github crossplane-contrib/provider-aws v0.22.0
on GitHub

latest releases: v0.48.1, v0.48.0, v0.49.0-rc.0...
2 years ago

Breaking Changes

IAM Resources

All IAM resources used to reside in identity group and they had prefixed names like IAMRole. In this release, all of them moved to a new group called iam and renamed to drop the prefix, i.e. IAMRole -> Role. In addition, all of them are now v1beta1 resources.

This change won't affect your existing resources immediately but no controllers will be watching the old custom resources. Please follow this migration guide to migrate to the new APIs: https://github.com/crossplane/provider-aws/blob/master/cluster/UPGRADE.md#upgrade-from-v021x-to-v022x

Affected resources:

  • identity.IAMRole
  • identity.IAMUser
  • identity.IAMPolicy
  • identity.IAMAccessKey
  • identity.IAMGroup
  • identity.IAMUserPolicyAttachment
  • identity.IAMGroupPolicyAttachment
  • identity.IAMRolePolicyAttachment
  • identity.IAMGroupUserMembership
  • identity.OpenIDConnectProvider

Several Resources to v1beta1

These resources have been upgraded to v1beta1 version but the conversion will happen automatically. The only schema change is that we have removed spec.forProvider.renewCertificate field of Certificate since it wasn't working properly and is hard to get right in a declarative manner that we can support in v1beta1.

It's strongly suggested to use /v1beta1 version suffix for apiVersion field of your YAML files, including base templates in your Compositions, as soon as possible.

The full list:

  • acm.Certificate
  • acmpca.CertificateAuthority
  • acmpca.CertificateAuthorityPermission
  • ec2.VPCCIDRBlock
  • ecr.Repository
  • ecr.RepositoryPolicy
  • eks.FargateProfile
  • iam.User
  • iam.Policy
  • iam.AccessKey
  • iam.Group
  • iam.UserPolicyAttachment
  • iam.GroupPolicyAttachment
  • iam.GroupUserMembership
  • iam.OpenIDConnectProvider

New CRDs!

In v0.22.0, there are a couple of new CRDs that are ready to use:

New Authentication Method

Now you can specify a IAM Role ARN in ProviderConfig that the AWS client can assume by using the provided credentials and act on behalf of that given IAMRole! See https://doc.crds.dev/github.com/crossplane/provider-aws/aws.crossplane.io/ProviderConfig/v1beta1@v0.22.0#spec-assumeRoleARN

What's Changed

  • Key alias fix by @muvaf in #950
  • github: add release issue by @muvaf in #949
  • iam.rolepolicyattachment: clean up old code that duplicates functionality from runtime by @muvaf in #954
  • Implements private nat-gateway by @haarchri in #884
  • Manually late-init CloudFront Distributions by @negz in #952
  • fix s3 nil paymentConfiguration preventing bucket from being ready by @smcavallo in #916
  • fix s3 notificationConfiguration by @smcavallo in #917
  • S3 test nitpicks by @negz in #963
  • support for s3 replicationConfiguration with delete marker enabled (and fixes) by @smcavallo in #911
  • ec2.securitygroup: fix add, implement revoke/update ingress and egress rules by @chlunde in #631
  • Accomodate DynamoDB API's implied defaults by @negz in #973
  • feat(route53resolver): added postObserve status by @haarchri in #967
  • Added tags for iam policy by @ra-grover in #931
  • observe iampolicy which already exists by @smcavallo in #930
  • identity.iampolicy: Disable gocyclo after two merges broke CI by @chlunde in #978
  • rdsinstance: Use ResourceLateInitialized from crossplane-runtime by @chlunde in #833
  • fix(nat): make tagSpecification optional to fits nat-gateway without tags by @haarchri in #899
  • feat(bottlerocket): added informations for eks-bottlerocket-nodegroup by @haarchri in #898
  • Actually cache the go build cache between CI runs by @hasheddan in #986
  • feat(rds): #984 added ref and selector for *parameterGroup by @haarchri in #987
  • Servicediscovery delete fix by @stevendborrelli in #988
  • add basic install command by @nicgrayson in #983
  • fix(fmt): #988 fix gofmt-servicediscovery by @haarchri in #990
  • Fixing constantly update requests problem of replicationgroup by @sergenyalcin in #981
  • Ignore fields in glue.Crawler and lambda.Function that block code-generator bump by @muvaf in #992
  • upgrade to aws-sdk-go-v2 - 2021-11-06 by @smcavallo in #921
  • Bump ec2.vpccidrblock, ecr.repository, ecr.repositorypolicy and eks.fargateprofile to v1beta1 by @muvaf in #994
  • Upgrading to latest code-generator commit by @AaronME in #920
  • fix(cleanup): rerun generator after #920 merge by @haarchri in #998
  • feat(rds): added rds-apply-immediately field by @haarchri in #888
  • Bump Certificate, CertificateAuthority and CertificateAuthorityPermission to v1beta1 by @muvaf in #995
  • Move all IAM resources to iam group and bump all of them to v1beta1 by @muvaf in #996
  • assumeRoleARN for ProviderConfig by @haarchri in #912
  • Implement Cloudfront Origin Access Identity by @stevendborrelli in #929
  • Implements EC2 Volume by @haarchri in #771
  • feat(tgw): added ec2 tgw & tgw-vpc-attachment by @haarchri in #831

New Contributors

Full Changelog: v0.21.2...v0.22.0

Check out latest releases or
releases around crossplane-contrib/provider-aws v0.22.0

Don't miss a new provider-aws release

NewReleases is sending notifications on new releases.

Get notifications