JankySolutions/infra
2
0
Fork 0
Code Issues Pull requests 5 Projects Releases Packages 12 Wiki Activity Actions
infra/tf/keycloak-client/main.tf

24 lines
997 B
HCL
Raw Permalink Blame History

resource "keycloak_openid_client" "oidc" {
realm_id = var.realm
client_id = var.client_id
name = var.name != null ? var.name : var.client_id
enabled = true
use_refresh_tokens = var.use_refresh_tokens
service_accounts_enabled = var.service_accounts_enabled
access_type = "CONFIDENTIAL"
standard_flow_enabled = true
root_url = var.root_url != null ? var.root_url : "https://${var.client_id}.janky.solutions"
valid_redirect_uris = length(var.valid_redirect_uris) == 0 ? ["/*"] : var.valid_redirect_uris
}
# resource "keycloak_openid_client_service_account_realm_role" ""
resource "vault_kv_secret_v2" "oidc" {
mount = var.vault_mount
name = "${var.namespace != null ? var.namespace : var.client_id}/default/oidc-client-credentials-${var.client_id}"
data_json = jsonencode({
client_id = keycloak_openid_client.oidc.client_id,
client_secret = keycloak_openid_client.oidc.client_secret
})
}
Reference in a new issue View git blame Copy permalink