diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 1de87cc7..8f341e3c 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,13 +1,13 @@ ack_generate_info: - build_date: "2025-09-25T16:19:07Z" - build_hash: 6b4211163dcc34776b01da9a18217bac0f4103fd - go_version: go1.24.6 - version: v0.52.0 + build_date: "2025-11-12T23:05:25Z" + build_hash: c833f2d14f4fe8953663ff92f4661ae5fb01b8c8 + go_version: go1.25.4 + version: v0.53.1 api_directory_checksum: 5a5c93e3d4865ea08d8a47b2500551112ea831b9 api_version: v1alpha1 aws_sdk_go_version: v1.32.6 generator_config_info: - file_checksum: 6d72b2e7d053535b6f6966348d3ac4e4535052cd + file_checksum: 220d17205c72ce425824ef99e0a79fbfc7c63ef2 original_file_name: generator.yaml last_modification: reason: API generation diff --git a/config/controller/deployment.yaml b/config/controller/deployment.yaml index bf3c5727..500dd0f0 100644 --- a/config/controller/deployment.yaml +++ b/config/controller/deployment.yaml @@ -43,6 +43,7 @@ spec: - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" - --feature-gates - "$(FEATURE_GATES)" + - --enable-carm=$(ENABLE_CARM) image: controller:latest name: controller ports: @@ -80,6 +81,8 @@ spec: value: "1" - name: "FEATURE_GATES" value: "" + - name: "ENABLE_CARM" + value: "true" securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index daa823ab..3a9f43a7 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/ec2-controller - newTag: 1.7.0 + newTag: 1.7.1 diff --git a/config/crd/bases/ec2.services.k8s.aws_capacityreservations.yaml b/config/crd/bases/ec2.services.k8s.aws_capacityreservations.yaml index 5ac7de8a..94f7a44c 100644 --- a/config/crd/bases/ec2.services.k8s.aws_capacityreservations.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_capacityreservations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: capacityreservations.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_dhcpoptions.yaml b/config/crd/bases/ec2.services.k8s.aws_dhcpoptions.yaml index 78466ea8..986e789a 100644 --- a/config/crd/bases/ec2.services.k8s.aws_dhcpoptions.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_dhcpoptions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: dhcpoptions.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_elasticipaddresses.yaml b/config/crd/bases/ec2.services.k8s.aws_elasticipaddresses.yaml index 558c59d5..d1b2f176 100644 --- a/config/crd/bases/ec2.services.k8s.aws_elasticipaddresses.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_elasticipaddresses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: elasticipaddresses.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_flowlogs.yaml b/config/crd/bases/ec2.services.k8s.aws_flowlogs.yaml index 78bfc4bf..5a6cf9e0 100644 --- a/config/crd/bases/ec2.services.k8s.aws_flowlogs.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_flowlogs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: flowlogs.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_instances.yaml b/config/crd/bases/ec2.services.k8s.aws_instances.yaml index bb2f0aec..7efefd22 100644 --- a/config/crd/bases/ec2.services.k8s.aws_instances.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_instances.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: instances.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_internetgateways.yaml b/config/crd/bases/ec2.services.k8s.aws_internetgateways.yaml index edbaadd9..e67e9037 100644 --- a/config/crd/bases/ec2.services.k8s.aws_internetgateways.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_internetgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: internetgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_launchtemplates.yaml b/config/crd/bases/ec2.services.k8s.aws_launchtemplates.yaml index a2de372d..7db9204c 100644 --- a/config/crd/bases/ec2.services.k8s.aws_launchtemplates.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_launchtemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: launchtemplates.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_natgateways.yaml b/config/crd/bases/ec2.services.k8s.aws_natgateways.yaml index e03ecfbe..43762401 100644 --- a/config/crd/bases/ec2.services.k8s.aws_natgateways.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_natgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: natgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_networkacls.yaml b/config/crd/bases/ec2.services.k8s.aws_networkacls.yaml index 062eaf73..3ac31976 100644 --- a/config/crd/bases/ec2.services.k8s.aws_networkacls.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_networkacls.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: networkacls.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_routetables.yaml b/config/crd/bases/ec2.services.k8s.aws_routetables.yaml index cbbdfc2b..91d2acf7 100644 --- a/config/crd/bases/ec2.services.k8s.aws_routetables.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_routetables.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: routetables.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_securitygroups.yaml b/config/crd/bases/ec2.services.k8s.aws_securitygroups.yaml index be3f1706..57cb581b 100644 --- a/config/crd/bases/ec2.services.k8s.aws_securitygroups.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_securitygroups.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: securitygroups.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_subnets.yaml b/config/crd/bases/ec2.services.k8s.aws_subnets.yaml index 72eba7f1..e301e9ff 100644 --- a/config/crd/bases/ec2.services.k8s.aws_subnets.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_subnets.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: subnets.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_transitgateways.yaml b/config/crd/bases/ec2.services.k8s.aws_transitgateways.yaml index f6671d44..fc9e5a9a 100644 --- a/config/crd/bases/ec2.services.k8s.aws_transitgateways.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_transitgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: transitgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml b/config/crd/bases/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml index 9d7c4119..a1e6eb3d 100644 --- a/config/crd/bases/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: transitgatewayvpcattachments.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_vpcendpoints.yaml b/config/crd/bases/ec2.services.k8s.aws_vpcendpoints.yaml index 52edeea7..13524d3d 100644 --- a/config/crd/bases/ec2.services.k8s.aws_vpcendpoints.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_vpcendpoints.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcendpoints.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml b/config/crd/bases/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml index 3a37e101..d4f38e12 100644 --- a/config/crd/bases/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcendpointserviceconfigurations.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_vpcpeeringconnections.yaml b/config/crd/bases/ec2.services.k8s.aws_vpcpeeringconnections.yaml index a7c11a2d..4091a01b 100644 --- a/config/crd/bases/ec2.services.k8s.aws_vpcpeeringconnections.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_vpcpeeringconnections.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcpeeringconnections.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/bases/ec2.services.k8s.aws_vpcs.yaml b/config/crd/bases/ec2.services.k8s.aws_vpcs.yaml index 17292af5..1bf66e5f 100644 --- a/config/crd/bases/ec2.services.k8s.aws_vpcs.yaml +++ b/config/crd/bases/ec2.services.k8s.aws_vpcs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcs.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/config/crd/common/bases/services.k8s.aws_fieldexports.yaml b/config/crd/common/bases/services.k8s.aws_fieldexports.yaml index 49b4f383..6e2c61e6 100644 --- a/config/crd/common/bases/services.k8s.aws_fieldexports.yaml +++ b/config/crd/common/bases/services.k8s.aws_fieldexports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: fieldexports.services.k8s.aws spec: group: services.k8s.aws diff --git a/config/crd/common/bases/services.k8s.aws_iamroleselectors.yaml b/config/crd/common/bases/services.k8s.aws_iamroleselectors.yaml new file mode 100644 index 00000000..9477c900 --- /dev/null +++ b/config/crd/common/bases/services.k8s.aws_iamroleselectors.yaml @@ -0,0 +1,90 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.19.0 + name: iamroleselectors.services.k8s.aws +spec: + group: services.k8s.aws + names: + kind: IAMRoleSelector + listKind: IAMRoleSelectorList + plural: iamroleselectors + singular: iamroleselector + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IAMRoleSelector is the schema for the IAMRoleSelector API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + arn: + type: string + x-kubernetes-validations: + - message: Value is immutable once set + rule: self == oldSelf + namespaceSelector: + description: IAMRoleSelectorSpec defines the desired state of IAMRoleSelector + properties: + labelSelector: + description: LabelSelector is a label query over a set of resources. + properties: + matchLabels: + additionalProperties: + type: string + type: object + required: + - matchLabels + type: object + names: + items: + type: string + type: array + required: + - names + type: object + resourceTypeSelector: + items: + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + type: array + required: + - arn + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/common/kustomization.yaml b/config/crd/common/kustomization.yaml index 96349f62..8165534d 100644 --- a/config/crd/common/kustomization.yaml +++ b/config/crd/common/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - bases/services.k8s.aws_adoptedresources.yaml + - bases/services.k8s.aws_iamroleselectors.yaml - bases/services.k8s.aws_fieldexports.yaml diff --git a/config/rbac/cluster-role-controller.yaml b/config/rbac/cluster-role-controller.yaml index 84075926..5e7a0d3d 100644 --- a/config/rbac/cluster-role-controller.yaml +++ b/config/rbac/cluster-role-controller.yaml @@ -79,8 +79,8 @@ rules: - apiGroups: - services.k8s.aws resources: - - adoptedresources - fieldexports + - iamroleselectors verbs: - create - delete @@ -92,8 +92,8 @@ rules: - apiGroups: - services.k8s.aws resources: - - adoptedresources/status - fieldexports/status + - iamroleselectors/status verbs: - get - patch diff --git a/go.mod b/go.mod index 8f817596..d8d16dbf 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.24.0 toolchain go1.24.1 require ( - github.com/aws-controllers-k8s/runtime v0.52.0 + github.com/aws-controllers-k8s/runtime v0.53.1 github.com/aws/aws-sdk-go v1.49.0 github.com/aws/aws-sdk-go-v2 v1.35.0 github.com/aws/aws-sdk-go-v2/service/ec2 v1.202.1 diff --git a/go.sum b/go.sum index c83ba8ce..b4d39e2d 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/aws-controllers-k8s/runtime v0.52.0 h1:Q5UIAn6SSBr60t/DiU/zr6NLBlUuK2AG3yy2ma/9gDU= -github.com/aws-controllers-k8s/runtime v0.52.0/go.mod h1:OkUJN+Ds799JLYZsMJrO2vDJ4snxUeHK2MgrQHbU+Qc= +github.com/aws-controllers-k8s/runtime v0.53.1 h1:l9MkR1KfZW8H8icT5rrRK3pdnVVA4io/eINVe5aspWs= +github.com/aws-controllers-k8s/runtime v0.53.1/go.mod h1:OkUJN+Ds799JLYZsMJrO2vDJ4snxUeHK2MgrQHbU+Qc= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v1.35.0 h1:jTPxEJyzjSuuz0wB+302hr8Eu9KUI+Zv8zlujMGJpVI= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index fb994dca..e6702dae 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: ec2-chart description: A Helm chart for the ACK service controller for Amazon Elastic Cloud Compute (EC2) -version: 1.7.0 -appVersion: 1.7.0 +version: 1.7.1 +appVersion: 1.7.1 home: https://github.com/aws-controllers-k8s/ec2-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/crds/ec2.services.k8s.aws_capacityreservations.yaml b/helm/crds/ec2.services.k8s.aws_capacityreservations.yaml index 47734eea..8feda3df 100644 --- a/helm/crds/ec2.services.k8s.aws_capacityreservations.yaml +++ b/helm/crds/ec2.services.k8s.aws_capacityreservations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: capacityreservations.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_dhcpoptions.yaml b/helm/crds/ec2.services.k8s.aws_dhcpoptions.yaml index 78466ea8..986e789a 100644 --- a/helm/crds/ec2.services.k8s.aws_dhcpoptions.yaml +++ b/helm/crds/ec2.services.k8s.aws_dhcpoptions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: dhcpoptions.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_elasticipaddresses.yaml b/helm/crds/ec2.services.k8s.aws_elasticipaddresses.yaml index 558c59d5..d1b2f176 100644 --- a/helm/crds/ec2.services.k8s.aws_elasticipaddresses.yaml +++ b/helm/crds/ec2.services.k8s.aws_elasticipaddresses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: elasticipaddresses.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_flowlogs.yaml b/helm/crds/ec2.services.k8s.aws_flowlogs.yaml index 01d5c36d..0d4ade6b 100644 --- a/helm/crds/ec2.services.k8s.aws_flowlogs.yaml +++ b/helm/crds/ec2.services.k8s.aws_flowlogs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: flowlogs.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_instances.yaml b/helm/crds/ec2.services.k8s.aws_instances.yaml index bb2f0aec..7efefd22 100644 --- a/helm/crds/ec2.services.k8s.aws_instances.yaml +++ b/helm/crds/ec2.services.k8s.aws_instances.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: instances.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_internetgateways.yaml b/helm/crds/ec2.services.k8s.aws_internetgateways.yaml index edbaadd9..e67e9037 100644 --- a/helm/crds/ec2.services.k8s.aws_internetgateways.yaml +++ b/helm/crds/ec2.services.k8s.aws_internetgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: internetgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_launchtemplates.yaml b/helm/crds/ec2.services.k8s.aws_launchtemplates.yaml index a2de372d..7db9204c 100644 --- a/helm/crds/ec2.services.k8s.aws_launchtemplates.yaml +++ b/helm/crds/ec2.services.k8s.aws_launchtemplates.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: launchtemplates.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_natgateways.yaml b/helm/crds/ec2.services.k8s.aws_natgateways.yaml index e03ecfbe..43762401 100644 --- a/helm/crds/ec2.services.k8s.aws_natgateways.yaml +++ b/helm/crds/ec2.services.k8s.aws_natgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: natgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_networkacls.yaml b/helm/crds/ec2.services.k8s.aws_networkacls.yaml index 062eaf73..3ac31976 100644 --- a/helm/crds/ec2.services.k8s.aws_networkacls.yaml +++ b/helm/crds/ec2.services.k8s.aws_networkacls.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: networkacls.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_routetables.yaml b/helm/crds/ec2.services.k8s.aws_routetables.yaml index cbbdfc2b..91d2acf7 100644 --- a/helm/crds/ec2.services.k8s.aws_routetables.yaml +++ b/helm/crds/ec2.services.k8s.aws_routetables.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: routetables.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_securitygroups.yaml b/helm/crds/ec2.services.k8s.aws_securitygroups.yaml index be3f1706..57cb581b 100644 --- a/helm/crds/ec2.services.k8s.aws_securitygroups.yaml +++ b/helm/crds/ec2.services.k8s.aws_securitygroups.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: securitygroups.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_subnets.yaml b/helm/crds/ec2.services.k8s.aws_subnets.yaml index 72eba7f1..e301e9ff 100644 --- a/helm/crds/ec2.services.k8s.aws_subnets.yaml +++ b/helm/crds/ec2.services.k8s.aws_subnets.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: subnets.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_transitgateways.yaml b/helm/crds/ec2.services.k8s.aws_transitgateways.yaml index f6671d44..fc9e5a9a 100644 --- a/helm/crds/ec2.services.k8s.aws_transitgateways.yaml +++ b/helm/crds/ec2.services.k8s.aws_transitgateways.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: transitgateways.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml b/helm/crds/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml index 9d7c4119..a1e6eb3d 100644 --- a/helm/crds/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml +++ b/helm/crds/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: transitgatewayvpcattachments.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_vpcendpoints.yaml b/helm/crds/ec2.services.k8s.aws_vpcendpoints.yaml index 52edeea7..13524d3d 100644 --- a/helm/crds/ec2.services.k8s.aws_vpcendpoints.yaml +++ b/helm/crds/ec2.services.k8s.aws_vpcendpoints.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcendpoints.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml b/helm/crds/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml index 3a37e101..d4f38e12 100644 --- a/helm/crds/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml +++ b/helm/crds/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcendpointserviceconfigurations.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_vpcpeeringconnections.yaml b/helm/crds/ec2.services.k8s.aws_vpcpeeringconnections.yaml index a7c11a2d..4091a01b 100644 --- a/helm/crds/ec2.services.k8s.aws_vpcpeeringconnections.yaml +++ b/helm/crds/ec2.services.k8s.aws_vpcpeeringconnections.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcpeeringconnections.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/ec2.services.k8s.aws_vpcs.yaml b/helm/crds/ec2.services.k8s.aws_vpcs.yaml index 17292af5..1bf66e5f 100644 --- a/helm/crds/ec2.services.k8s.aws_vpcs.yaml +++ b/helm/crds/ec2.services.k8s.aws_vpcs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: vpcs.ec2.services.k8s.aws spec: group: ec2.services.k8s.aws diff --git a/helm/crds/services.k8s.aws_fieldexports.yaml b/helm/crds/services.k8s.aws_fieldexports.yaml index 49b4f383..6e2c61e6 100644 --- a/helm/crds/services.k8s.aws_fieldexports.yaml +++ b/helm/crds/services.k8s.aws_fieldexports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.2 + controller-gen.kubebuilder.io/version: v0.19.0 name: fieldexports.services.k8s.aws spec: group: services.k8s.aws diff --git a/helm/crds/services.k8s.aws_iamroleselectors.yaml b/helm/crds/services.k8s.aws_iamroleselectors.yaml new file mode 100644 index 00000000..9477c900 --- /dev/null +++ b/helm/crds/services.k8s.aws_iamroleselectors.yaml @@ -0,0 +1,90 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.19.0 + name: iamroleselectors.services.k8s.aws +spec: + group: services.k8s.aws + names: + kind: IAMRoleSelector + listKind: IAMRoleSelectorList + plural: iamroleselectors + singular: iamroleselector + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IAMRoleSelector is the schema for the IAMRoleSelector API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + arn: + type: string + x-kubernetes-validations: + - message: Value is immutable once set + rule: self == oldSelf + namespaceSelector: + description: IAMRoleSelectorSpec defines the desired state of IAMRoleSelector + properties: + labelSelector: + description: LabelSelector is a label query over a set of resources. + properties: + matchLabels: + additionalProperties: + type: string + type: object + required: + - matchLabels + type: object + names: + items: + type: string + type: array + required: + - names + type: object + resourceTypeSelector: + items: + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + type: array + required: + - arn + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 93692f01..d8676084 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/ec2-controller:1.7.0". +This chart deploys "public.ecr.aws/aws-controllers-k8s/ec2-controller:1.7.1". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 73b55946..203e2922 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -126,8 +126,8 @@ rules: - apiGroups: - services.k8s.aws resources: - - adoptedresources - fieldexports + - iamroleselectors verbs: - create - delete @@ -139,8 +139,8 @@ rules: - apiGroups: - services.k8s.aws resources: - - adoptedresources/status - fieldexports/status + - iamroleselectors/status verbs: - get - patch diff --git a/helm/values.yaml b/helm/values.yaml index beac9dcd..9b6968b0 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/ec2-controller - tag: 1.7.0 + tag: 1.7.1 pullPolicy: IfNotPresent pullSecrets: [] @@ -198,4 +198,6 @@ featureGates: # Enable ReadOnlyResources feature/annotation. ReadOnlyResources: true # Enable ResourceAdoption feature/annotation. - ResourceAdoption: true \ No newline at end of file + ResourceAdoption: true + # Enable IAMRoleSelector, a multirole feature, replacing CARM. See https://github.com/aws-controllers-k8s/community/pull/2628 + IAMRoleSelector: false \ No newline at end of file diff --git a/pkg/resource/instance/hooks.go b/pkg/resource/instance/hooks.go index 0c31deb2..a36414c7 100644 --- a/pkg/resource/instance/hooks.go +++ b/pkg/resource/instance/hooks.go @@ -153,7 +153,6 @@ func needsRestart(ko *v1alpha1.Instance) bool { return *ko.Status.State.Name == string(svcsdktypes.InstanceStateNameTerminated) } - func setAdditionalFields(instance svcsdktypes.Instance, ko *v1alpha1.Instance) { ko.Spec.SecurityGroupIDs = []*string{} for _, group := range instance.SecurityGroups { diff --git a/pkg/resource/registry.go b/pkg/resource/registry.go index 3f3aa286..969531dd 100644 --- a/pkg/resource/registry.go +++ b/pkg/resource/registry.go @@ -20,8 +20,8 @@ import ( acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" ) -// +kubebuilder:rbac:groups=services.k8s.aws,resources=adoptedresources,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=services.k8s.aws,resources=adoptedresources/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=services.k8s.aws,resources=iamroleselectors,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=services.k8s.aws,resources=iamroleselectors/status,verbs=get;update;patch // +kubebuilder:rbac:groups=services.k8s.aws,resources=fieldexports,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=services.k8s.aws,resources=fieldexports/status,verbs=get;update;patch // +kubebuilder:rbac:groups="",resources=namespaces,verbs=get;list;watch