move genesys to prod

[filipflorek]

Changes being made

Remove Genesys-production client from Keycloak Test. Create Genesys client in Keycloak prod.

Context

Connecting Genesys Prod env to Keycloak Prod env. Exact copy of the client.

Quality Check

• [x] Client has Name and Description defined.
• [x] Full Scope Allowed is disabled.
• [x] Direct Access Grants Enabled is disabled.
• [x] Valid Redirect URIs are properly defined, or explanation for * (allow all) is provided.
• [x] Web Origins are set to + instead of * to restrict the CORS origins.
• [x] Client Scopes are not assigned to client, or explanation for doing so is provided.
• [x] Client module and all references are defined in clients.tf in realm root folder. Same rule applies to other resources, like groups and realm roles.
• [x] Terraform plan contains only my changes, or other developers are aware that their manual changes can be overridden. 
• [x] CMDB is updated, if applicable.

[github-actions[bot]]

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

Show Plan

``` + resource "keycloak_saml_user_attribute_protocol_mapper" "saml_user_attribute_mapper" { + client_id = (known after apply) + friendly_name = "email" + id = (known after apply) + name = "email" + realm_id = "moh_applications" + saml_attribute_name = "email" + saml_attribute_name_format = "Basic" + user_attribute = "email" } # module.KEYCLOAK_TEST.module.moh_applications.module.GENESYS-PRODUCTION.keycloak_generic_client_protocol_mapper.saml_hardcoded_attribute_mapper will be destroyed # (because keycloak_generic_client_protocol_mapper.saml_hardcoded_attribute_mapper is not in configuration) - resource "keycloak_generic_client_protocol_mapper" "saml_hardcoded_attribute_mapper" { - client_id = "c7a7f355-f864-4687-b5af-d0a9b31a79f1" -> null - config = { - "attribute.name" = "OrganizationName" - "attribute.nameformat" = "Basic" - "attribute.value" = "hlbc-prod" - "friendly.name" = "OrganizationName" } -> null - id = "a4b75af0-0696-4abf-a4c2-f97c4e1bc8e1" -> null - name = "OrganizationName" -> null - protocol = "saml" -> null - protocol_mapper = "saml-hardcode-attribute-mapper" -> null - realm_id = "moh_applications" -> null } # module.KEYCLOAK_TEST.module.moh_applications.module.GENESYS-PRODUCTION.keycloak_generic_client_protocol_mapper.saml_service_name_mapper will be destroyed # (because keycloak_generic_client_protocol_mapper.saml_service_name_mapper is not in configuration) - resource "keycloak_generic_client_protocol_mapper" "saml_service_name_mapper" { - client_id = "c7a7f355-f864-4687-b5af-d0a9b31a79f1" -> null - config = { - "attribute.name" = "ServiceName" - "attribute.nameformat" = "Basic" - "attribute.value" = "directory" - "friendly.name" = "ServiceName" } -> null - id = "8608a17f-563a-473e-970a-6635abff3229" -> null - name = "ServiceName" -> null - protocol = "saml" -> null - protocol_mapper = "saml-hardcode-attribute-mapper" -> null - realm_id = "moh_applications" -> null } # module.KEYCLOAK_TEST.module.moh_applications.module.GENESYS-PRODUCTION.keycloak_saml_client.CLIENT will be destroyed # (because keycloak_saml_client.CLIENT is not in configuration) - resource "keycloak_saml_client" "CLIENT" { - assertion_consumer_post_url = "https://login.cac1.pure.cloud/saml" -> null - assertion_consumer_redirect_url = "https://login.cac1.pure.cloud/saml" -> null - base_url = "https://apps.cac1.pure.cloud/" -> null - canonicalization_method = "EXCLUSIVE" -> null - client_id = "GENESYS-PRODUCTION" -> null - client_signature_required = false -> null - description = "Contact Center as a Service (CCaaS) Genesys CX Cloud contact center solution. Production environment. Temporarily connected to Keycloak Test instance." -> null - enabled = true -> null - encrypt_assertions = false -> null - extra_config = {} -> null - force_name_id_format = false -> null - force_post_binding = true -> null - front_channel_logout = true -> null - full_scope_allowed = false -> null - id = "c7a7f355-f864-4687-b5af-d0a9b31a79f1" -> null - include_authn_statement = true -> null - login_theme = "idir_aad-phsa-bcprovider" -> null - logout_service_post_binding_url = "https://login.cac1.pure.cloud/saml/logout" -> null - logout_service_redirect_binding_url = "https://login.cac1.pure.cloud/saml/logout" -> null - name = "GENESYS PRODUCTION" -> null - name_id_format = "persistent" -> null - realm_id = "moh_applications" -> null - sign_assertions = false -> null - sign_documents = true -> null - signature_algorithm = "RSA_SHA256" -> null - signature_key_name = "NONE" -> null - valid_redirect_uris = [ - "https://apps.cac1.pure.cloud/*", - "https://login.cac1.pure.cloud/*", ] -> null } # module.KEYCLOAK_TEST.module.moh_applications.module.GENESYS-PRODUCTION.keycloak_saml_user_attribute_protocol_mapper.saml_user_attribute_mapper will be destroyed # (because keycloak_saml_user_attribute_protocol_mapper.saml_user_attribute_mapper is not in configuration) - resource "keycloak_saml_user_attribute_protocol_mapper" "saml_user_attribute_mapper" { - client_id = "c7a7f355-f864-4687-b5af-d0a9b31a79f1" -> null - friendly_name = "email" -> null - id = "7cdb028f-8771-48c1-a513-2c5b7f616d39" -> null - name = "email" -> null - realm_id = "moh_applications" -> null - saml_attribute_name = "email" -> null - saml_attribute_name_format = "Basic" -> null - user_attribute = "email" -> null } Plan: 4 to add, 0 to change, 4 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @filipflorek, Action: pull_request