in helpers/akeyless/service/akeyless.go [275:330]
func setupAuthParams(server common.AkeylessServer) (*akeyless_api.Auth, error) {
authParams := akeyless_api.NewAuth()
authParams.SetAccessType(server.AkeylessAccessType)
authParams.SetAccessId(server.AccessId)
if server.GatewayCaCert != "" {
authParams.SetCertData(server.GatewayCaCert)
}
switch AccessType(server.AkeylessAccessType) {
case AccessTypeApiKey:
authParams.SetAccessKey(server.AccessKey)
case AccessTypeAwsIAM:
id, err := aws.GetCloudId()
if err != nil {
return nil, fmt.Errorf("failed to get AWS cloud id: %w", err)
}
authParams.SetCloudId(id)
case AccessTypeAzureAd:
id, err := azure.GetCloudId(server.AzureObjectId)
if err != nil {
return nil, fmt.Errorf("failed to get azure cloud id: %w", err)
}
if _, err := base64.StdEncoding.DecodeString(id); err != nil {
id = base64.StdEncoding.EncodeToString([]byte(id))
}
authParams.SetCloudId(id)
case AccessTypeGCP:
id, err := gcp.GetCloudID(server.GcpAudience)
if err != nil {
return nil, fmt.Errorf("failed to get GCP cloud id: %w", err)
}
authParams.SetCloudId(id)
case AccessTypeUid:
if server.UidToken == "" {
return nil, fmt.Errorf("UidToken is required for access type %q", AccessTypeUid)
}
authParams.SetUidToken(server.UidToken)
case AccessTypeK8S:
authParams.SetGatewayUrl(server.AkeylessApiUrl)
authParams.SetK8sServiceAccountToken(server.K8SServiceAccountToken)
authParams.SetK8sAuthConfigName(server.K8SAuthConfigName)
case AccessTypeJWT:
authParams.SetJwt(server.JWT)
default:
return nil, fmt.Errorf("unknown Access type: %s", server.AkeylessAccessType)
}
return authParams, nil
}