Skip to content
Snippets Groups Projects
Verified Commit 66527e98 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

keycloak: Rename some things around and add staff role

parent f0012773
No related branches found
No related tags found
No related merge requests found
Pipeline #121 failed
Stage: test
Hide whitespace changes
Inline Side-by-side
Showing
with 18 additions and 4 deletions
tf-stage2/keycloak.tf
+ 18
4
View file @ 66527e98
......@@ -156,7 +156,7 @@ resource "keycloak_saml_user_property_protocol_mapper" "gitlab_saml_username" {
saml_attribute_name_format = "Basic"
}
resource "keycloak_group" "archlinux_staff" {
resource "keycloak_group" "staff" {
realm_id = "archlinux"
name = "Arch Linux Staff"
}
......@@ -170,17 +170,23 @@ resource "keycloak_group" "arch_groups" {
for_each = var.arch_groups
realm_id = "archlinux"
parent_id = keycloak_group.archlinux_staff.id
parent_id = keycloak_group.staff.id
name = each.value
}
resource "keycloak_role" "devops" {
realm_id = "archlinux"
name = "DevOps"
description = "DevOps role"
description = "Role held by members of the DevOps group"
}
resource "keycloak_group_roles" "group_roles" {
resource "keycloak_role" "staff" {
realm_id = "archlinux"
name = "Staff"
description = "Role held by all Arch Linux staff"
}
resource "keycloak_group_roles" "devops" {
realm_id = "archlinux"
group_id = keycloak_group.arch_groups["DevOps"].id
role_ids = [
......@@ -188,6 +194,14 @@ resource "keycloak_group_roles" "group_roles" {
]
}
resource "keycloak_group_roles" "staff" {
realm_id = "archlinux"
group_id = keycloak_group.staff.id
role_ids = [
keycloak_role.staff.id
]
}
output "gitlab_saml_configuration" {
value = {
issuer = keycloak_saml_client.saml_gitlab.client_id
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment