v1.2.5

What's Changed

• Azure IAM enforcement now also supports Azure Key vault in addition to all other resources by @amitlicht in #390
• Fixed bug where cluster name could not be discovered automatically due to bug in AWS SDK by @otterobert in #396

Full Changelog: v1.2.4...v1.2.5

v1.2.4

What's Changed

• Bugfix: ignore error 404 NOT_FOUND on attempting to delete user assigned identities by @amitlicht in #393
• Intents operator now reports Service and Ingress resources to Otterize Cloud to accommodate a more accurate calculation of blocking status when in shadow mode by @NetanelBollag in #394

Full Changelog: v1.2.3...v1.2.4

v1.2.3

What's Changed

• Change GCP intent update to only change partial policy role binding by @otterobert in #389

Full Changelog: v1.2.2...v1.2.3

v1.2.2

What's Changed

• Improvement: Otterize network policies auto-allows DNS traffic if target is the cluster's DNS server and an Otterize network policy would block it by @orishoshan in #386

Full Changelog: v1.2.1...v1.2.2

v1.2.1

What's Changed

• Preparation for release of Azure IAM support
• Preparation for release of Google Cloud IAM support: Add support for GCP resources with wildcards by @otterobert in #367
• Report enforcement status to Otterize Cloud for AWS IAM, PostgreSQL, GCP and Azure by @orishoshan in #383

Full Changelog: v1.2.0...v1.2.1

v1.2.0

What's Changed

• Add support for AWS IAM RolesAnywhere with cert-manager csi-driver-spiffe, which enables cross-cloud AWS IAM access by @orishoshan in #372
  Learn more: https://github.com/otterize/otterize-csi-spiffe-demo
  Note: AWS IAM policies now have names that contain the cluster name, whereas before they didn't. When upgrading, please ensure to clean up leftover policies.
  Old policies were named otterize-policy-<namespace>-<servicename>
  New policies are named otr-<namespace>.<servicename>@<clustername> (same pattern as IAM roles).

• Preparation for release of Google Cloud IAM and Azure IAM by @amitlicht and @otterobert

• Improvement: untag AWS roles and policies only if configuration has changed by @orishoshan in #376

• Fixed bug where ClientIntents deletion might not be reported to Otterize Cloud by @NetanelBollag in #377

Full Changelog: v1.1.13...v1.2.0

v1.1.13

What's Changed

• Preparation for Azure IAM support by @amitlicht in #368

Full Changelog: v1.1.12...v1.1.13

v1.1.12

What's Changed

• Fix case where Istio policies were created with the wrong label in their pod selectors by @omris94 in #373

Full Changelog: v1.1.11...v1.1.12

v1.1.11

What's Changed

• The intents-operator now only creates 1 network policy per pod selector, combining ingress and egress network policies serving multiple purposes, whereas before it could create 2-4 policies. by @omris94 in #356

Full Changelog: v1.1.10...v1.1.11

v1.1.10

What's Changed

• Add support for specifying intents for Internet domain names by @NetanelBollag in #353
• Fix a bug where an IPv6 address creates /32 CIDR instead of /128 by @NetanelBollag in #365
• Support soft deletion of AWS roles and policies. It is done by tagging them as soft-deleted instead of deleting them by @omris94 in #361

Full Changelog: v1.1.9...v1.1.10