Recommended update for aws-iam-authenticator

Announcement ID: SUSE-RU-2022:1913-1
Rating: moderate
References:
Affected Products:
  • openSUSE Leap 15.4
  • Public Cloud Module 15-SP2
  • Public Cloud Module 15-SP1
  • Public Cloud Module 15-SP3
  • Public Cloud Module 15-SP4
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP2
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP4
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server 15 SP2
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server 15 SP4
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP4
  • SUSE Manager Proxy 4.0
  • SUSE Manager Proxy 4.1
  • SUSE Manager Proxy 4.2
  • SUSE Manager Proxy 4.3
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Retail Branch Server 4.1
  • SUSE Manager Retail Branch Server 4.2
  • SUSE Manager Retail Branch Server 4.3
  • SUSE Manager Server 4.0
  • SUSE Manager Server 4.1
  • SUSE Manager Server 4.2
  • SUSE Manager Server 4.3

An update that has one fix can now be installed.

Description:

This update for aws-iam-authenticator fixes the following issues:

  • Update in SLE-15 (bsc#1197703)

  • Update to version 0.5.3

  • Bump Go to 1.15 in Travis (#361)
  • Update aws sdk go v1.37.1 (#360)
  • (arn): validate partition against all partitions returned by the aws sdk (#348)
  • Document AccessKeyId from UserInfo (#332)
  • Support IPv6 listen address (#352)
  • Added user agent to AWS SDK (#359)
  • Remove Chris Hein from OWNERS (#351)
  • Add instructions for the release process (#346)
  • from version 0.5.2
  • Added partition flag (#341)
  • Update link to Kops docs site (#338)
  • Security Improvements on the example yaml (#335)
  • Fix RBAC on example file: service account requires get to ConfigMap (#334)
  • Add AccessKeyID as variable for username (#337)
  • Added server side AWS account ID log redaction (#327)
  • from version 0.5.1
  • Update examples/README (#317)
  • Changelog gen (#318)
  • Fix CRD mapper blocking all others because caches never sync and revamp backend-mode flag (#303)
  • Update aws-sdk-go to version v1.30.0 (#306)
  • Bump k8s.io/ dependencies to 1.16.8 (#305)
  • chown aws-iam-authenticator to avoid permission denied (#302)
  • Indentation and unit test improvements (#298)
  • Adding Rate limiting ec2:DescribeInstances API along with Batching for high TPS (#292)
  • Restrict ClusterRole to readonly IAMIdentityMapping access (#287)
  • added selector to spec and changed from extenstions to apps/v1 (#291)
  • Add AWS AccessKeyID as an extra field in UserInfo (#286)
  • Allow server port customization (#278)
  • from version 0.5.0
  • Remove DNS-1123 validation of usernames and groups (#260)
  • switch to use regional sts endpoint & imdsV2 (#283)
  • Add AWS Access Key ID to log (#282)
  • Require to pass in interface instead of the concrete type (#279)
  • Refactor to allow configurable backends (configmap, eks configmap, crd) (#269)
  • Update go version (#255)
  • Adding session name parameter to TokenGenerator (#272)
  • Rename prometheus metrics to match new project name (#249)
  • Remove inactive approvers, add wongma7 (#266)
  • Update aws-sdk-go to v1.23.11 (257)
  • Added go module download check (#259)
  • Updating goreleaser yaml to fix deprecated options (#252)
  • Remove deprecated language from README (#244)
  • Lowercase ARN inside doMapping and log about it (#239)
  • IAMIdentityMapping CRD Implementation (#116)
  • Adding micahhausler as approver (#237)
  • add support for passing externalID to assume role (#228)
  • Update README.md (#231)
  • Using sigs.k8s.io domain instead of github.com (#223)
  • Refactored EC2 API calls to be testable (#226)
  • Include aws request ID when logging errors (#178)
  • Remove global Go project variables
  • Set GO111MODULE=off to force use of vendored modules
  • Update Go build paths

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4
    zypper in -t patch openSUSE-SLE-15.4-2022-1913=1
  • Public Cloud Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-1913=1
  • Public Cloud Module 15-SP2
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-1913=1
  • Public Cloud Module 15-SP3
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1913=1
  • Public Cloud Module 15-SP4
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-1913=1

Package List:

  • openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    • aws-iam-authenticator-0.5.3-150000.1.6.1
  • Public Cloud Module 15-SP1 (x86_64)
    • aws-iam-authenticator-0.5.3-150000.1.6.1
  • Public Cloud Module 15-SP2 (x86_64)
    • aws-iam-authenticator-0.5.3-150000.1.6.1
  • Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    • aws-iam-authenticator-0.5.3-150000.1.6.1
  • Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    • aws-iam-authenticator-0.5.3-150000.1.6.1

References: