlandis)
- GetWithSTS and GetWithRoleForSession added to Generator interface to allow tools integrating with Authenticator to pass an existing STS client or existing session. (#101, @errordeveloper)
- Add --log-format server flag to configure output format. (#73, @phillipj)
Docker images
Note: You must log in with the registry ID and your role must have the necessary ECR privileges:
$(aws ecr get-login --no-include-email --region us-west-2 --registry-ids 894847497797)
docker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-alpine-3.6docker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-alpine-3.7docker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-scratchdocker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-debian-stretchdocker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-alpinedocker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1docker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-debiandocker pull 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-iam-authenticator:0.4.0-alpha.1-debian-jessie