Closed twstewart42 closed 11 months ago
Related to #1837 AWS API minifies the JSON while the CRD definition has the pretty formatted version of JSON.
Hey @jaikanth-arcadia @twstewart42 i'm currently working on fixing this, expect a new release by end of this week. /assign
@jaikanth-arcadia @twstewart42 expect a release in the upcoming days.. once https://github.com/aws-controllers-k8s/iam-controller/pull/85 is merged we'll ship a new release.
@a-hilaly This turns out to be a major issue causing our CI to fail since we are monitoring the status ACK.ResourceSynced
to pass.
Is it possible to bump the priority of the fix?
Fixed in iam-controller
1.3.1
/close
@a-hilaly: Closing this issue.
Describe the bug Since my team rolled out the update to ack-iam-controller 1.2.1 and maybe related to this issue. we've noticed a big uptick in guardDuty/cloudtrail events for UpdateAssumeRolePolicy on any IAM Role controlled by this controller. The controller is sending an update request every second for every role. We have ~7 unique Roles generated by this controller. This change has doubled our guardDuty bill from the previous month.
redacted screenshot of activity
Steps to reproduce Deploy an IAM role associated with the ack-iam-controller. View cloudtrail events filtered on event name = UpdateAssumeRolePolicy
Expected outcome A way to tune how often the controller is attempting to update IAM roles or slow down how often the controller is sending an Update command to these IAM roles.
Environment