Add all admin and access roles to super admin group

This commit is contained in:
Tobias Manske 2024-01-16 01:34:02 +01:00
parent 5f2c316033
commit de76894eb4
Signed by: tobias
GPG Key ID: 9164B527694A0709

View File

@ -43,7 +43,7 @@ resource "keycloak_role" "restricted-access" {
resource "keycloak_role" "admin-role" { resource "keycloak_role" "admin-role" {
realm_id = data.keycloak_realm.realm.id realm_id = data.keycloak_realm.realm.id
client_id = keycloak_openid_client.client.id client_id = keycloak_openid_client.client.id
name = "${var.admin_role_name != null ? "${var.admin_role_name}" : "${var.client_name}-admin"}" name = var.admin_role_name != null ? "${var.admin_role_name}" : "${var.client_name}-admin"
description = "Client Admin permissions" description = "Client Admin permissions"
} }
@ -73,3 +73,18 @@ resource "keycloak_group_roles" "admin_group_roles" {
keycloak_role.admin-role.id keycloak_role.admin-role.id
] ]
} }
data "keycloak_group" "super_admin_group" {
realm_id = data.keycloak_realm.realm.id
name = "service-admin"
}
resource "keycloak_group_roles" "super_admin_group_roles" {
exhaustive = false
realm_id = data.keycloak_realm.realm.id
group_id = data.keycloak_group.super_admin_group.id
role_ids = [
keycloak_role.restricted-access.id,
keycloak_role.admin-role.id
]
}