search

bcgov / moh-keycloak-client-configurations

Apache License 2.0
1 stars 3 forks source link

Create CGI Registries Admin Group in PROD. #551

Closed sharpedavid closed 2 months ago

sharpedavid commented 2 months ago

Changes being made

Create CGI Registries Admin Group in PROD. Add HCIM and PLR management permissions to group in TEST.

Context

As requested by BSL.

Quality Check

github-actions[bot] commented 2 months ago

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

Show Plan ``` module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_UAT/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/d8799ef3-97b8-4f85-8f04-fb39cc8b813a] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/52caf85e-e771-4fa4-8274-1afc8d170cd2] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_FLVR/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/055145d3-f83a-43ac-9b95-2161351f89c9] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/5438b8e8-4948-4446-a083-531ec9654913] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_UAT/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/045f3224-9637-4785-a661-fc6f028804d2/7da1617b-2d92-4c2c-8981-dd7151a76a85] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_SIT/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/1197df69-9199-49a5-a49a-c7d43d35551c/9c02e9eb-e774-4a31-8e43-3e54a54ea88f] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_STG/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/2e161683-3c4d-4a2a-a86b-c83f2fe3e3d7/f692dc45-2411-41f7-ac95-da948714f1a7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_FLVR/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/ab63ae34-0fda-4f1b-ac8f-1380bea87f44/24124d3b-7a3e-4a8b-af90-47c03394b350] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_CONF/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/c0fe2e9f-6937-4ffa-9296-d786d9b0a98b/dcc3f917-a5aa-46f1-a7f7-3e9ed6e0e5ad] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/SECONDARY_SOURCE"]: Refreshing state... [id=moh_applications/client/a6111e23-097e-4f61-9c25-9343b0efd796/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/4e6fc50d-7fe8-4538-ac58-7871aea011b8] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_IAT/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/4e6fc50d-7fe8-4538-ac58-7871aea011b8] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/dcc3f917-a5aa-46f1-a7f7-3e9ed6e0e5ad] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_FLVR/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/24124d3b-7a3e-4a8b-af90-47c03394b350] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_SIT/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/9c02e9eb-e774-4a31-8e43-3e54a54ea88f] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_STG/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/f692dc45-2411-41f7-ac95-da948714f1a7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_REV/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/5438b8e8-4948-4446-a083-531ec9654913] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-PRIMARY-CARE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_UAT/SECONDARY_SOURCE"]: Refreshing state... [id=29e820c6-284b-4209-ae0a-430c5033fd30/7da1617b-2d92-4c2c-8981-dd7151a76a85] module.KEYCLOAK_PROD.module.moh_applications.module.DMFT-SERVICE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/view_endorsement_data"]: Refreshing state... [id=moh_applications/client/c87f3feb-3c06-4d61-a5c2-48c593cccd1b/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/0c2d08b1-b900-4b0c-a4d3-9e6e3e1ef847] module.KEYCLOAK_PROD.module.moh_applications.module.DMFT-SERVICE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PIDP-SERVICE/view_endorsement_data"]: Refreshing state... [id=68a46e0b-2861-4850-8cb3-dfae13e47ca3/0c2d08b1-b900-4b0c-a4d3-9e6e3e1ef847] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/ADMIN"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/7489c26e-77c8-47ad-9c07-a9bb97a37d91] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/USER"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/65d6f8b7-0703-46ed-9ced-55457bd6c14b] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/feature_pidp_demo"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/86ec4f91-45fb-4e65-ae4f-e1b952fd4e47] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["account/view-profile"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/60dfb3b9-5ceb-4498-a24c-9641796bd991/43bf4fca-777a-4c9c-9127-f9677c654fef] module.KEYCLOAK_PROD.module.moh_applications.module.MANAGE-USERS.keycloak_role.REALM_ROLE: Refreshing state... [id=eeac5c0a-7b1b-4607-ad95-1630769b5892] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-MID-TIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/4e3d322a-fbe7-438d-8ee7-95a1707d40dc] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/1798203d-027f-4856-a445-8a90c1dc9756] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/053fa749-b569-4258-bc9e-bc8ca0541dfe] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/27967216-03f7-4259-b50a-955b995d51ad] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DBA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/9ada1d3b-be63-40a3-84f2-e4ec0e10be88] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/eb2dce73-6fe7-4b63-8b7a-c5995a530714] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-MIDTIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/782fe94e-79a2-438f-9bc1-28717395b28d] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/ba2aead8-cd2d-4519-991b-3bd44c71c057] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/658f081c-a8b0-4c1b-b9ee-7e8901158ce7] module.KEYCLOAK_PROD.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/270966e6-985c-4d55-a35c-53e32ab4cf46] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.KEYCLOAK_PROD.module.moh_applications.module.CGI-REGISTRIES-ADMIN.keycloak_group.GROUP will be created + resource "keycloak_group" "GROUP" { + id = (known after apply) + name = "Registries Admin" + path = (known after apply) + realm_id = "moh_applications" } # module.KEYCLOAK_PROD.module.moh_applications.module.CGI-REGISTRIES-ADMIN.keycloak_group_roles.GROUP_ROLES will be created + resource "keycloak_group_roles" "GROUP_ROLES" { + exhaustive = true + group_id = (known after apply) + id = (known after apply) + realm_id = "moh_applications" + role_ids = [ + "0304d406-4ac5-46ec-bd2a-7a5a081a7e70", + "0a96d3fa-66b7-4f16-8dd7-276ce53be553", + "0b6e1b8b-dcb3-4da5-be8c-c74a377426c1", + "197b2f83-cdec-4585-939f-bc19bebdf802", + "25b73a09-5c9f-40a7-914e-c1108c61cc2e", + "30082a96-b600-4b97-83ee-8f622b28f6c7", + "414d1083-7d48-42e3-84d9-c9e6cf4b9b89", + "699263a1-dfd9-4304-8d4a-69dc737179ec", + "767bb2ee-f967-4718-ad7e-6414880253a2", + "79885676-48f2-43af-ade4-bc4f11d95f61", + "99196406-f8c6-42b2-aaae-cf262ffe3f27", ] } # module.KEYCLOAK_TEST.module.moh_applications.module.REGISTRIES-ADMIN.keycloak_group.GROUP will be updated in-place ~ resource "keycloak_group" "GROUP" { id = "9782254e-fe90-4901-85f0-0ad253ae181d" ~ name = "Registries Admin" -> "CGI Registries Admin" # (3 unchanged attributes hidden) } # module.KEYCLOAK_TEST.module.moh_applications.module.REGISTRIES-ADMIN.keycloak_group_roles.GROUP_ROLES will be updated in-place ~ resource "keycloak_group_roles" "GROUP_ROLES" { id = "moh_applications/9782254e-fe90-4901-85f0-0ad253ae181d" ~ role_ids = [ + "4386dcb7-036e-4b45-bec9-e60d7b963bf9", + "4b554dbe-6f89-4798-824b-d2e290595f92", + "5f998ee4-6cc5-46f4-909c-32dd02bd6ae0", + "9130f6c7-1d49-4f21-8a18-0db979ca1eb6", + "bc49c66e-fd42-4d7d-b27c-a04069aa35e7", + "dc4020f7-1ffa-4515-8277-26466c54511c", # (17 unchanged elements hidden) ] # (3 unchanged attributes hidden) } Plan: 2 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @sharpedavid, Action: pull_request

github-actions[bot] commented 2 months ago

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

Show Plan ``` module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-REGADMIN.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/REG_ADMIN"]: Refreshing state... [id=9de738bd-9cd8-4858-9262-024b2b871eb5/92a2dc0e-0595-4d15-b5a3-87e56140e441] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-PRIMARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_UAT/PRIMARY_SOURCE"]: Refreshing state... [id=74af1232-8e9f-44e5-be27-0863f000291a/9ce4e013-c2b7-4379-a46e-1c6b495803a6] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-PRIMARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/PRIMARY_SOURCE"]: Refreshing state... [id=74af1232-8e9f-44e5-be27-0863f000291a/7430c88e-e4e4-4bbd-b262-d4c9bc3ba564] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-PRIMARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_REV/PRIMARY_SOURCE"]: Refreshing state... [id=74af1232-8e9f-44e5-be27-0863f000291a/4b919d71-c76b-4621-be50-f05a7e8ed144] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-PRIMARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_IAT/PRIMARY_SOURCE"]: Refreshing state... [id=74af1232-8e9f-44e5-be27-0863f000291a/895c4a65-e67d-4657-bba3-df5a1440fc58] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-PRIMARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_SIT/PRIMARY_SOURCE"]: Refreshing state... [id=74af1232-8e9f-44e5-be27-0863f000291a/96650edd-ac15-4f9c-a27b-2be7231344bf] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA-REGADMIN.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_REV/REG_ADMIN"]: Refreshing state... [id=31672706-e206-4e1c-bc84-c423bd9e41cb/eac35713-072d-4453-9ef1-084ea6e54eda] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA-REGADMIN.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_IAT/REG_ADMIN"]: Refreshing state... [id=31672706-e206-4e1c-bc84-c423bd9e41cb/d1edf467-3b43-45a5-be8d-482d1c0dd3ef] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/ADMIN"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/7489c26e-77c8-47ad-9c07-a9bb97a37d91] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/feature_pidp_demo"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/86ec4f91-45fb-4e65-ae4f-e1b952fd4e47] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["account/view-profile"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/60dfb3b9-5ceb-4498-a24c-9641796bd991/43bf4fca-777a-4c9c-9127-f9677c654fef] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/USER"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/65d6f8b7-0703-46ed-9ced-55457bd6c14b] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-SECONDARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_IAT/SECONDARY_SOURCE"]: Refreshing state... [id=5dd46afb-8767-45b7-979d-3c18a53ba565/4e6fc50d-7fe8-4538-ac58-7871aea011b8] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-SECONDARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_SIT/SECONDARY_SOURCE"]: Refreshing state... [id=5dd46afb-8767-45b7-979d-3c18a53ba565/9c02e9eb-e774-4a31-8e43-3e54a54ea88f] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-SECONDARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_REV/SECONDARY_SOURCE"]: Refreshing state... [id=5dd46afb-8767-45b7-979d-3c18a53ba565/5438b8e8-4948-4446-a083-531ec9654913] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-SECONDARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/SECONDARY_SOURCE"]: Refreshing state... [id=5dd46afb-8767-45b7-979d-3c18a53ba565/dcc3f917-a5aa-46f1-a7f7-3e9ed6e0e5ad] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-SECONDARY-SOURCE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_UAT/SECONDARY_SOURCE"]: Refreshing state... [id=5dd46afb-8767-45b7-979d-3c18a53ba565/7da1617b-2d92-4c2c-8981-dd7151a76a85] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA-REGADMIN.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/REG_ADMIN"]: Refreshing state... [id=moh_applications/client/758d2b1d-ea51-471f-b129-043aadc81c65/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/eac35713-072d-4453-9ef1-084ea6e54eda] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA-REGADMIN.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/REG_ADMIN"]: Refreshing state... [id=moh_applications/client/758d2b1d-ea51-471f-b129-043aadc81c65/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/d1edf467-3b43-45a5-be8d-482d1c0dd3ef] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-MOH-APPROVER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/MOH_APPROVER"]: Refreshing state... [id=moh_applications/client/e6dc2c15-abb0-4a31-83ba-90ccae0e740f/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/9aa82afd-7a6d-4dac-b5d6-033c12b36fa6] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-MOH-APPROVER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_SIT/MOH_APPROVER"]: Refreshing state... [id=moh_applications/client/e6dc2c15-abb0-4a31-83ba-90ccae0e740f/scope-mappings/1197df69-9199-49a5-a49a-c7d43d35551c/a365f662-fbca-4c9a-af4b-076a860933a8] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-MOH-APPROVER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_UAT/MOH_APPROVER"]: Refreshing state... [id=moh_applications/client/e6dc2c15-abb0-4a31-83ba-90ccae0e740f/scope-mappings/045f3224-9637-4785-a661-fc6f028804d2/779c5ea7-5c9a-486f-ad8f-4fa2d1d8d365] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-MOH-APPROVER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/MOH_APPROVER"]: Refreshing state... [id=moh_applications/client/e6dc2c15-abb0-4a31-83ba-90ccae0e740f/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/0e63f5f5-a9b9-4b31-973c-2ecba829c3bb] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-MOH-APPROVER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_CONF/MOH_APPROVER"]: Refreshing state... [id=moh_applications/client/e6dc2c15-abb0-4a31-83ba-90ccae0e740f/scope-mappings/c0fe2e9f-6937-4ffa-9296-d786d9b0a98b/37f6a73b-4640-412c-ac9f-ca9417b769f7] module.KEYCLOAK_PROD.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/270966e6-985c-4d55-a35c-53e32ab4cf46] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-MIDTIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/782fe94e-79a2-438f-9bc1-28717395b28d] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-MID-TIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/4e3d322a-fbe7-438d-8ee7-95a1707d40dc] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/658f081c-a8b0-4c1b-b9ee-7e8901158ce7] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/1798203d-027f-4856-a445-8a90c1dc9756] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DBA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/9ada1d3b-be63-40a3-84f2-e4ec0e10be88] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/27967216-03f7-4259-b50a-955b995d51ad] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/053fa749-b569-4258-bc9e-bc8ca0541dfe] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/ba2aead8-cd2d-4519-991b-3bd44c71c057] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/eb2dce73-6fe7-4b63-8b7a-c5995a530714] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.KEYCLOAK_PROD.module.moh_applications.module.CGI-REGISTRIES-ADMIN.keycloak_group.GROUP will be created + resource "keycloak_group" "GROUP" { + id = (known after apply) + name = "CGI Registries Admin" + path = (known after apply) + realm_id = "moh_applications" } # module.KEYCLOAK_PROD.module.moh_applications.module.CGI-REGISTRIES-ADMIN.keycloak_group_roles.GROUP_ROLES will be created + resource "keycloak_group_roles" "GROUP_ROLES" { + exhaustive = true + group_id = (known after apply) + id = (known after apply) + realm_id = "moh_applications" + role_ids = [ + "0304d406-4ac5-46ec-bd2a-7a5a081a7e70", + "0a96d3fa-66b7-4f16-8dd7-276ce53be553", + "0b6e1b8b-dcb3-4da5-be8c-c74a377426c1", + "197b2f83-cdec-4585-939f-bc19bebdf802", + "25b73a09-5c9f-40a7-914e-c1108c61cc2e", + "30082a96-b600-4b97-83ee-8f622b28f6c7", + "414d1083-7d48-42e3-84d9-c9e6cf4b9b89", + "699263a1-dfd9-4304-8d4a-69dc737179ec", + "767bb2ee-f967-4718-ad7e-6414880253a2", + "79885676-48f2-43af-ade4-bc4f11d95f61", + "99196406-f8c6-42b2-aaae-cf262ffe3f27", ] } # module.KEYCLOAK_TEST.module.moh_applications.module.REGISTRIES-ADMIN.keycloak_group.GROUP will be updated in-place ~ resource "keycloak_group" "GROUP" { id = "9782254e-fe90-4901-85f0-0ad253ae181d" ~ name = "Registries Admin" -> "CGI Registries Admin" # (3 unchanged attributes hidden) } # module.KEYCLOAK_TEST.module.moh_applications.module.REGISTRIES-ADMIN.keycloak_group_roles.GROUP_ROLES will be updated in-place ~ resource "keycloak_group_roles" "GROUP_ROLES" { id = "moh_applications/9782254e-fe90-4901-85f0-0ad253ae181d" ~ role_ids = [ + "4386dcb7-036e-4b45-bec9-e60d7b963bf9", + "4b554dbe-6f89-4798-824b-d2e290595f92", + "5f998ee4-6cc5-46f4-909c-32dd02bd6ae0", + "9130f6c7-1d49-4f21-8a18-0db979ca1eb6", + "bc49c66e-fd42-4d7d-b27c-a04069aa35e7", + "dc4020f7-1ffa-4515-8277-26466c54511c", # (17 unchanged elements hidden) ] # (3 unchanged attributes hidden) } Plan: 2 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @sharpedavid, Action: pull_request