Merge pull request #5421 from rdrgmnzs/remane-aws-authenticator

Rename hept.io authenticator to aws authenticator

docs/authentication.md

@@ -32,14 +32,14 @@ spec:
     rbac: {}
 ```
 
-## Heptio Authenticator for AWS
+## AWS IAM Authenticator
 
-If you want to turn on Heptio Authenticator for AWS, you can add this block 
+If you want to turn on AWS IAM Authenticator, you can add this block 
 to your cluster:
 
 ```
 authentication:
-  heptio: {}
+  aws: {}
 ```
 
 For example:
@@ -51,14 +51,14 @@ metadata:
   name: cluster.example.com
 spec:
   authentication:
-    heptio: {}
+    aws: {}
   authorization:
     rbac: {}
 ```
 
-Once the cluster is up you will need to create the heptio authenticator
+Once the cluster is up you will need to create the AWS IAM authenticator
 config as a config map. (This can also be done when boostrapping a cluster using addons)
-For more details on heptio authenticator please visit (heptio/authenticator)[https://github.com/heptio/authenticator]
+For more details on AWS IAM authenticator please visit (kubernetes-sigs/aws-iam-authenticator)[https://github.com/kubernetes-sigs/aws-iam-authenticator]
 Example config:
 
 ```
@@ -67,9 +67,9 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: kube-system
-  name: heptio-authenticator-aws
+  name: aws-iam-authenticator
   labels:
-    k8s-app: heptio-authenticator-aws
+    k8s-app: aws-iam-authenticator
 data:
   config.yaml: |
     # a unique-per-cluster identifier to prevent replay attacks

nodeup/pkg/model/kube_apiserver.go

@@ -158,35 +158,35 @@ func (b *KubeAPIServerBuilder) writeAuthenticationConfig(c *fi.ModelBuilderConte
 		return nil
 	}
 
-	if b.Cluster.Spec.Authentication.Heptio != nil {
+	if b.Cluster.Spec.Authentication.Aws != nil {
-		id := "heptio-authenticator-aws"
+		id := "aws-iam-authenticator"
 		b.Cluster.Spec.KubeAPIServer.AuthenticationTokenWebhookConfigFile = fi.String(PathAuthnConfig)
 
 		{
 			caCertificate, err := b.NodeupModelContext.KeyStore.FindCert(fi.CertificateId_CA)
 			if err != nil {
-				return fmt.Errorf("error fetching Heptio Authentication CA certificate from keystore: %v", err)
+				return fmt.Errorf("error fetching AWS IAM Authentication CA certificate from keystore: %v", err)
 			}
 			if caCertificate == nil {
-				return fmt.Errorf("Heptio Authentication CA certificate %q not found", fi.CertificateId_CA)
+				return fmt.Errorf("AWS IAM  Authentication CA certificate %q not found", fi.CertificateId_CA)
 			}
 
 			cluster := kubeconfig.KubectlCluster{
 				Server: "https://127.0.0.1:21362/authenticate",
 			}
 			context := kubeconfig.KubectlContext{
-				Cluster: "heptio-authenticator-aws",
+				Cluster: "aws-iam-authenticator",
 				User:    "kube-apiserver",
 			}
 
 			cluster.CertificateAuthorityData, err = caCertificate.AsBytes()
 			if err != nil {
-				return fmt.Errorf("error encoding Heptio Authentication CA certificate: %v", err)
+				return fmt.Errorf("error encoding AWS IAM Authentication CA certificate: %v", err)
 			}
 
 			config := kubeconfig.KubectlConfig{}
 			config.Clusters = append(config.Clusters, &kubeconfig.KubectlClusterWithName{
-				Name:    "heptio-authenticator-aws",
+				Name:    "aws-iam-authenticator",
 				Cluster: cluster,
 			})
 			config.Users = append(config.Users, &kubeconfig.KubectlUserWithName{
@@ -226,7 +226,7 @@ func (b *KubeAPIServerBuilder) writeAuthenticationConfig(c *fi.ModelBuilderConte
 			}
 
 			c.AddTask(&nodetasks.File{
-				Path:     "/srv/kubernetes/heptio-authenticator-aws/cert.pem",
+				Path:     "/srv/kubernetes/aws-iam-authenticator/cert.pem",
 				Contents: fi.NewBytesResource(certificateData),
 				Type:     nodetasks.FileType_File,
 				Mode:     fi.String("600"),
@@ -248,7 +248,7 @@ func (b *KubeAPIServerBuilder) writeAuthenticationConfig(c *fi.ModelBuilderConte
 			}
 
 			c.AddTask(&nodetasks.File{
-				Path:     "/srv/kubernetes/heptio-authenticator-aws/key.pem",
+				Path:     "/srv/kubernetes/aws-iam-authenticator/key.pem",
 				Contents: fi.NewBytesResource(keyData),
 				Type:     nodetasks.FileType_File,
 				Mode:     fi.String("600"),
@@ -427,7 +427,7 @@ func (b *KubeAPIServerBuilder) buildPod() (*v1.Pod, error) {
 	}
 
 	if b.Cluster.Spec.Authentication != nil {
-		if b.Cluster.Spec.Authentication.Kopeio != nil || b.Cluster.Spec.Authentication.Heptio != nil {
+		if b.Cluster.Spec.Authentication.Kopeio != nil || b.Cluster.Spec.Authentication.Aws != nil {
 			addHostPathMapping(pod, container, "authn-config", PathAuthnConfig)
 		}
 	}

pkg/apis/kops/cluster.go

@@ -230,17 +230,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha1/cluster.go

@@ -229,17 +229,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha1/zz_generated.conversion.go

@@ -49,6 +49,8 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_kops_AuthenticationSpec_To_v1alpha1_AuthenticationSpec,
 		Convert_v1alpha1_AuthorizationSpec_To_kops_AuthorizationSpec,
 		Convert_kops_AuthorizationSpec_To_v1alpha1_AuthorizationSpec,
+		Convert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec,
+		Convert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec,
 		Convert_v1alpha1_CNINetworkingSpec_To_kops_CNINetworkingSpec,
 		Convert_kops_CNINetworkingSpec_To_v1alpha1_CNINetworkingSpec,
 		Convert_v1alpha1_CalicoNetworkingSpec_To_kops_CalicoNetworkingSpec,
@@ -97,8 +99,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_kops_FlannelNetworkingSpec_To_v1alpha1_FlannelNetworkingSpec,
 		Convert_v1alpha1_HTTPProxy_To_kops_HTTPProxy,
 		Convert_kops_HTTPProxy_To_v1alpha1_HTTPProxy,
-		Convert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec,
-		Convert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec,
 		Convert_v1alpha1_HookSpec_To_kops_HookSpec,
 		Convert_kops_HookSpec_To_v1alpha1_HookSpec,
 		Convert_v1alpha1_IAMProfileSpec_To_kops_IAMProfileSpec,
@@ -302,14 +302,14 @@ func autoConvert_v1alpha1_AuthenticationSpec_To_kops_AuthenticationSpec(in *Auth
 	} else {
 		out.Kopeio = nil
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
-		*out = new(kops.HeptioAuthenticationSpec)
+		*out = new(kops.AwsAuthenticationSpec)
-		if err := Convert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(*in, *out, s); err != nil {
+		if err := Convert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(*in, *out, s); err != nil {
 			return err
 		}
 	} else {
-		out.Heptio = nil
+		out.Aws = nil
 	}
 	return nil
 }
@@ -329,14 +329,14 @@ func autoConvert_kops_AuthenticationSpec_To_v1alpha1_AuthenticationSpec(in *kops
 	} else {
 		out.Kopeio = nil
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
-		*out = new(HeptioAuthenticationSpec)
+		*out = new(AwsAuthenticationSpec)
-		if err := Convert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec(*in, *out, s); err != nil {
+		if err := Convert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec(*in, *out, s); err != nil {
 			return err
 		}
 	} else {
-		out.Heptio = nil
+		out.Aws = nil
 	}
 	return nil
 }
@@ -400,6 +400,24 @@ func Convert_kops_AuthorizationSpec_To_v1alpha1_AuthorizationSpec(in *kops.Autho
 	return autoConvert_kops_AuthorizationSpec_To_v1alpha1_AuthorizationSpec(in, out, s)
 }
 
+func autoConvert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in *AwsAuthenticationSpec, out *kops.AwsAuthenticationSpec, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec is an autogenerated conversion function.
+func Convert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in *AwsAuthenticationSpec, out *kops.AwsAuthenticationSpec, s conversion.Scope) error {
+	return autoConvert_v1alpha1_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in, out, s)
+}
+
+func autoConvert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec(in *kops.AwsAuthenticationSpec, out *AwsAuthenticationSpec, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec is an autogenerated conversion function.
+func Convert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec(in *kops.AwsAuthenticationSpec, out *AwsAuthenticationSpec, s conversion.Scope) error {
+	return autoConvert_kops_AwsAuthenticationSpec_To_v1alpha1_AwsAuthenticationSpec(in, out, s)
+}
+
 func autoConvert_v1alpha1_CNINetworkingSpec_To_kops_CNINetworkingSpec(in *CNINetworkingSpec, out *kops.CNINetworkingSpec, s conversion.Scope) error {
 	return nil
 }
@@ -1723,24 +1741,6 @@ func Convert_kops_HTTPProxy_To_v1alpha1_HTTPProxy(in *kops.HTTPProxy, out *HTTPP
 	return autoConvert_kops_HTTPProxy_To_v1alpha1_HTTPProxy(in, out, s)
 }
 
-func autoConvert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in *HeptioAuthenticationSpec, out *kops.HeptioAuthenticationSpec, s conversion.Scope) error {
-	return nil
-}
-
-// Convert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec is an autogenerated conversion function.
-func Convert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in *HeptioAuthenticationSpec, out *kops.HeptioAuthenticationSpec, s conversion.Scope) error {
-	return autoConvert_v1alpha1_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in, out, s)
-}
-
-func autoConvert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec(in *kops.HeptioAuthenticationSpec, out *HeptioAuthenticationSpec, s conversion.Scope) error {
-	return nil
-}
-
-// Convert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec is an autogenerated conversion function.
-func Convert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec(in *kops.HeptioAuthenticationSpec, out *HeptioAuthenticationSpec, s conversion.Scope) error {
-	return autoConvert_kops_HeptioAuthenticationSpec_To_v1alpha1_HeptioAuthenticationSpec(in, out, s)
-}
-
 func autoConvert_v1alpha1_HookSpec_To_kops_HookSpec(in *HookSpec, out *kops.HookSpec, s conversion.Scope) error {
 	out.Name = in.Name
 	out.Disabled = in.Disabled

pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go

@@ -153,12 +153,12 @@ func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec) {
 			**out = **in
 		}
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(HeptioAuthenticationSpec)
+			*out = new(AwsAuthenticationSpec)
 			**out = **in
 		}
 	}
@@ -209,6 +209,22 @@ func (in *AuthorizationSpec) DeepCopy() *AuthorizationSpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AwsAuthenticationSpec) DeepCopyInto(out *AwsAuthenticationSpec) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsAuthenticationSpec.
+func (in *AwsAuthenticationSpec) DeepCopy() *AwsAuthenticationSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(AwsAuthenticationSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *BastionSpec) DeepCopyInto(out *BastionSpec) {
 	*out = *in
@@ -1435,22 +1451,6 @@ func (in *HTTPProxy) DeepCopy() *HTTPProxy {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *HeptioAuthenticationSpec) DeepCopyInto(out *HeptioAuthenticationSpec) {
-	*out = *in
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeptioAuthenticationSpec.
-func (in *HeptioAuthenticationSpec) DeepCopy() *HeptioAuthenticationSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(HeptioAuthenticationSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HookSpec) DeepCopyInto(out *HookSpec) {
 	*out = *in

pkg/apis/kops/v1alpha2/cluster.go

@@ -230,17 +230,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha2/zz_generated.conversion.go

@@ -49,6 +49,8 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_kops_AuthenticationSpec_To_v1alpha2_AuthenticationSpec,
 		Convert_v1alpha2_AuthorizationSpec_To_kops_AuthorizationSpec,
 		Convert_kops_AuthorizationSpec_To_v1alpha2_AuthorizationSpec,
+		Convert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec,
+		Convert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec,
 		Convert_v1alpha2_BastionSpec_To_kops_BastionSpec,
 		Convert_kops_BastionSpec_To_v1alpha2_BastionSpec,
 		Convert_v1alpha2_CNINetworkingSpec_To_kops_CNINetworkingSpec,
@@ -101,8 +103,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_kops_FlannelNetworkingSpec_To_v1alpha2_FlannelNetworkingSpec,
 		Convert_v1alpha2_HTTPProxy_To_kops_HTTPProxy,
 		Convert_kops_HTTPProxy_To_v1alpha2_HTTPProxy,
-		Convert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec,
-		Convert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec,
 		Convert_v1alpha2_HookSpec_To_kops_HookSpec,
 		Convert_kops_HookSpec_To_v1alpha2_HookSpec,
 		Convert_v1alpha2_IAMProfileSpec_To_kops_IAMProfileSpec,
@@ -316,14 +316,14 @@ func autoConvert_v1alpha2_AuthenticationSpec_To_kops_AuthenticationSpec(in *Auth
 	} else {
 		out.Kopeio = nil
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
-		*out = new(kops.HeptioAuthenticationSpec)
+		*out = new(kops.AwsAuthenticationSpec)
-		if err := Convert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(*in, *out, s); err != nil {
+		if err := Convert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(*in, *out, s); err != nil {
 			return err
 		}
 	} else {
-		out.Heptio = nil
+		out.Aws = nil
 	}
 	return nil
 }
@@ -343,14 +343,14 @@ func autoConvert_kops_AuthenticationSpec_To_v1alpha2_AuthenticationSpec(in *kops
 	} else {
 		out.Kopeio = nil
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
-		*out = new(HeptioAuthenticationSpec)
+		*out = new(AwsAuthenticationSpec)
-		if err := Convert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec(*in, *out, s); err != nil {
+		if err := Convert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec(*in, *out, s); err != nil {
 			return err
 		}
 	} else {
-		out.Heptio = nil
+		out.Aws = nil
 	}
 	return nil
 }
@@ -414,6 +414,24 @@ func Convert_kops_AuthorizationSpec_To_v1alpha2_AuthorizationSpec(in *kops.Autho
 	return autoConvert_kops_AuthorizationSpec_To_v1alpha2_AuthorizationSpec(in, out, s)
 }
 
+func autoConvert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in *AwsAuthenticationSpec, out *kops.AwsAuthenticationSpec, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec is an autogenerated conversion function.
+func Convert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in *AwsAuthenticationSpec, out *kops.AwsAuthenticationSpec, s conversion.Scope) error {
+	return autoConvert_v1alpha2_AwsAuthenticationSpec_To_kops_AwsAuthenticationSpec(in, out, s)
+}
+
+func autoConvert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec(in *kops.AwsAuthenticationSpec, out *AwsAuthenticationSpec, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec is an autogenerated conversion function.
+func Convert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec(in *kops.AwsAuthenticationSpec, out *AwsAuthenticationSpec, s conversion.Scope) error {
+	return autoConvert_kops_AwsAuthenticationSpec_To_v1alpha2_AwsAuthenticationSpec(in, out, s)
+}
+
 func autoConvert_v1alpha2_BastionSpec_To_kops_BastionSpec(in *BastionSpec, out *kops.BastionSpec, s conversion.Scope) error {
 	out.BastionPublicName = in.BastionPublicName
 	out.IdleTimeoutSeconds = in.IdleTimeoutSeconds
@@ -1834,24 +1852,6 @@ func Convert_kops_HTTPProxy_To_v1alpha2_HTTPProxy(in *kops.HTTPProxy, out *HTTPP
 	return autoConvert_kops_HTTPProxy_To_v1alpha2_HTTPProxy(in, out, s)
 }
 
-func autoConvert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in *HeptioAuthenticationSpec, out *kops.HeptioAuthenticationSpec, s conversion.Scope) error {
-	return nil
-}
-
-// Convert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec is an autogenerated conversion function.
-func Convert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in *HeptioAuthenticationSpec, out *kops.HeptioAuthenticationSpec, s conversion.Scope) error {
-	return autoConvert_v1alpha2_HeptioAuthenticationSpec_To_kops_HeptioAuthenticationSpec(in, out, s)
-}
-
-func autoConvert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec(in *kops.HeptioAuthenticationSpec, out *HeptioAuthenticationSpec, s conversion.Scope) error {
-	return nil
-}
-
-// Convert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec is an autogenerated conversion function.
-func Convert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec(in *kops.HeptioAuthenticationSpec, out *HeptioAuthenticationSpec, s conversion.Scope) error {
-	return autoConvert_kops_HeptioAuthenticationSpec_To_v1alpha2_HeptioAuthenticationSpec(in, out, s)
-}
-
 func autoConvert_v1alpha2_HookSpec_To_kops_HookSpec(in *HookSpec, out *kops.HookSpec, s conversion.Scope) error {
 	out.Name = in.Name
 	out.Disabled = in.Disabled

pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go

@@ -153,12 +153,12 @@ func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec) {
 			**out = **in
 		}
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(HeptioAuthenticationSpec)
+			*out = new(AwsAuthenticationSpec)
 			**out = **in
 		}
 	}
@@ -209,6 +209,22 @@ func (in *AuthorizationSpec) DeepCopy() *AuthorizationSpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AwsAuthenticationSpec) DeepCopyInto(out *AwsAuthenticationSpec) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsAuthenticationSpec.
+func (in *AwsAuthenticationSpec) DeepCopy() *AwsAuthenticationSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(AwsAuthenticationSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *BastionSpec) DeepCopyInto(out *BastionSpec) {
 	*out = *in
@@ -1402,22 +1418,6 @@ func (in *HTTPProxy) DeepCopy() *HTTPProxy {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *HeptioAuthenticationSpec) DeepCopyInto(out *HeptioAuthenticationSpec) {
-	*out = *in
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeptioAuthenticationSpec.
-func (in *HeptioAuthenticationSpec) DeepCopy() *HeptioAuthenticationSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(HeptioAuthenticationSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HookSpec) DeepCopyInto(out *HookSpec) {
 	*out = *in

pkg/apis/kops/zz_generated.deepcopy.go

@@ -169,12 +169,12 @@ func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec) {
 			**out = **in
 		}
 	}
-	if in.Heptio != nil {
+	if in.Aws != nil {
-		in, out := &in.Heptio, &out.Heptio
+		in, out := &in.Aws, &out.Aws
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(HeptioAuthenticationSpec)
+			*out = new(AwsAuthenticationSpec)
 			**out = **in
 		}
 	}
@@ -225,6 +225,22 @@ func (in *AuthorizationSpec) DeepCopy() *AuthorizationSpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AwsAuthenticationSpec) DeepCopyInto(out *AwsAuthenticationSpec) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsAuthenticationSpec.
+func (in *AwsAuthenticationSpec) DeepCopy() *AwsAuthenticationSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(AwsAuthenticationSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *BastionSpec) DeepCopyInto(out *BastionSpec) {
 	*out = *in
@@ -1565,22 +1581,6 @@ func (in *HTTPProxy) DeepCopy() *HTTPProxy {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *HeptioAuthenticationSpec) DeepCopyInto(out *HeptioAuthenticationSpec) {
-	*out = *in
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeptioAuthenticationSpec.
-func (in *HeptioAuthenticationSpec) DeepCopy() *HeptioAuthenticationSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(HeptioAuthenticationSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HookSpec) DeepCopyInto(out *HookSpec) {
 	*out = *in

pkg/model/pki.go

@@ -264,15 +264,15 @@ func (b *PKIModelBuilder) Build(c *fi.ModelBuilderContext) error {
 	}
 
 	if b.Cluster.Spec.Authentication != nil {
-		if b.KopsModelContext.Cluster.Spec.Authentication.Heptio != nil {
+		if b.KopsModelContext.Cluster.Spec.Authentication.Aws != nil {
 			alternateNames := []string{
 				"localhost",
 				"127.0.0.1",
 			}
 
 			t := &fitasks.Keypair{
-				Name:           fi.String("heptio-authenticator-aws"),
+				Name:           fi.String("aws-iam-authenticator"),
-				Subject:        "cn=heptio-authenticator-aws",
+				Subject:        "cn=aws-iam-authenticator",
 				Type:           "server",
 				AlternateNames: alternateNames,
 				Signer:         defaultCA,

upup/models/cloudup/resources/addons/authentication.aws/k8s-1.10.yaml

@@ -3,9 +3,9 @@ apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
   namespace: kube-system
-  name: heptio-authenticator-aws
+  name: aws-iam-authenticator
   labels:
-    k8s-app: heptio-authenticator-aws
+    k8s-app: aws-iam-authenticator
 spec:
   updateStrategy:
     type: RollingUpdate
@@ -14,7 +14,7 @@ spec:
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ""
       labels:
-        k8s-app: heptio-authenticator-aws
+        k8s-app: aws-iam-authenticator
     spec:
       # run on the host network (don't depend on CNI)
       hostNetwork: true
@@ -28,17 +28,17 @@ spec:
       - key: CriticalAddonsOnly
         operator: Exists
 
-      # run `heptio-authenticator-aws server` with three volumes
+      # run `aws-iam-authenticator server` with three volumes
-      # - config (mounted from the ConfigMap at /etc/heptio-authenticator-aws/config.yaml)
+      # - config (mounted from the ConfigMap at /etc/aws-iam-authenticator/config.yaml)
       # - state (persisted TLS certificate and keys, mounted from the host)
       # - output (output kubeconfig to plug into your apiserver configuration, mounted from the host)
       containers:
-      - name: heptio-authenticator-aws
+      - name: aws-iam-authenticator
         image: gcr.io/heptio-images/authenticator:v0.3.0
         args:
         - server
-        - --config=/etc/heptio-authenticator-aws/config.yaml
+        - --config=/etc/aws-iam-authenticator/config.yaml
-        - --state-dir=/var/heptio-authenticator-aws
+        - --state-dir=/var/aws-iam-authenticator
         - --kubeconfig-pregenerated=true
 
         resources:
@@ -51,19 +51,19 @@ spec:
 
         volumeMounts:
         - name: config
-          mountPath: /etc/heptio-authenticator-aws/
+          mountPath: /etc/aws-iam-authenticator/
         - name: state
-          mountPath: /var/heptio-authenticator-aws/
+          mountPath: /var/aws-iam-authenticator/
         - name: output
-          mountPath: /etc/kubernetes/heptio-authenticator-aws/
+          mountPath: /etc/kubernetes/aws-iam-authenticator/
 
       volumes:
       - name: config
         configMap:
-          name: heptio-authenticator-aws
+          name: aws-iam-authenticator
       - name: output
         hostPath:
-          path: /srv/kubernetes/heptio-authenticator-aws/
+          path: /srv/kubernetes/aws-iam-authenticator/
       - name: state
         hostPath:
-          path: /srv/kubernetes/heptio-authenticator-aws/
+          path: /srv/kubernetes/aws-iam-authenticator/

upup/pkg/fi/cloudup/bootstrapchannelbuilder.go

@@ -759,8 +759,8 @@ func (b *BootstrapChannelBuilder) buildManifest() (*channelsapi.Addons, map[stri
 				manifests[key+"-"+id] = "addons/" + location
 			}
 		}
-		if b.cluster.Spec.Authentication.Heptio != nil {
+		if b.cluster.Spec.Authentication.Aws != nil {
-			key := "authentication.hept.io"
+			key := "authentication.aws"
 			version := "0.3.0"
 
 			{