Comments (4)
Hi @fharding1, thanks for the issue! You're right that the provider does not currently support this, I'd be happy to accept a PR that adds this functionality.
I think the HCL you posted makes sense and is the best approach. I agree that adding default groups on the keycloak_realm
resource does not make sense, mostly because there would be no way to apply your entire configuration with a single run of terraform apply
, like you mentioned. Also, that resource has too many attributes on it already 😄
Feel free to let me know if you have any questions or run into issues while working on this.
from terraform-provider-keycloak.
Something else I just thought of - it may be a good idea to do some extra validation against using the keycloak_group_memberships
resource on a default group, or at least document the pitfalls of using both of these resources on the same group.
from terraform-provider-keycloak.
Because of:
Note that this resource attempts to be an authoritative source over group members.
Do you think it makes sense to just not allow a default group to be used alongside keycloak_group_memberships
? Is that even doable?
from terraform-provider-keycloak.
So I'm actually thinking it might make sense to have one keycloak_default_groups
resource per realm which looks like this:
resource "keycloak_default_group" "example_group" {
realm_id = "${keycloak_realm.realm.id}"
group_ids = ["${keycloak_group.example_group.id}", "${keycloak_group.example_group_2.id}"]
}
This would be similar to how the keycloak_group_memberships
resource works. It makes PUT/DELETE a bit weirder, but the GET endpoint makes a lot more sense.
from terraform-provider-keycloak.
Related Issues (20)
- resource "keycloak_default_roles" doesn't support adding client roles HOT 2
- Add connection pooling support for keycloak_ldap_user_federation
- Importing clients / roles does not update realm_id correctly HOT 1
- Condition user - attribute HOT 1
- Add support to add `protocolMapper` to realm client scope HOT 2
- Support 'agggreate attributes' for SAML User Attribute Protocol Mappers
- Keycloak version >= 24 support? HOT 8
- keycloak_realm_user_profile: should support 'unmanagedAttributePolicy' HOT 4
- CVE-2023-45288 - GO-2024-2687 HOT 1
- CVE-2024-24786 - GHSA-8r3f-844c-mc37 HOT 1
- Malformed version with RedHat Build of Keycloak (RHBK) HOT 3
- Inconsistency in Group Sorting in keycloak_openid_client_group_policy Causes Random Drift in Terraform Provider HOT 1
- error provider
- resource missing
- Terraform provider (client credentials grant) having issue HOT 1
- Support SAML Client in terraformer
- Update GO HOT 1
- `keycloak_openid_audience_protocol_mapper`: Unpaginated request to `/admin/realms/${realm}/clients`
- The private_key schema element of the keycloak_realm_keystore_rsa resource must be sensitive HOT 1
- The health of this repo, an open discussion. HOT 20
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-keycloak.