From 8d4e94bdecdf49fe4521fd743dda1a39dfa3071c Mon Sep 17 00:00:00 2001 From: 7navyasa Date: Thu, 21 Sep 2023 10:11:49 +1000 Subject: [PATCH 1/6] management policies addition --- bootstrap/terraform/providers/aws-upbound/controller-config.yaml | 1 + bootstrap/terraform/providers/aws/controller-config.yaml | 1 + bootstrap/terraform/providers/kubernetes/controller-config.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/bootstrap/terraform/providers/aws-upbound/controller-config.yaml b/bootstrap/terraform/providers/aws-upbound/controller-config.yaml index 6806bfd8..351d1e92 100644 --- a/bootstrap/terraform/providers/aws-upbound/controller-config.yaml +++ b/bootstrap/terraform/providers/aws-upbound/controller-config.yaml @@ -11,3 +11,4 @@ spec: fsGroup: 2000 args: - --debug + - --enable-management-policies diff --git a/bootstrap/terraform/providers/aws/controller-config.yaml b/bootstrap/terraform/providers/aws/controller-config.yaml index ea416165..4fe55ff5 100644 --- a/bootstrap/terraform/providers/aws/controller-config.yaml +++ b/bootstrap/terraform/providers/aws/controller-config.yaml @@ -9,3 +9,4 @@ spec: fsGroup: 2000 args: - --debug + - --enable-management-policies diff --git a/bootstrap/terraform/providers/kubernetes/controller-config.yaml b/bootstrap/terraform/providers/kubernetes/controller-config.yaml index ebb41ac7..5544bce4 100644 --- a/bootstrap/terraform/providers/kubernetes/controller-config.yaml +++ b/bootstrap/terraform/providers/kubernetes/controller-config.yaml @@ -6,3 +6,4 @@ spec: serviceAccountName: ${sa-name} args: - --debug + - --enable-management-policies \ No newline at end of file From 5289e4e9ebad0a8911189d64cad040e5440f3113 Mon Sep 17 00:00:00 2001 From: 7navyasa Date: Thu, 21 Sep 2023 16:45:32 +1000 Subject: [PATCH 2/6] management policies removal from K8-provider --- .../terraform/providers/kubernetes/controller-config.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/bootstrap/terraform/providers/kubernetes/controller-config.yaml b/bootstrap/terraform/providers/kubernetes/controller-config.yaml index 5544bce4..17cf9465 100644 --- a/bootstrap/terraform/providers/kubernetes/controller-config.yaml +++ b/bootstrap/terraform/providers/kubernetes/controller-config.yaml @@ -5,5 +5,4 @@ metadata: spec: serviceAccountName: ${sa-name} args: - - --debug - - --enable-management-policies \ No newline at end of file + - --debug \ No newline at end of file From b3ad66ff27358d5f89edaabfa7a26745959c293b Mon Sep 17 00:00:00 2001 From: 7navyasa Date: Sun, 22 Oct 2023 22:47:55 +1100 Subject: [PATCH 3/6] load balancer controller addition --- bootstrap/terraform/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index b3b3bdc5..a1c3e89c 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -147,6 +147,7 @@ module "eks_blueprints_addons" { enable_gatekeeper = true enable_metrics_server = true enable_kube_prometheus_stack = true + enable_aws_load_balancer_controller = true kube_prometheus_stack = { values = [yamlencode({ prometheus = { From 1e0b31363777ed5abbcdf171c1696928d2717c0f Mon Sep 17 00:00:00 2001 From: 7navyasa Date: Mon, 15 Jan 2024 23:52:47 +1100 Subject: [PATCH 4/6] updating policy to access global and local index --- .../upbound-aws-provider/iam-policy/dynamodb-write.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml b/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml index 25f85c56..6fe5182b 100644 --- a/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml +++ b/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml @@ -1,5 +1,5 @@ # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: MIT-0 apiVersion: apiextensions.crossplane.io/v1 kind: Composition @@ -55,6 +55,7 @@ spec: variables: - fromFieldPath: spec.resourceArn - fromFieldPath: spec.resourceArn + - fromFieldPath: spec.resourceArn strategy: string string: fmt: | @@ -81,16 +82,17 @@ spec: "dynamodb:BatchGet*", "dynamodb:DescribeStream", "dynamodb:DescribeTable", - "dynamodb:Get*", "dynamodb:Query", "dynamodb:Scan", "dynamodb:BatchWrite*", "dynamodb:CreateTable", "dynamodb:Delete*", "dynamodb:Update*", + "dynamodb:GetItem", "dynamodb:PutItem" ], "Resource": [ + "%s/*", "%s" ] } From 135843626c5685ed1e5325cca99ba6cbf03d149e Mon Sep 17 00:00:00 2001 From: 7navyasa <140163168+7navyasa@users.noreply.github.com> Date: Wed, 17 Jan 2024 10:04:40 +1100 Subject: [PATCH 5/6] Update dynamodb-write.yaml license --- .../upbound-aws-provider/iam-policy/dynamodb-write.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml b/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml index 6fe5182b..a061da6d 100644 --- a/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml +++ b/compositions/upbound-aws-provider/iam-policy/dynamodb-write.yaml @@ -1,5 +1,5 @@ # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -# SPDX-License-Identifier: MIT-0 +# SPDX-License-Identifier: Apache-2.0 apiVersion: apiextensions.crossplane.io/v1 kind: Composition From 94b3248b7e1344a152cc89d7e233308f836c3696 Mon Sep 17 00:00:00 2001 From: 7navyasa Date: Tue, 7 May 2024 20:46:09 +1000 Subject: [PATCH 6/6] updating required ddb gsi parameter --- compositions/upbound-aws-provider/dynamo-irsa/definition.yaml | 4 ---- compositions/upbound-aws-provider/dynamodb/definition.yaml | 4 ---- 2 files changed, 8 deletions(-) diff --git a/compositions/upbound-aws-provider/dynamo-irsa/definition.yaml b/compositions/upbound-aws-provider/dynamo-irsa/definition.yaml index ff1ee699..7387169c 100644 --- a/compositions/upbound-aws-provider/dynamo-irsa/definition.yaml +++ b/compositions/upbound-aws-provider/dynamo-irsa/definition.yaml @@ -106,11 +106,7 @@ spec: required: - hashKey - name - - rangeKey - - readCapacity - - writeCapacity - projectionType - - nonKeyAttributes type: array localSecondaryIndex: items: diff --git a/compositions/upbound-aws-provider/dynamodb/definition.yaml b/compositions/upbound-aws-provider/dynamodb/definition.yaml index 4c259620..70b868e0 100644 --- a/compositions/upbound-aws-provider/dynamodb/definition.yaml +++ b/compositions/upbound-aws-provider/dynamodb/definition.yaml @@ -102,11 +102,7 @@ spec: required: - hashKey - name - - rangeKey - - readCapacity - - writeCapacity - projectionType - - nonKeyAttributes type: array localSecondaryIndex: items: