Remove iamid package

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

cli/internal/cloudcmd/BUILD.bazel

@@ -18,7 +18,6 @@ go_library(
     visibility = ["//cli:__subpackages__"],
     deps = [
         "//cli/internal/clusterid",
-        "//cli/internal/iamid",
         "//cli/internal/libvirt",
         "//cli/internal/terraform",
         "//internal/atls",
@@ -50,7 +49,6 @@ go_test(
     ],
     embed = [":cloudcmd"],
     deps = [
-        "//cli/internal/iamid",
         "//cli/internal/terraform",
         "//internal/attestation/measurements",
         "//internal/attestation/variant",

cli/internal/cloudcmd/iam.go

@@ -15,7 +15,6 @@ import (
 	"path"
 	"strings"
 
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
@@ -115,10 +114,10 @@ func NewIAMCreator(out io.Writer) *IAMCreator {
 }
 
 // Create prepares and hands over the corresponding providers IAM creator.
-func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider, opts *IAMConfigOptions) (iamid.File, error) {
+func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider, opts *IAMConfigOptions) (IAMOutput, error) {
 	cl, err := c.newTerraformClient(ctx, opts.TFWorkspace)
 	if err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 	defer cl.RemoveInstaller()
 
@@ -130,12 +129,12 @@ func (c *IAMCreator) Create(ctx context.Context, provider cloudprovider.Provider
 	case cloudprovider.AWS:
 		return c.createAWS(ctx, cl, opts)
 	default:
-		return iamid.File{}, fmt.Errorf("unsupported cloud provider: %s", provider)
+		return IAMOutput{}, fmt.Errorf("unsupported cloud provider: %s", provider)
 	}
 }
 
 // createGCP creates the IAM configuration on GCP.
-func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
+func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
 	defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
 
 	vars := terraform.GCPIAMVariables{
@@ -146,24 +145,24 @@ func (c *IAMCreator) createGCP(ctx context.Context, cl tfIAMClient, opts *IAMCon
 	}
 
 	if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.GCP.String())), &vars); err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
 	iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.GCP, opts.TFLogLevel)
 	if err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
-	return iamid.File{
+	return IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: GCPIAMOutput{
 			ServiceAccountKey: iamOutput.GCP.SaKey,
 		},
 	}, nil
 }
 
 // createAzure creates the IAM configuration on Azure.
-func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
+func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
 	defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
 
 	vars := terraform.AzureIAMVariables{
@@ -173,17 +172,17 @@ func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMC
 	}
 
 	if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.Azure.String())), &vars); err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
 	iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.Azure, opts.TFLogLevel)
 	if err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
-	return iamid.File{
+	return IAMOutput{
 		CloudProvider: cloudprovider.Azure,
-		AzureOutput: iamid.AzureFile{
+		AzureOutput: AzureIAMOutput{
 			SubscriptionID: iamOutput.Azure.SubscriptionID,
 			TenantID:       iamOutput.Azure.TenantID,
 			UAMIID:         iamOutput.Azure.UAMIID,
@@ -192,7 +191,7 @@ func (c *IAMCreator) createAzure(ctx context.Context, cl tfIAMClient, opts *IAMC
 }
 
 // createAWS creates the IAM configuration on AWS.
-func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (retFile iamid.File, retErr error) {
+func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMConfigOptions) (iam IAMOutput, retErr error) {
 	defer rollbackOnError(c.out, &retErr, &rollbackerTerraform{client: cl}, opts.TFLogLevel)
 
 	vars := terraform.AWSIAMVariables{
@@ -201,23 +200,51 @@ func (c *IAMCreator) createAWS(ctx context.Context, cl tfIAMClient, opts *IAMCon
 	}
 
 	if err := cl.PrepareWorkspace(path.Join("terraform", "iam", strings.ToLower(cloudprovider.AWS.String())), &vars); err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
 	iamOutput, err := cl.ApplyIAMConfig(ctx, cloudprovider.AWS, opts.TFLogLevel)
 	if err != nil {
-		return iamid.File{}, err
+		return IAMOutput{}, err
 	}
 
-	return iamid.File{
+	return IAMOutput{
 		CloudProvider: cloudprovider.AWS,
-		AWSOutput: iamid.AWSFile{
+		AWSOutput: AWSIAMOutput{
 			WorkerNodeInstanceProfile:   iamOutput.AWS.WorkerNodeInstanceProfile,
 			ControlPlaneInstanceProfile: iamOutput.AWS.ControlPlaneInstanceProfile,
 		},
 	}, nil
 }
 
+// IAMOutput is the output of creating a new IAM profile.
+type IAMOutput struct {
+	// CloudProvider is the cloud provider of the cluster.
+	CloudProvider cloudprovider.Provider `json:"cloudprovider,omitempty"`
+
+	GCPOutput   GCPIAMOutput   `json:"gcpOutput,omitempty"`
+	AzureOutput AzureIAMOutput `json:"azureOutput,omitempty"`
+	AWSOutput   AWSIAMOutput   `json:"awsOutput,omitempty"`
+}
+
+// GCPIAMOutput contains the output information of a GCP IAM configuration.
+type GCPIAMOutput struct {
+	ServiceAccountKey string `json:"serviceAccountID,omitempty"`
+}
+
+// AzureIAMOutput contains the output information of a Microsoft Azure IAM configuration.
+type AzureIAMOutput struct {
+	SubscriptionID string `json:"subscriptionID,omitempty"`
+	TenantID       string `json:"tenantID,omitempty"`
+	UAMIID         string `json:"uamiID,omitempty"`
+}
+
+// AWSIAMOutput contains the output information of an AWS IAM configuration.
+type AWSIAMOutput struct {
+	ControlPlaneInstanceProfile string `json:"controlPlaneInstanceProfile,omitempty"`
+	WorkerNodeInstanceProfile   string `json:"workerNodeInstanceProfile,omitempty"`
+}
+
 type newTFIAMClientFunc func(ctx context.Context, workspace string) (tfIAMClient, error)
 
 func newTerraformIAMClient(ctx context.Context, workspace string) (tfIAMClient, error) {

cli/internal/cloudcmd/iam_test.go

@@ -13,7 +13,6 @@ import (
 	"errors"
 	"testing"
 
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
@@ -33,9 +32,9 @@ func TestIAMCreator(t *testing.T) {
 			SaKey: "not_a_secret",
 		},
 	}
-	validGCPIAMIDFile := iamid.File{
+	validGCPIAMIDFile := IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: GCPIAMOutput{
 			ServiceAccountKey: "not_a_secret",
 		},
 	}
@@ -52,9 +51,9 @@ func TestIAMCreator(t *testing.T) {
 			UAMIID:         "test_uami_id",
 		},
 	}
-	validAzureIAMIDFile := iamid.File{
+	validAzureIAMIDFile := IAMOutput{
 		CloudProvider: cloudprovider.Azure,
-		AzureOutput: iamid.AzureFile{
+		AzureOutput: AzureIAMOutput{
 			SubscriptionID: "test_subscription_id",
 			TenantID:       "test_tenant_id",
 			UAMIID:         "test_uami_id",
@@ -71,9 +70,9 @@ func TestIAMCreator(t *testing.T) {
 			ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
 		},
 	}
-	validAWSIAMIDFile := iamid.File{
+	validAWSIAMIDFile := IAMOutput{
 		CloudProvider: cloudprovider.AWS,
-		AWSOutput: iamid.AWSFile{
+		AWSOutput: AWSIAMOutput{
 			ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
 			WorkerNodeInstanceProfile:   "test_worker_node_instance_profile",
 		},
@@ -84,7 +83,7 @@ func TestIAMCreator(t *testing.T) {
 		newTfClientErr error
 		config         *IAMConfigOptions
 		provider       cloudprovider.Provider
-		wantIAMIDFile  iamid.File
+		wantIAMIDFile  IAMOutput
 		wantErr        bool
 	}{
 		"new terraform client err": {

cli/internal/cmd/BUILD.bazel

@@ -46,7 +46,6 @@ go_library(
         "//cli/internal/clusterid",
         "//cli/internal/featureset",
         "//cli/internal/helm",
-        "//cli/internal/iamid",
         "//cli/internal/kubernetes",
         "//cli/internal/libvirt",
         "//cli/internal/terraform",
@@ -142,7 +141,6 @@ go_test(
         "//cli/internal/cloudcmd",
         "//cli/internal/clusterid",
         "//cli/internal/helm",
-        "//cli/internal/iamid",
         "//cli/internal/kubernetes",
         "//cli/internal/terraform",
         "//cli/internal/upgrade",

cli/internal/cmd/cloud.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
@@ -29,7 +28,7 @@ type cloudIAMCreator interface {
 		ctx context.Context,
 		provider cloudprovider.Provider,
 		opts *cloudcmd.IAMConfigOptions,
-	) (iamid.File, error)
+	) (cloudcmd.IAMOutput, error)
 }
 
 type iamDestroyer interface {

cli/internal/cmd/cloud_test.go

@@ -12,7 +12,6 @@ import (
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
 	"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/gcpshared"
@@ -57,7 +56,7 @@ func (c *stubCloudTerminator) Called() bool {
 
 type stubIAMCreator struct {
 	createCalled bool
-	id           iamid.File
+	id           cloudcmd.IAMOutput
 	createErr    error
 }
 
@@ -65,7 +64,7 @@ func (c *stubIAMCreator) Create(
 	_ context.Context,
 	provider cloudprovider.Provider,
 	_ *cloudcmd.IAMConfigOptions,
-) (iamid.File, error) {
+) (cloudcmd.IAMOutput, error) {
 	c.createCalled = true
 	c.id.CloudProvider = provider
 	return c.id, c.createErr

cli/internal/cmd/iamcreate.go

@@ -14,7 +14,6 @@ import (
 	"strings"
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
@@ -350,13 +349,13 @@ type providerIAMCreator interface {
 	// printConfirmValues prints the values that will be created on the cloud provider and need to be confirmed by the user.
 	printConfirmValues(cmd *cobra.Command, flags iamFlags)
 	// printOutputValues prints the values that were created on the cloud provider.
-	printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile iamid.File)
+	printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile cloudcmd.IAMOutput)
 	// writeOutputValuesToConfig writes the output values of the IAM creation to the constellation config file.
-	writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile iamid.File)
+	writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile cloudcmd.IAMOutput)
 	// parseFlagsAndSetupConfig parses the provider-specific flags and fills the values into the IAM config (output values of the command).
 	parseFlagsAndSetupConfig(cmd *cobra.Command, flags iamFlags, iamConfig *cloudcmd.IAMConfigOptions) (iamFlags, error)
 	// parseAndWriteIDFile parses the GCP service account key and writes it to a keyfile. It is only implemented for GCP.
-	parseAndWriteIDFile(iamFile iamid.File, fileHandler file.Handler) error
+	parseAndWriteIDFile(iamFile cloudcmd.IAMOutput, fileHandler file.Handler) error
 }
 
 // awsIAMCreator implements the providerIAMCreator interface for AWS.
@@ -404,14 +403,14 @@ func (c *awsIAMCreator) printConfirmValues(cmd *cobra.Command, flags iamFlags) {
 	cmd.Printf("Name Prefix:\t%s\n\n", flags.aws.prefix)
 }
 
-func (c *awsIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile iamid.File) {
+func (c *awsIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile cloudcmd.IAMOutput) {
 	cmd.Printf("region:\t\t\t%s\n", flags.aws.region)
 	cmd.Printf("zone:\t\t\t%s\n", flags.aws.zone)
 	cmd.Printf("iamProfileControlPlane:\t%s\n", iamFile.AWSOutput.ControlPlaneInstanceProfile)
 	cmd.Printf("iamProfileWorkerNodes:\t%s\n\n", iamFile.AWSOutput.WorkerNodeInstanceProfile)
 }
 
-func (c *awsIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile iamid.File) {
+func (c *awsIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile cloudcmd.IAMOutput) {
 	conf.Provider.AWS.Region = flags.aws.region
 	conf.Provider.AWS.Zone = flags.aws.zone
 	conf.Provider.AWS.IAMProfileControlPlane = iamFile.AWSOutput.ControlPlaneInstanceProfile
@@ -422,7 +421,7 @@ func (c *awsIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iam
 	}
 }
 
-func (c *awsIAMCreator) parseAndWriteIDFile(_ iamid.File, _ file.Handler) error {
+func (c *awsIAMCreator) parseAndWriteIDFile(_ cloudcmd.IAMOutput, _ file.Handler) error {
 	return nil
 }
 
@@ -467,7 +466,7 @@ func (c *azureIAMCreator) printConfirmValues(cmd *cobra.Command, flags iamFlags)
 	cmd.Printf("Service Principal:\t%s\n\n", flags.azure.servicePrincipal)
 }
 
-func (c *azureIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile iamid.File) {
+func (c *azureIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, iamFile cloudcmd.IAMOutput) {
 	cmd.Printf("subscription:\t\t%s\n", iamFile.AzureOutput.SubscriptionID)
 	cmd.Printf("tenant:\t\t\t%s\n", iamFile.AzureOutput.TenantID)
 	cmd.Printf("location:\t\t%s\n", flags.azure.region)
@@ -475,7 +474,7 @@ func (c *azureIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags,
 	cmd.Printf("userAssignedIdentity:\t%s\n", iamFile.AzureOutput.UAMIID)
 }
 
-func (c *azureIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile iamid.File) {
+func (c *azureIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, iamFile cloudcmd.IAMOutput) {
 	conf.Provider.Azure.SubscriptionID = iamFile.AzureOutput.SubscriptionID
 	conf.Provider.Azure.TenantID = iamFile.AzureOutput.TenantID
 	conf.Provider.Azure.Location = flags.azure.region
@@ -483,7 +482,7 @@ func (c *azureIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags i
 	conf.Provider.Azure.UserAssignedIdentity = iamFile.AzureOutput.UAMIID
 }
 
-func (c *azureIAMCreator) parseAndWriteIDFile(_ iamid.File, _ file.Handler) error {
+func (c *azureIAMCreator) parseAndWriteIDFile(_ cloudcmd.IAMOutput, _ file.Handler) error {
 	return nil
 }
 
@@ -549,14 +548,14 @@ func (c *gcpIAMCreator) printConfirmValues(cmd *cobra.Command, flags iamFlags) {
 	cmd.Printf("Zone:\t\t\t%s\n\n", flags.gcp.zone)
 }
 
-func (c *gcpIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, _ iamid.File) {
+func (c *gcpIAMCreator) printOutputValues(cmd *cobra.Command, flags iamFlags, _ cloudcmd.IAMOutput) {
 	cmd.Printf("projectID:\t\t%s\n", flags.gcp.projectID)
 	cmd.Printf("region:\t\t\t%s\n", flags.gcp.region)
 	cmd.Printf("zone:\t\t\t%s\n", flags.gcp.zone)
 	cmd.Printf("serviceAccountKeyPath:\t%s\n\n", gcpServiceAccountKeyPath(c.workspace))
 }
 
-func (c *gcpIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, _ iamid.File) {
+func (c *gcpIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iamFlags, _ cloudcmd.IAMOutput) {
 	conf.Provider.GCP.Project = flags.gcp.projectID
 	conf.Provider.GCP.ServiceAccountKeyPath = gcpServiceAccountKeyFile // File was created in workspace, so only the filename is needed.
 	conf.Provider.GCP.Region = flags.gcp.region
@@ -567,7 +566,7 @@ func (c *gcpIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iam
 	}
 }
 
-func (c *gcpIAMCreator) parseAndWriteIDFile(iamFile iamid.File, fileHandler file.Handler) error {
+func (c *gcpIAMCreator) parseAndWriteIDFile(iamFile cloudcmd.IAMOutput, fileHandler file.Handler) error {
 	// GCP needs to write the service account key to a file.
 	tmpOut, err := parseIDFile(iamFile.GCPOutput.ServiceAccountKey)
 	if err != nil {

cli/internal/cmd/iamcreate_test.go

@@ -12,7 +12,6 @@ import (
 	"testing"
 
 	"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
-	"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/edgelesssys/constellation/v2/internal/config"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
@@ -24,20 +23,20 @@ import (
 )
 
 func TestParseIDFile(t *testing.T) {
-	validIAMIDFile := iamid.File{
+	validIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: cloudcmd.GCPIAMOutput{
 			ServiceAccountKey: base64.RawStdEncoding.EncodeToString([]byte(`{"private_key_id":"not_a_secret"}`)),
 		},
 	}
-	invalidIAMIDFile := iamid.File{
+	invalidIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: cloudcmd.GCPIAMOutput{
 			ServiceAccountKey: "ey_Jwcml2YXRlX2tleV9pZCI6Im5vdF9hX3NlY3JldCJ9Cg==", // invalid b64
 		},
 	}
 	testCases := map[string]struct {
-		idFile           iamid.File
+		idFile           cloudcmd.IAMOutput
 		wantPrivateKeyID string
 		wantErr          bool
 	}{
@@ -72,9 +71,9 @@ func TestIAMCreateAWS(t *testing.T) {
 		fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
 		return fs
 	}
-	validIAMIDFile := iamid.File{
+	validIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.AWS,
-		AWSOutput: iamid.AWSFile{
+		AWSOutput: cloudcmd.AWSIAMOutput{
 			ControlPlaneInstanceProfile: "test_control_plane_instance_profile",
 			WorkerNodeInstanceProfile:   "test_worker_nodes_instance_profile",
 		},
@@ -304,9 +303,9 @@ func TestIAMCreateAzure(t *testing.T) {
 		fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
 		return fs
 	}
-	validIAMIDFile := iamid.File{
+	validIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.Azure,
-		AzureOutput: iamid.AzureFile{
+		AzureOutput: cloudcmd.AzureIAMOutput{
 			SubscriptionID: "test_subscription_id",
 			TenantID:       "test_tenant_id",
 			UAMIID:         "test_uami_id",
@@ -504,15 +503,15 @@ func TestIAMCreateGCP(t *testing.T) {
 		fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
 		return fs
 	}
-	validIAMIDFile := iamid.File{
+	validIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: cloudcmd.GCPIAMOutput{
 			ServiceAccountKey: "eyJwcml2YXRlX2tleV9pZCI6Im5vdF9hX3NlY3JldCJ9Cg==", // {"private_key_id":"not_a_secret"}
 		},
 	}
-	invalidIAMIDFile := iamid.File{
+	invalidIAMIDFile := cloudcmd.IAMOutput{
 		CloudProvider: cloudprovider.GCP,
-		GCPOutput: iamid.GCPFile{
+		GCPOutput: cloudcmd.GCPIAMOutput{
 			ServiceAccountKey: "ey_Jwcml2YXRlX2tleV9pZCI6Im5vdF9hX3NlY3JldCJ9Cg==", // invalid b64
 		},
 	}

cli/internal/iamid/BUILD.bazel

@@ -1,9 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-
-go_library(
-    name = "iamid",
-    srcs = ["id.go"],
-    importpath = "github.com/edgelesssys/constellation/v2/cli/internal/iamid",
-    visibility = ["//cli:__subpackages__"],
-    deps = ["//internal/cloud/cloudprovider"],
-)

cli/internal/iamid/id.go

@@ -1,43 +0,0 @@
-/*
-Copyright (c) Edgeless Systems GmbH
-SPDX-License-Identifier: AGPL-3.0-only
-*/
-
-/*
-Package iamid contains the output information of IAM resource creation.
-*/
-package iamid
-
-import (
-	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
-)
-
-// File contains output information of an IAM configuration.
-type File struct {
-	// CloudProvider is the cloud provider of the cluster.
-	CloudProvider cloudprovider.Provider `json:"cloudprovider,omitempty"`
-
-	GCPOutput GCPFile `json:"gcpOutput,omitempty"`
-
-	AzureOutput AzureFile `json:"azureOutput,omitempty"`
-
-	AWSOutput AWSFile `json:"awsOutput,omitempty"`
-}
-
-// GCPFile contains the output information of a GCP IAM configuration.
-type GCPFile struct {
-	ServiceAccountKey string `json:"serviceAccountID,omitempty"`
-}
-
-// AzureFile contains the output information of a Microsoft Azure IAM configuration.
-type AzureFile struct {
-	SubscriptionID string `json:"subscriptionID,omitempty"`
-	TenantID       string `json:"tenantID,omitempty"`
-	UAMIID         string `json:"uamiID,omitempty"`
-}
-
-// AWSFile contains the output information of an AWS IAM configuration.
-type AWSFile struct {
-	ControlPlaneInstanceProfile string `json:"controlPlaneInstanceProfile,omitempty"`
-	WorkerNodeInstanceProfile   string `json:"workerNodeInstanceProfile,omitempty"`
-}