Skip to content
This repository has been archived by the owner on Jun 11, 2020. It is now read-only.

Releases: cuppett/ocp-iam-broker

Secrets Cleanup

09 Jan 16:12
@cuppett cuppett
v0.2-alpha
06b0c26
Compare
Choose a tag to compare
Secrets Cleanup Pre-release
Pre-release

Adds secret expiration TTL.

Functionality:

  • DynamoDB TTL and stream to handle expiration of Secrets not used in N days (default 14).

Includes:

  1. deployment.yml - CloudFormation template/update
  2. v0.2-alpha.zip - Lambda payload
  3. User Guide now part of the repository (asciidoc)
Assets 4
Loading

Initial Release

29 Dec 11:41
@cuppett cuppett
v0.1-alpha
10b2cb4
Compare
Choose a tag to compare
Initial Release Pre-release
Pre-release

Provides all initial, essential functionality.

Includes:

  • deployment.yml - CloudFormation template for AWS deployment
  • v0.1-alpha.zip - Lambda function payload
  • User Guide.pdf - Instructions for deployment

Functionality:

  • DynamoDB private registry/mapping tables for ServiceAccount to IAM Roles
  • AWS Lambda STS broker
  • Broker proxy sidecar build
  • OCP mutating webhook for injecting STS broker sidecar on Pod create
  • Support both public/private clusters in AWS

ToDo:

  • Clean up generated secrets when/as pods are deleted
  • Add architecture and flow diagrams
Assets 5
Loading