Skip to content

Commit

Permalink
Backport secure VPC default SG change
Browse files Browse the repository at this point in the history
  • Loading branch information
@fiunchinho
fiunchinho committed Dec 21, 2023
1 parent bf8b0a5 commit 77e1cb8
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 45 deletions.
19 changes: 8 additions & 11 deletions ...plane/patches/versions/v1beta1/awsmanagedcontrolplanes.controlplane.cluster.x-k8s.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -372,19 +372,13 @@
type: string
description: Tags is a collection of tags describing the resource.
type: object
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# required:
# - id
required:
- id
type: object
type: array
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# x-kubernetes-list-map-keys:
# - id
# x-kubernetes-list-type: map
x-kubernetes-list-map-keys:
- id
x-kubernetes-list-type: map
vpc:
description: VPC configuration.
properties:
Expand Down Expand Up @@ -450,6 +444,9 @@
description: PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool.
type: string
type: object
secureDefaultVPCSecurityGroup:
description: SecureDefaultVPCSecurityGroup specifies whether the default VPC security group ingress and egress rules should be removed.
type: boolean
tags:
additionalProperties:
type: string
Expand Down
19 changes: 8 additions & 11 deletions ...plane/patches/versions/v1beta2/awsmanagedcontrolplanes.controlplane.cluster.x-k8s.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -368,19 +368,13 @@
type: string
description: Tags is a collection of tags describing the resource.
type: object
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# required:
# - id
required:
- id
type: object
type: array
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# x-kubernetes-list-map-keys:
# - id
# x-kubernetes-list-type: map
x-kubernetes-list-map-keys:
- id
x-kubernetes-list-type: map
vpc:
description: VPC configuration.
properties:
Expand Down Expand Up @@ -446,6 +440,9 @@
description: PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool.
type: string
type: object
secureDefaultVPCSecurityGroup:
description: SecureDefaultVPCSecurityGroup specifies whether the default VPC security group ingress and egress rules should be removed.
type: boolean
tags:
additionalProperties:
type: string
Expand Down
19 changes: 8 additions & 11 deletions .../infrastructure/patches/versions/v1beta2/awsclusters.infrastructure.cluster.x-k8s.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -356,19 +356,13 @@
type: string
description: Tags is a collection of tags describing the resource.
type: object
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# required:
# - id
required:
- id
type: object
type: array
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# x-kubernetes-list-map-keys:
# - id
# x-kubernetes-list-type: map
x-kubernetes-list-map-keys:
- id
x-kubernetes-list-type: map
vpc:
description: VPC configuration.
properties:
Expand Down Expand Up @@ -434,6 +428,9 @@
description: PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool.
type: string
type: object
secureDefaultVPCSecurityGroup:
description: SecureDefaultVPCSecurityGroup specifies whether the default VPC security group ingress and egress rules should be removed.
type: boolean
tags:
additionalProperties:
type: string
Expand Down
19 changes: 8 additions & 11 deletions ...ructure/patches/versions/v1beta2/awsclustertemplates.infrastructure.cluster.x-k8s.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -375,19 +375,13 @@
type: string
description: Tags is a collection of tags describing the resource.
type: object
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# required:
# - id
required:
- id
type: object
type: array
# While we migrate workload clusters to include the subnet `id` field (https://github.com/giantswarm/roadmap/issues/2870),
# this is commented out on purpose in the first step so that reconciliation continues working for old cluster-aws versions.
# ---
# x-kubernetes-list-map-keys:
# - id
# x-kubernetes-list-type: map
x-kubernetes-list-map-keys:
- id
x-kubernetes-list-type: map
vpc:
description: VPC configuration.
properties:
Expand Down Expand Up @@ -453,6 +447,9 @@
description: PoolID is the IP pool which must be defined in case of BYO IP is defined. Must be specified if CidrBlock is set. Mutually exclusive with IPAMPool.
type: string
type: object
secureDefaultVPCSecurityGroup:
description: SecureDefaultVPCSecurityGroup specifies whether the default VPC security group ingress and egress rules should be removed.
type: boolean
tags:
additionalProperties:
type: string
Expand Down
2 changes: 1 addition & 1 deletion helm/cluster-api-provider-aws/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: cluster-api-provider-aws
# needed. Please read https://github.com/giantswarm/cluster-api-provider-aws/blob/main/README.md on how to create a
# release. Please include the short commit SHA in the tag name, such as `v2.0.2-gs-123abcd`. After changing this
# tag, please run `make generate` to update CRDs and other manifests.
tag: v2.3.0-gs-378440654 # upstream v2.3.0 + backported features/fixes (https://github.com/giantswarm/cluster-api-provider-aws/pull/576)
tag: v2.3.0-gs-5dac42e49 # upstream v2.3.0 + backported features/fixes (https://github.com/giantswarm/cluster-api-provider-aws/pull/576)

infrastructure:
image:
Expand Down

0 comments on commit 77e1cb8

Please sign in to comment.