Releases: DataDog/managed-kubernetes-auditing-toolkit
Releases · DataDog/managed-kubernetes-auditing-toolkit
v0.3.1
d5011fe
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
- 533e0fa Add clarification to README (related to #17)
- 8b55822 Add resource limits when launching IMDS test container
- 21b2c7a Add resource limits when launching IMDS test container (closes #20)
- e295600 Brew formula update for managed-kubernetes-auditing-toolkit version v0.3.0
- 56301a7 Brew formula update for managed-kubernetes-auditing-toolkit version v0.3.0
- 8a49f7b Brew formula update for managed-kubernetes-auditing-toolkit version v0.3.0
- 5e4bb5f Merge pull request #15 from DataDog/homebrew-update-0.3.0
- 3276a4e Merge pull request #21 from geezyx/role-name-paths
- d6312cf Merge pull request #22 from DataDog/fix-ci
- 19b523b Set goreleaser version to 2
- 2eee170 Upgrade actions/checkout version to fix CI
- ae0b8db Upgrade staticcheck-action and staticcheck version in CI
- c83c73b Use a less cutting-edge version of staticcheck for CI
- c840deb Use buffered signal for calling os.Notify
- d5011fe goreleaser: remove deprecated field 'folder' for homebrew config
- 10fcba8 support pathed role names
- fb0f500 update goreleaser config
- c26915c use go 1.23 in CI for staticcheck
v0.3.0
Changelog
Features:
- Add support for EKS Pod Identity
- Add a CLI flag
--show-full-role-arnsto force printing the full role ARN, instead of just its name
v0.2.0
fc36e6b
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
v0.1.1
Changelog
Enhancements:
- find-secrets: Don't fail and only show a warning in case of missing permissions
v0.1.0
Changelog
New features:
mkat eks find-role-relationshipsnow uses a full-fledged IAM policy evaluation engine to determine which pods can assume IAM roles in the account.
Enhancements:
- Add an option to skip EKS hostname checks in
mkat eks find-role-relationships, when using a non-standard EKS API server hostname (--skip-eks-hostname-check) - Add an option in
mkat eks find-role-relationshipsto specify the EKS cluster name when it cannot be automatically detected from the KubeConfig file (--eks-cluster-name) - Document permissions needed in AWS and K8s in https://github.com/DataDog/managed-kubernetes-auditing-toolkit/blob/v0.1.0/permissions.md
- Implement better logic to detect when a cluster is an EKS cluster. This used to fail when the EKS API server was using a non-443 port
v0.0.1
b8733b9
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
- 2573593 Add basis for CI
- 353efa1 Add first version of IMDS tester
- 0e069e2 Add first version of autogen doc
- b6337e3 Add first version of secret detection
- c3c6027 Add fixtures for demo purposes
- e734403 Add pre-commit hook to generate third-party licenses
- f8a770a Add sample outputs
- b8733b9 Add status badge
- 873e1c5 Add third-party license file
- 26bd3ec Create LICENSE
- 18625b3 Create NOTICE
- 2d67e07 Enhance CLI output and remove the need to specify EKS cluster name
- f060029 First version of CLI
- ce40d44 Fix bug where reliance on EKS annotation value was way too string; consider StringLike condition keys
- e5adf15 Fix docs link
- 0e645eb Rename package and add tests for AWS secrets detection
- 030c2b4 Revamp README
- 73f0b5f Save
- fd1215e Support secret detection in init containers
- 9fbb310 Update README.md
- 7c1035a Update README.md
- a735676 Update third-party licenses
- 95eaea6 initiail commit
- 86ba38f v2