Merge pull request #60 from kionsoftware/federation-role-type-conversion

Cloud access role type conversion for AWS console federation
kionsoftware · Sep 13, 2024 · 5a4a25f · 5a4a25f
2 parents 49ea1a4 + cfe0432
commit 5a4a25f
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/lib/kion/console.go b/lib/kion/console.go
@@ -31,6 +31,15 @@ type URLRequest struct {
 
 // GetFederationURL queries the Kion API to generate a federation URL.
 func GetFederationURL(host string, token string, car CAR) (string, error) {
+	// converting cloud access role type to role type
+	var roleType string
+	switch car.CloudAccessRoleType {
+	case "inherited":
+		roleType = "ou"
+	case "local":
+		roleType = "project"
+	}
+
 	// build our query and get response
 	url := fmt.Sprintf("%v/api/v1/console-access", host)
 	query := map[string]string{}
@@ -41,7 +50,7 @@ func GetFederationURL(host string, token string, car CAR) (string, error) {
 		AWSIAMRoleName: car.AwsIamRoleName,
 		AccountTypeID:  car.AccountTypeID,
 		RoleID:         car.ID,
-		RoleType:       car.CloudAccessRoleType,
+		RoleType:       roleType,
 	}
 	resp, _, err := runQuery("POST", url, token, query, data)
 	if err != nil {