infra/tf/keycloak-clients.tf

// own client
module "keycloak_client_tofu" {
  source = "./keycloak-client"

  realm = keycloak_realm.dev.id
  vault_mount = vault_mount.static_secrets.path

  client_id = "tofu"
  service_accounts_enabled = true
}

data "keycloak_openid_client" "realm_management" {
    realm_id = keycloak_realm.dev.id
    client_id = "realm-management"
}

resource "keycloak_openid_client_service_account_role" "client_service_account_role" {
  realm_id                = keycloak_realm.dev.id
  client_id               = data.keycloak_openid_client.realm_management.id
  service_account_user_id = module.keycloak_client_tofu.service_account_user_id
  role                    = "realm-admin"
}
terraform refactor + keycloak terraform tests 2024-09-17 06:56:35 +00:00			`// own client`
			`module "keycloak_client_tofu" {`
			`source = "./keycloak-client"`

			`realm = keycloak_realm.dev.id`
			`vault_mount = vault_mount.static_secrets.path`

			`client_id = "tofu"`
			`service_accounts_enabled = true`
			`}`

			`data "keycloak_openid_client" "realm_management" {`
			`realm_id = keycloak_realm.dev.id`
			`client_id = "realm-management"`
			`}`

			`resource "keycloak_openid_client_service_account_role" "client_service_account_role" {`
			`realm_id = keycloak_realm.dev.id`
			`client_id = data.keycloak_openid_client.realm_management.id`
			`service_account_user_id = module.keycloak_client_tofu.service_account_user_id`
			`role = "realm-admin"`
			`}`