Skip to content

Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
amitlicht merged 3 commits into from
Jan 22, 2025
Merged

Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload #178

amitlicht merged 3 commits into from
Jan 22, 2025

Conversation

@amitlicht
Copy link
Contributor

@amitlicht amitlicht commented Jan 21, 2025
edited
Loading

Description

This PR fixes an issue with the AWS IAM integration, where pods labeled with credentials-operator.otterize.com/create-aws-role were assigned an Otterize-generated IAM role, ignoring the label value. Meaning that if a pod was labeled with credentials-operator.otterize.com/create-aws-role=false, the integration would still create and assign an IAM role for it, possibly overriding any other user-managed role assigned to it.

References

#178
otterize/intents-operator#549

Testing

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR and in github.com/otterize/docs

@amitlicht
Fix bug where the AWS IAM integration would create an IAM role for po…
71197c9 
…ds labeled with 'credentials-operator.otterize.com/create-aws-role=false'
@amitlicht amitlicht mentioned this pull request Jan 21, 2025
Merged
2 tasks
@amitlicht amitlicht changed the title Fix AWS IAM integration creating an IAM role for pods labeled with 'credentials-operator.otterize.com/create-aws-role=false' Fix bug where AWS IAM roles could be created when they should not have been Jan 21, 2025
@amitlicht amitlicht requested a review from omris94 January 21, 2025 18:46
@orishoshan orishoshan changed the title Fix bug where AWS IAM roles could be created when they should not have been Fix bug where AWS IAM roles could be created even when disabled for a particular workload Jan 21, 2025
@orishoshan orishoshan changed the title Fix bug where AWS IAM roles could be created even when disabled for a particular workload Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload Jan 21, 2025
@amitlicht amitlicht merged commit 9b12040 into main Jan 22, 2025
12 checks passed
@amitlicht amitlicht deleted the amitlicht/check_apply_on_pod_label_value branch January 22, 2025 09:19
@github-actions github-actions bot locked and limited conversation to collaborators Jan 22, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@omris94 omris94 omris94 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@amitlicht @omris94