v1.2.1

What's Changed

• Preparation for release of Azure IAM support
• Preparation for release of Google Cloud IAM support: Add support for GCP resources with wildcards by @otterobert in #367
• Report enforcement status to Otterize Cloud for AWS IAM, PostgreSQL, GCP and Azure by @orishoshan in #383

Full Changelog: v1.2.0...v1.2.1

v1.2.0

What's Changed

• Add support for AWS IAM RolesAnywhere with cert-manager csi-driver-spiffe, which enables cross-cloud AWS IAM access by @orishoshan in #372
  Learn more: https://github.com/otterize/otterize-csi-spiffe-demo
  Note: AWS IAM policies now have names that contain the cluster name, whereas before they didn't. When upgrading, please ensure to clean up leftover policies.
  Old policies were named otterize-policy-<namespace>-<servicename>
  New policies are named otr-<namespace>.<servicename>@<clustername> (same pattern as IAM roles).

• Preparation for release of Google Cloud IAM and Azure IAM by @amitlicht and @otterobert

• Improvement: untag AWS roles and policies only if configuration has changed by @orishoshan in #376

• Fixed bug where ClientIntents deletion might not be reported to Otterize Cloud by @NetanelBollag in #377

Full Changelog: v1.1.13...v1.2.0

v1.1.13

What's Changed

• Preparation for Azure IAM support by @amitlicht in #368

Full Changelog: v1.1.12...v1.1.13

v1.1.12

What's Changed

• Fix case where Istio policies were created with the wrong label in their pod selectors by @omris94 in #373

Full Changelog: v1.1.11...v1.1.12

v1.1.11

What's Changed

• The intents-operator now only creates 1 network policy per pod selector, combining ingress and egress network policies serving multiple purposes, whereas before it could create 2-4 policies. by @omris94 in #356

Full Changelog: v1.1.10...v1.1.11

v1.1.10

What's Changed

• Add support for specifying intents for Internet domain names by @NetanelBollag in #353
• Fix a bug where an IPv6 address creates /32 CIDR instead of /128 by @NetanelBollag in #365
• Support soft deletion of AWS roles and policies. It is done by tagging them as soft-deleted instead of deleting them by @omris94 in #361

Full Changelog: v1.1.9...v1.1.10

v1.1.9

What's Changed

• Reduce number of network policies created by the operator (same behavior, less policies) by @omris94 in #339
• Fixed case where CRD upgrade flow from v1alpha2 to v1alpha3 would fail by @orishoshan in #355
• Fix crash when adding labels to namespace without labels by @NetanelBollag in #354

Full Changelog: v1.1.8...v1.1.9

v1.1.8

What's Changed

• Fixed case where operator can overwrite its certificates by @otterobert in #338
• Fixed a case where already installed Otterize deployments overwrite their conversion-webhooks certificates by @omris94 in #344
• Fixed bug where internet object is present with empty object even while it doesn't exist in the ClientIntents resource by @NetanelBollag in #346
• Fix bug where pods would not be labeled if network policies were disabled but Istio policies were enabled by @orishoshan in #343

New Contributors

• @otterobert made their first contribution in #338

Full Changelog: v1.1.7...v1.1.8

v1.1.7

What's Changed

• Avoid labeling pods if network policy creation is disabled by @orishoshan in #340

Full Changelog: v1.1.6...v1.1.7

v1.1.6

What's Changed

• Set permission boundary for new AWS intents roles by @orishavit in #337

Full Changelog: v1.1.5...v1.1.6