v1.34.0

[gardener-extension-provider-aws]

✨ New Features

• [USER] Allow defining VPC Gateway Endpoints for subdomains with dots, e.g. com.amazonaws.eu-central-1.codeartifact.api (gardener/gardener-extension-provider-aws#472, @tareqhs)
• [OPERATOR] gardener-extension-admission-aws now supports configuration for enabling service account token volume projection. It is exposed through the .Values.global.serviceAccountTokenVolumeProjection section in the respective chart's values. (gardener/gardener-extension-provider-aws#487, @dimityrmirchev)
• [OPERATOR] It is now possible to configure a user instead of a serviceaccount subject in the clusterrolebinding for the gardener-extension-admission-aws when using virtual garden setup by setting .Values.global.virtualGarden.user.name. (gardener/gardener-extension-provider-aws#487, @dimityrmirchev)

🏃 Others

• [OPERATOR] The monitoring dashboards provided by this extension: (gardener/gardener-extension-provider-aws#503, @ialidzhikov)
  • are now using UTC by default (instead of the browser time)
  • do no longer auto refresh by default
• [OPERATOR] The etcd storage class is now using gp3 disk type instead of gp2 as this offers higher iops capabilities. This will affect only newly created etcd disks. (gardener/gardener-extension-provider-aws#502, @dkistner)

📰 Noteworthy

• [OPERATOR] The extension controller uses a projected ServiceAccount token in case it runs on a seed with a gardenlet of at least v1.37 or higher. Similarly, the components deployed into shoot namespaces will no longer use a client certificate but an auto-rotated ServiceAccount token which is only valid for 12h. (gardener/gardener-extension-provider-aws#467, @rfranzke)