Add all admin and access roles to super admin group
This commit is contained in:
parent
5f2c316033
commit
de76894eb4
@ -43,7 +43,7 @@ resource "keycloak_role" "restricted-access" {
|
|||||||
resource "keycloak_role" "admin-role" {
|
resource "keycloak_role" "admin-role" {
|
||||||
realm_id = data.keycloak_realm.realm.id
|
realm_id = data.keycloak_realm.realm.id
|
||||||
client_id = keycloak_openid_client.client.id
|
client_id = keycloak_openid_client.client.id
|
||||||
name = "${var.admin_role_name != null ? "${var.admin_role_name}" : "${var.client_name}-admin"}"
|
name = var.admin_role_name != null ? "${var.admin_role_name}" : "${var.client_name}-admin"
|
||||||
description = "Client Admin permissions"
|
description = "Client Admin permissions"
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,3 +73,18 @@ resource "keycloak_group_roles" "admin_group_roles" {
|
|||||||
keycloak_role.admin-role.id
|
keycloak_role.admin-role.id
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
data "keycloak_group" "super_admin_group" {
|
||||||
|
realm_id = data.keycloak_realm.realm.id
|
||||||
|
name = "service-admin"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "keycloak_group_roles" "super_admin_group_roles" {
|
||||||
|
exhaustive = false
|
||||||
|
realm_id = data.keycloak_realm.realm.id
|
||||||
|
group_id = data.keycloak_group.super_admin_group.id
|
||||||
|
role_ids = [
|
||||||
|
keycloak_role.restricted-access.id,
|
||||||
|
keycloak_role.admin-role.id
|
||||||
|
]
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user