Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(InstanceProfile): Add IAM InstanceProfile Managed Resource #1159

Merged
merged 4 commits into from Mar 8, 2022
Merged

feat(InstanceProfile): Add IAM InstanceProfile Managed Resource #1159

merged 4 commits into from Mar 8, 2022

Conversation

ytsarev
Copy link
Contributor

@ytsarev ytsarev commented Feb 20, 2022

Description of your changes

This PR adds support for IAM InstanceProfile including the IAM role association.

Caveats:

Fixes #1064

Depends on #1122 to be merged first.

I have:

  • Read and followed Crossplane's [contribution process].
  • Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

e2e:

k apply -f examples/iam/roleforinstanceprofile.yaml  
k apply -f examples/iam/instanceprofile.yaml

k get instanceprofiles.iam.aws.crossplane.io                                                                                                    
NAME                  READY   SYNCED   EXTERNAL-NAME
someinstanceprofile   True    True     someinstanceprofile

aws iam get-instance-profile --instance-profile-name someinstanceprofile                                                                         ✔ 
{
    "InstanceProfile": {
        "Path": "/",
        "InstanceProfileName": "someinstanceprofile",
        "InstanceProfileId": "AIPAY4AFTTSETG45HA4XQ",
        "Arn": "arn:aws:iam::xxx:instance-profile/someinstanceprofile",
        "CreateDate": "2022-02-18T15:47:05Z",
        "Roles": [
            {
                "Path": "/",
                "RoleName": "somerole",
                "RoleId": "AROAY4AFTTSE2QO5XMMRU",
                "Arn": "arn:aws:iam::xxxx:role/somerole",
                "CreateDate": "2022-02-18T15:46:49Z",
                "AssumeRolePolicyDocument": {
                    "Version": "2012-10-17",
                    "Statement": [
                        {
                            "Effect": "Allow",
                            "Principal": {
                                "Service": [
                                    "s3.amazonaws.com",
                                    "lambda.amazonaws.com",
                                    "eks-fargate-pods.amazonaws.com",
                                    "ec2.amazonaws.com",
                                    "eks.amazonaws.com"
                                ]
                            },
                            "Action": "sts:AssumeRole"
                        }
                    ]
                }
            }
        ],
        "Tags": [
            {
                "Key": "k1",
                "Value": "v1"
            }
        ]
    }
}

@ytsarev ytsarev force-pushed the instanceprofile-rebased branch 2 times, most recently from 240cc0d to a048ea3 Compare February 20, 2022 23:17
@ytsarev ytsarev mentioned this pull request Feb 26, 2022
Merged
2 tasks
@haarchri
Copy link
Member

haarchri commented Mar 7, 2022

@ytsarev can you rebase ? ;) sdk bump is done

@ytsarev
InstanceProfile ACK generation
1150487 
Regenerate without Region

Commit iam generator-config

make generate result

Setup Controller and Register CRD

Fix imports and compile

Regenerate not requiring InstanceProfileName within the spec

Fix externalname and readiness, provide example

Generate rolereference

Fix field capitalization

Hook into postCreate to call AddRoleToInstanceProfile

Handle deletion and update examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Fix linting
ef890f7 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Rebase with crossplane-contrib#1122, make reviewable green
f5e5a2a 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Copy link
Contributor Author

ytsarev commented Mar 7, 2022

@haarchri that's amazing, thanks! PR is rebased :)

haarchri
haarchri reviewed Mar 7, 2022
View reviewed changes
Copy link
Member

@haarchri haarchri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added a few code comments - think its better to use svcsdkapi.IAMAPI like in other provider-aws resource implementations and call add/removeRoleFromInstanceProfileWithContext what do you think @ytsarev

in general the creation / deletion is working =)

pkg/controller/iam/instanceprofile/setup.go Outdated Show resolved Hide resolved
pkg/controller/iam/instanceprofile/setup.go Outdated Show resolved Hide resolved
pkg/controller/iam/instanceprofile/setup.go Show resolved Hide resolved
pkg/controller/iam/instanceprofile/setup.go Outdated Show resolved Hide resolved
pkg/controller/iam/instanceprofile/setup.go Show resolved Hide resolved
@ytsarev @haarchri
Apply suggestions from code review
24c367e 
Co-authored-by: Christopher Haar <chhaar30@googlemail.com>
Signed-off-by: Yury Tsarev <yury@upbound.io>
haarchri
haarchri approved these changes Mar 8, 2022
View reviewed changes
Copy link
Member

@haarchri haarchri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - thanks @ytsarev

@haarchri haarchri merged commit c548fa8 into crossplane-contrib:master Mar 8, 2022
ytsarev added a commit to ytsarev/provider-aws that referenced this pull request Mar 8, 2022
@ytsarev
fix(InstanceProfile): follow up fix of crossplane-contrib#1159
57dd6a1 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev ytsarev mentioned this pull request Mar 8, 2022
Merged
2 tasks
haarchri added a commit that referenced this pull request Mar 8, 2022
@haarchri
Merge pull request #1194 from ytsarev/instanceprofile-followup
2cb06d8 
fix(InstanceProfile): follow up fix of #1159
tektondeploy pushed a commit to gtn3010/provider-aws that referenced this pull request Mar 12, 2024
@ulucinar
Merge pull request crossplane-contrib#1159 from ulucinar/bump-crosspl…
069ec0a 
…ane-runtime

Bump crossplane-runtime to commit 7fcb8c5cad6f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haarchri haarchri haarchri approved these changes

@ezgidemirel ezgidemirel Awaiting requested review from ezgidemirel

@ulucinar ulucinar Awaiting requested review from ulucinar

@muvaf muvaf Awaiting requested review from muvaf

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add InstanceProfile CRD
2 participants
@ytsarev @haarchri