K8s controller to manage the aws-auth configmap

Last update: Jun 19, 2022

Related tags

Overview

aws-auth-manager

A kuberneres controller to manage the aws-auth configmap in EKS using a new AWSAuthItem CRD.

The aws-auth configmap is used to give RBAC access to IAM users and roles. Because it is a single object, it makes complicated to add and remove entries from multiple sources.

The aws-auth-manager provides the ability to define multiple AWSAuthItem objects that will be merged to create thew aws-auth configmap.

Example `spec`

apiVersion: aws.maruina.k8s/v1alpha1
kind: AWSAuthItem
metadata:
  name: example-one
spec:
  mapRoles:
    - rolearn: arn:aws:iam::111122223333:role/eksctl-my-cluster-nodegroup-standard-wo-NodeInstanceRole-1WP3NUE3O6UCF
      username: system:node:{{EC2PrivateDNSName}}
      groups:
        - system:bootstrappers
        - system:nodes
  mapUsers:
    - userarn: arn:aws:iam::111122223333:user/admin
      username: admin
      groups:
        - system:masters
    - userarn: arn:aws:iam::111122223333:user/ops-user
      username: ops-user
      groups:
        - system:masters

TODO

Add validation webhook for roleArn and userArn
More test cases?
Helm chart
Release

Issues

Update module k8s.io/client-go to v1
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | k8s.io/client-go | require | major | v0.22.4 -> v1.5.2 |

Release Notes

kubernetes/client-go

v1.5.2

Compare Source

v1.5.1

Compare Source

v1.5.0

Compare Source

Included the auth plugin (https://github.com/kubernetes/kubernetes/pull/33334)

Added timeout field to RESTClient config (https://github.com/kubernetes/kubernetes/pull/33958)

v1.4.0

Compare Source

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.
dependencies
opened by renovate[bot] 3
Update module k8s.io/client-go to v1
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | k8s.io/client-go | require | major | v0.23.0 -> v1.5.2 |

Release Notes

kubernetes/client-go

v1.5.2

Compare Source

v1.5.1

Compare Source

v1.5.0

Compare Source

Included the auth plugin (https://github.com/kubernetes/kubernetes/pull/33334)

Added timeout field to RESTClient config (https://github.com/kubernetes/kubernetes/pull/33958)

v1.4.0

Compare Source

v0.23.1

Compare Source

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.
dependencies
opened by renovate[bot] 2
Update golang Docker tag to v1.17 - autoclosed
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | golang | stage | minor | 1.16 -> 1.17 |

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.
dependencies
opened by renovate[bot] 1
Update azure/setup-helm action to v2.2
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | azure/setup-helm | action | minor | v2.1 -> v2.2 |

Release Notes

azure/setup-helm

v2.2

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update module sigs.k8s.io/controller-runtime to v0.12.2
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | sigs.k8s.io/controller-runtime | require | patch | v0.12.1 -> v0.12.2 |

Release Notes

kubernetes-sigs/controller-runtime

v0.12.2

Compare Source

changes since v0.12.1

:sparkles: New Features

Allow TLS to be entirely configured on webhook server (#1914)

:bug: Bug Fixes

Fix webhook write response error for broken HTTP connection (#1931)

Fix issue with starting multiple test envs (#1913)

don't override global log in builder (#1911)

Thanks to all our contributors!

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update kubernetes packages to v0.24.2
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | k8s.io/api | require | patch | v0.24.1 -> v0.24.2 | | k8s.io/apimachinery | require | patch | v0.24.1 -> v0.24.2 | | k8s.io/client-go | require | patch | v0.24.1 -> v0.24.2 |

Release Notes

kubernetes/api

v0.24.2

Compare Source

kubernetes/client-go

v0.24.2

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update helm/kind-action action to v1.3.0
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | helm/kind-action | action | minor | v1.2.0 -> v1.3.0 |

Release Notes

helm/kind-action

v1.3.0

Compare Source

What's Changed

fix: #44 - Allow to configure kubectl version to use by @grzesuav in https://github.com/helm/kind-action/pull/45

fix minor typo by @goshlanguage in https://github.com/helm/kind-action/pull/47

Update kind to v0.12.0 and default k8s version to v1.21.10 by @cpanato in https://github.com/helm/kind-action/pull/58

Bump actions/checkout from 2 to 3 by @dependabot in https://github.com/helm/kind-action/pull/59

Support bash before v4.4 by @gjkim42 in https://github.com/helm/kind-action/pull/52

Update kind.sh to allow arm runners by @JorTurFer in https://github.com/helm/kind-action/pull/55

allow to omit cluster creation by @CezaryTarnowski-TomTom in https://github.com/helm/kind-action/pull/50

resolve --log-level deprecation and replace to --verbosity by @cpanato in https://github.com/helm/kind-action/pull/64

New Contributors

@grzesuav made their first contribution in https://github.com/helm/kind-action/pull/45

@goshlanguage made their first contribution in https://github.com/helm/kind-action/pull/47

@dependabot made their first contribution in https://github.com/helm/kind-action/pull/59

@gjkim42 made their first contribution in https://github.com/helm/kind-action/pull/52

@JorTurFer made their first contribution in https://github.com/helm/kind-action/pull/55

@CezaryTarnowski-TomTom made their first contribution in https://github.com/helm/kind-action/pull/50

Full Changelog: https://github.com/helm/kind-action/compare/v1.2.0...v1.3.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update actions/setup-python action to v4
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | actions/setup-python | action | major | v3.1.2 -> v4.0.0 |

Release Notes

actions/setup-python

v4.0.0

Compare Source

What's Changed

Support for python-version-file input: #336

Example of usage:

- uses: actions/[email protected] with: python-version-file: '.python-version' # Read python version from a file - run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/[email protected] with: python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility - run: python my_script.py

RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

Bugfix: create missing pypyX.Y symlinks: #347

PKG_CONFIG_PATH environment variable: #400

Added python-path output: #405 python-path output contains Python executable path.

Updated zeit/ncc to vercel/ncc package: #393

Bugfix: fixed output for prerelease version of poetry: #409

Made pythonLocation environment variable consistent for Python and PyPy: #418

Bugfix for 3.x-dev syntax: #417

Other improvements: #318 #396 #384 #387 #388

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update module github.com/aws/aws-sdk-go-v2 to v1.16.5
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | github.com/aws/aws-sdk-go-v2 | require | patch | v1.16.4 -> v1.16.5 |

Release Notes

aws/aws-sdk-go-v2

v1.16.5

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update kubernetes packages to v0.24.1
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | k8s.io/api | require | patch | v0.24.0 -> v0.24.1 | | k8s.io/apimachinery | require | patch | v0.24.0 -> v0.24.1 | | k8s.io/client-go | require | patch | v0.24.0 -> v0.24.1 |

Release Notes

kubernetes/api

v0.24.1

Compare Source

kubernetes/apimachinery

v0.24.1

Compare Source

kubernetes/client-go

v0.24.1

Compare Source

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update docker/setup-qemu-action action to v2
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | docker/setup-qemu-action | action | major | v1 -> v2 |

Release Notes

docker/setup-qemu-action

v2

Compare Source

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update azure/setup-helm action to v3
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | azure/setup-helm | action | major | v2.2 -> v3.0 |

Release Notes

azure/setup-helm

v3.0

Compare Source

Node16 release of this action

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Update module github.com/fluxcd/pkg/apis/meta to v0.14.2
This PR contains the following updates:

| Package | Type | Update | Change | |---|---|---|---| | github.com/fluxcd/pkg/apis/meta | require | minor | v0.10.2 -> v0.14.2 |

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled due to failing status checks.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.
dependencies
opened by renovate[bot] 0
Dependency Dashboard
This issue provides visibility into Renovate updates and their statuses. Learn more

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

[ ] Update module github.com/fluxcd/pkg/apis/meta to v0.14.2

[ ] Update azure/setup-helm action to v3

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

[ ] Update dependency golang to v1.18

[ ] Update module k8s.io/client-go to v1

Detected dependencies

dockerfile

Dockerfile

golang 1.17

gcr.io/distroless/static nonroot

github-actions

.github/workflows/code-quality.yaml

actions/checkout v3.0.2

actions/setup-go v3

github/codeql-action v2

github/codeql-action v2

.github/workflows/lint.yaml

actions/checkout v3.0.2

actions/setup-go v3

golangci/golangci-lint-action v3.2.0

.github/workflows/release-artifacts.yaml

actions/checkout v3.0.2

actions/setup-go v3

docker/metadata-action v4

docker/login-action v2.0.0

docker/build-push-action v3.0.0

.github/workflows/release-notes.yaml

release-drafter/release-drafter v5

.github/workflows/test-build.yaml

actions/checkout v3.0.2

actions/setup-go v3

helm/kind-action v1.3.0

.github/workflows/test-docker-build.yaml

actions/checkout v3.0.2

actions/setup-go v3

docker/setup-qemu-action v2

docker/setup-buildx-action v2

docker/metadata-action v4

docker/login-action v2.0.0

docker/build-push-action v3.0.0

.github/workflows/test-e2e.yaml

actions/checkout v3.0.2

actions/setup-go v3

.github/workflows/test-helm.yaml

actions/checkout v3.0.2

actions/setup-go v3

azure/setup-helm v2.2

actions/setup-python v4.0.0

helm/chart-testing-action v2.2.1

helm/kind-action v1.3.0

actions/checkout v3.0.2

jnorwood/helm-docs v1.10.0

gomod

go.mod

github.com/aws/aws-sdk-go-v2 v1.16.5

github.com/fluxcd/pkg/apis/meta v0.10.2

github.com/onsi/ginkgo v1.16.5

github.com/onsi/gomega v1.19.0

k8s.io/api v0.24.2

k8s.io/apimachinery v0.24.2

k8s.io/client-go v0.24.2

sigs.k8s.io/controller-runtime v0.12.2

sigs.k8s.io/yaml v1.3.0

helm-values

charts/aws-auth-manager/values.yaml

ghcr.io/maruina/aws-auth-manager

kustomize

config/manager/kustomization.yaml

ghcr.io/maruina/aws-auth-manager latest

[ ] Check this box to trigger a request for Renovate to run again on this repository
opened by renovate[bot] 0

Owner

Matteo Ruina

Engineer at @Skyscanner

GitHub Repository

vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault.

vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault. Create user accounts, add TOTP tokens (user supplied pin + totp), and have peace of mind using 2FA.

0 Jul 30, 2021

Gets Firebase auth tokens (for development purposes only)Gets Firebase auth tokens

Firebase Token Gets Firebase auth tokens (for development purposes only) Getting started Create Firebase project Setup Firebase authentication Setup G

1 Nov 17, 2021

Provides AWS STS credentials based on Google Apps SAML SSO auth with interactive GUI support

What's this This command-line tool allows you to acquire AWS temporary (STS) credentials using Google Apps as a federated (Single Sign-On, or SSO) pro

33 Jun 3, 2022

The boss of http auth.

Authboss Authboss is a modular authentication system for the web. It has several modules that represent authentication and authorization features that

3.1k Jun 29, 2022

Validate Django auth session in Golang

GoDjangoSession Valid for django 3.0.5 Usage: package main import ( "encoding/base64" "fmt" "session/auth" "github.com/Kuzyashin/GoDjangoSession"

26 Feb 13, 2022

Golang Mongodb Jwt Auth Example Using Echo

Golang Mongodb Jwt Auth Example Using Echo Golang Mongodb Rest Api Example Using Echo Prerequisites Golang 1.16.x Docker 19.03+ Docker Compose 1.25+ I

7 Jun 10, 2022

Durudex Auth Service

⚡️ Durudex Auth Service Durudex Auth Service ?? Prerequisites Go 1.17 migrate grpc ⚙️ Build & Run Create an .env file in the root directory and add th

11 May 18, 2022

Figma Auth service for Haiku Animator

Figma Auth service for Haiku Animator In order to use Haiku Animator's Figma integration, a service must be running to perform OAuth2 token exchange.

3 Feb 28, 2022

Golang Kalkancrypt Wrapper - simple digital signature auth service

Golang Kalkancrypt Wrapper WIP ⭐ Star on GitHub — it motivates me a lot! Overview Golang Kalkancrypt Wrapper - это простой веб-сервис для аутентификац

53 Jun 22, 2022

Run multiple auth functions by relation

Relation Run multiple auth functions by relation. Signatures func New(relation string, conditions ...func(c *fiber.Ctx) bool) fiber.Handler Import imp

4 Oct 31, 2021

Auth Middleware for session & white-listed routing

2 Nov 4, 2021

Auth Go microservice for managing authentication sessions

cryptomath-go-auth Auth Go microservice for managing authentication sessions. Install dependencies $ make deps Build $ make vendor $ make build Databa

0 Mar 4, 2022

HTTP-server-with-auth# HTTP Server With Authentication

HTTP-server-with-auth# HTTP Server With Authentication Introduction You are to use gin framework package and concurrency in golang and jwt-go to imple

12 May 12, 2022

Auth microservice for PRPO subject at UNI LJ

prpo-auth microservice This repository contains a source code for user management microservice used in a demo project developed under PRPO subject at

0 Jan 7, 2022

JWT Auth in Golang

Credits This package used github.com/dgrijalva/jwt-go underhood and it heavily based on this post: http://www.inanzzz.com/index.php/post/kdl9/creating

0 Dec 12, 2021

Nsq http auth service for golang

nsq-auth nsq http auth service ./nsq-auth -h Usage: 2021/12/25 17:10:56 Usage:

10 Jun 9, 2022

Go Trakt Device Auth Library

A Go library to allow an end user to authorize a third-party Trakt application access to their account using the device method.

0 Jan 7, 2022

Auth: a simple signup api for golang

auth This is a simple signup api You can access the db.go file and change the database credentials to your local postgres credentials. To run it prope

0 Jan 16, 2022

Goal: Develop a Go start auth starter without Gin framework

Goal: Develop a Go start auth starter without Gin framework and learn along the

2 Feb 1, 2022

K8s controller to manage the aws-auth configmap

Related tags

Overview

aws-auth-manager

Example spec

TODO

Issues

Release Notes

Configuration

Release Notes

Configuration

Configuration

Release Notes

Configuration

Release Notes

:sparkles: New Features

:bug: Bug Fixes

Configuration

Release Notes

Configuration

Release Notes

What's Changed

New Contributors

Configuration

Release Notes

What's Changed

Configuration

Release Notes

Configuration

Release Notes

Configuration

Release Notes

Configuration

Release Notes

Configuration

Configuration

Open

Ignored or Blocked

Detected dependencies

Owner

Matteo Ruina

vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault.

Gets Firebase auth tokens (for development purposes only)Gets Firebase auth tokens

Provides AWS STS credentials based on Google Apps SAML SSO auth with interactive GUI support

The boss of http auth.

Validate Django auth session in Golang

Golang Mongodb Jwt Auth Example Using Echo

Durudex Auth Service

Figma Auth service for Haiku Animator

Golang Kalkancrypt Wrapper - simple digital signature auth service

Run multiple auth functions by relation

Auth Middleware for session & white-listed routing

Auth Go microservice for managing authentication sessions

HTTP-server-with-auth# HTTP Server With Authentication

Auth microservice for PRPO subject at UNI LJ

JWT Auth in Golang

Nsq http auth service for golang

Go Trakt Device Auth Library

Auth: a simple signup api for golang

Goal: Develop a Go start auth starter without Gin framework

Example `spec`