Update to ACK runtime v0.28.0, code-generator v0.28.0 (#94)

### Update to ACK runtime `v0.28.0`, code-generator `v0.28.0`

----------

* ACK code-generator `v0.28.0` [release notes](https://github.com/aws-controllers-k8s/code-generator/releases/tag/v0.28.0)
* ACK runtime `v0.28.0` [release notes](https://github.com/aws-controllers-k8s/runtime/releases/tag/v0.28.0)

----------

NOTE:
This PR increments the release version of service controller from `v1.3.1` to `v1.3.2`

Once this PR is merged, release `v1.3.2` will be automatically created for `iam-controller`

**Please close this PR, if you do not want the new patch release for `iam-controller`**

----------

#### stdout for `make build-controller`:

```
building ack-generate ... ok.
==== building iam-controller ====
Copying common custom resource definitions into iam
Building Kubernetes API objects for iam
Generating deepcopy code for iam
Generating custom resource definitions for iam
Building service controller for iam
Generating RBAC manifests for iam
Running gofmt against generated code for iam
Updating additional GitHub repository maintenance files
==== building iam-controller release artifacts ====
Building release artifacts for iam-v1.3.2
Generating common custom resource definitions
Generating custom resource definitions for iam
Generating RBAC manifests for iam
```

----------

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Author: ack-bot

apis/v1alpha1/ack-generate-metadata.yaml

@@ -1,11 +1,11 @@
 ack_generate_info:
-  build_date: "2023-11-21T06:03:03Z"
-  build_hash: 1cc9b5172d3d1676af578a3411e8672698ec29ce
-  go_version: go1.21.1
-  version: v0.27.1-5-g1cc9b51
-api_directory_checksum: 5f836e773a26000be60b198c9166f83ea86405e1
+  build_date: "2023-12-14T21:38:38Z"
+  build_hash: 1f16813c807af6889060b4ce7ded2a69dc027d8c
+  go_version: go1.21.5
+  version: v0.28.0
+api_directory_checksum: b438ffe12bca1f7e1c8ab3b0a379f1ffd302b49f
 api_version: v1alpha1
-aws_sdk_go_version: v1.44.93
+aws_sdk_go_version: v1.49.0
 generator_config_info:
   file_checksum: ee030a9c18c7fa34d8f7f4777997df355c029971
   original_file_name: generator.yaml

apis/v1alpha1/open_id_connect_provider.go

@@ -6,4 +6,4 @@ kind: Kustomization
 images:
 - name: controller
   newName: public.ecr.aws/aws-controllers-k8s/iam-controller
-  newTag: 1.3.1
+  newTag: 1.3.2

apis/v1alpha1/role.go

@@ -86,7 +86,7 @@ spec:
                   hash value of the certificate used by https://keys.server.example.com.
                   \n For more information about obtaining the OIDC provider thumbprint,
                   see Obtaining the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
-                  in the IAM User Guide."
+                  in the IAM user Guide."
                 items:
                   type: string
                 type: array

apis/v1alpha1/types.go

@@ -65,7 +65,7 @@ spec:
                   to set for the specified role. If you do not specify a value for
                   this setting, the default value of one hour is applied. This setting
                   can have a value from 1 hour to 12 hours. \n Anyone who assumes
-                  the role from the or API can use the DurationSeconds API parameter
+                  the role from the CLI or API can use the DurationSeconds API parameter
                   or the duration-seconds CLI parameter to request a longer session.
                   The MaxSessionDuration setting determines the maximum duration that
                   can be requested using the DurationSeconds parameter. If users don't
@@ -81,7 +81,11 @@ spec:
                 description: "The name of the role to create. \n IAM user, group,
                   role, and policy names must be unique within the account. Names
                   are not distinguished by case. For example, you cannot create resources
-                  named both \"MyResource\" and \"myresource\"."
+                  named both \"MyResource\" and \"myresource\". \n This parameter
+                  allows (through its regex pattern (http://wikipedia.org/wiki/regex))
+                  a string of characters consisting of upper and lowercase alphanumeric
+                  characters with no spaces. You can also include any of the following
+                  characters: _+=,.@-"
                 type: string
               path:
                 description: "The path to the role. For more information about paths,
@@ -96,8 +100,16 @@ spec:
                   digits, and upper and lowercased letters."
                 type: string
               permissionsBoundary:
-                description: The ARN of the policy that is used to set the permissions
-                  boundary for the role.
+                description: "The ARN of the managed policy that is used to set the
+                  permissions boundary for the role. \n A permissions boundary policy
+                  defines the maximum permissions that identity-based policies can
+                  grant to an entity, but does not grant permissions. Permissions
+                  boundaries do not define the maximum permissions that a resource-based
+                  policy can grant to an entity. To learn more, see Permissions boundaries
+                  for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
+                  in the IAM User Guide. \n For more information about policy types,
+                  see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
+                  in the IAM User Guide."
                 type: string
               permissionsBoundaryRef:
                 description: "AWSResourceReferenceWrapper provides a wrapper around
@@ -237,7 +249,7 @@ spec:
                   supporting these features within the last year. The role might have
                   been used more than 400 days ago. For more information, see Regions
                   where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
-                  in the IAM User Guide.
+                  in the IAM user Guide.
                 properties:
                   lastUsedDate:
                     format: date-time

apis/v1alpha1/user.go

@@ -61,8 +61,16 @@ spec:
                   digits, and upper and lowercased letters."
                 type: string
               permissionsBoundary:
-                description: The ARN of the policy that is used to set the permissions
-                  boundary for the user.
+                description: "The ARN of the managed policy that is used to set the
+                  permissions boundary for the user. \n A permissions boundary policy
+                  defines the maximum permissions that identity-based policies can
+                  grant to an entity, but does not grant permissions. Permissions
+                  boundaries do not define the maximum permissions that a resource-based
+                  policy can grant to an entity. To learn more, see Permissions boundaries
+                  for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
+                  in the IAM User Guide. \n For more information about policy types,
+                  see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
+                  in the IAM User Guide."
                 type: string
               permissionsBoundaryRef:
                 description: "AWSResourceReferenceWrapper provides a wrapper around

config/controller/kustomization.yaml

@@ -3,10 +3,9 @@ module github.com/aws-controllers-k8s/iam-controller
 go 1.19
 
 require (
-	github.com/aws-controllers-k8s/runtime v0.27.1
-	github.com/aws/aws-sdk-go v1.44.93
+	github.com/aws-controllers-k8s/runtime v0.28.0
+	github.com/aws/aws-sdk-go v1.49.0
 	github.com/go-logr/logr v1.2.3
-	github.com/google/go-cmp v0.5.9
 	github.com/micahhausler/aws-iam-policy v0.4.2
 	github.com/samber/lo v1.37.0
 	github.com/spf13/pflag v1.0.5
@@ -36,6 +35,7 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.1.0 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
@@ -59,11 +59,11 @@ require (
 	go.uber.org/multierr v1.6.0 // indirect
 	go.uber.org/zap v1.24.0 // indirect
 	golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 // indirect
-	golang.org/x/net v0.8.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
-	golang.org/x/sys v0.6.0 // indirect
-	golang.org/x/term v0.6.0 // indirect
-	golang.org/x/text v0.8.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
+	golang.org/x/term v0.13.0 // indirect
+	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect