module "minioclient" { source = "./modules/kc-client" realm = var.realm client_id = "minio" client_name = "minio" description = "minio.tobiasmanske.de" root_url = "https://minio.tobiasmanske.de" admin_url = "" base_url = "" valid_redirect_uris = ["https://minio.tobiasmanske.de/oauth_callback"] web_origins = [] } resource "keycloak_openid_user_session_note_protocol_mapper" "minio-client-id-mapper" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "Client ID" claim_name = "clientId" claim_value_type = "String" session_note = "clientId" } resource "keycloak_openid_user_session_note_protocol_mapper" "minio-client-host-mapper" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "Client Host" claim_name = "clientHost" claim_value_type = "String" session_note = "clientHost" } resource "keycloak_openid_user_session_note_protocol_mapper" "minio-client-ip-address-mapper" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "Client Address" claim_name = "clientAddress" claim_value_type = "String" session_note = "clientAddress" } resource "keycloak_openid_user_client_role_protocol_mapper" "minio-role-mapper" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id client_id_for_role_mappings = module.minioclient.client_id multivalued = true name = "user-client-role-mapper" claim_name = "roles" add_to_userinfo = true add_to_access_token = true add_to_id_token = true } resource "keycloak_role" "minio-consoleAdmin" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "consoleAdmin" description = "" } resource "keycloak_role" "minio-diagnostics" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "diagnostics" description = "" } resource "keycloak_role" "minio-readonly" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "readonly" description = "" } resource "keycloak_role" "minio-readwrite" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "readwrite" description = "" } resource "keycloak_role" "minio-writeonly" { realm_id = module.minioclient.realm.id client_id = module.minioclient.client.id name = "writeonly" description = "" }