search

bcgov / moh-keycloak-client-configurations

Apache License 2.0
1 stars 2 forks source link

add bulk-removal permissions to registries team #630

Closed filipflorek closed 1 month ago

filipflorek commented 1 month ago

Changes being made

Assigning bulk-removal permissions to the Registries-Connections Team in Test environment.

Quality Check

github-actions[bot] commented 1 month ago

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

Show Plan ``` module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_CONF/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/52caf85e-e771-4fa4-8274-1afc8d170cd2] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_CONF/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/c0fe2e9f-6937-4ffa-9296-d786d9b0a98b/52caf85e-e771-4fa4-8274-1afc8d170cd2] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_FLVR/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/055145d3-f83a-43ac-9b95-2161351f89c9] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_IAT/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/1251650d-4190-4cda-a00b-011cf1cbffc7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_REV/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/d3dc70e8-af0e-4cb9-9e79-3706c94fd8da] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_SIT/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/6578e80a-fbe5-4866-830d-76ac324c298c] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_SIT/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/1197df69-9199-49a5-a49a-c7d43d35551c/6578e80a-fbe5-4866-830d-76ac324c298c] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_STG/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/2e161683-3c4d-4a2a-a86b-c83f2fe3e3d7/4a4e1d44-f80f-4dc5-9c42-1d37c9aa16e9] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_FLVR/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/ab63ae34-0fda-4f1b-ac8f-1380bea87f44/055145d3-f83a-43ac-9b95-2161351f89c9] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_UAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/045f3224-9637-4785-a661-fc6f028804d2/d8799ef3-97b8-4f85-8f04-fb39cc8b813a] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/1251650d-4190-4cda-a00b-011cf1cbffc7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/CONSUMER"]: Refreshing state... [id=moh_applications/client/a7936745-ef13-4e97-a4a2-ef766867f1f4/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/d3dc70e8-af0e-4cb9-9e79-3706c94fd8da] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-IHA.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/0705cc15-e2c8-42c7-a62c-48d2e5b51a70/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/1251650d-4190-4cda-a00b-011cf1cbffc7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-IHA.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/CONSUMER"]: Refreshing state... [id=moh_applications/client/0705cc15-e2c8-42c7-a62c-48d2e5b51a70/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/d3dc70e8-af0e-4cb9-9e79-3706c94fd8da] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-SHOPPERS.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PLR_UAT/CONSUMER"]: Refreshing state... [id=daf9d1e7-bea6-4eb7-9ce5-26ef14ee10e0/d8799ef3-97b8-4f85-8f04-fb39cc8b813a] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/373828e7-8c9d-425f-8293-57860cb9978f/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/1251650d-4190-4cda-a00b-011cf1cbffc7] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-LRA.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/CONSUMER"]: Refreshing state... [id=moh_applications/client/373828e7-8c9d-425f-8293-57860cb9978f/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/d3dc70e8-af0e-4cb9-9e79-3706c94fd8da] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-CONSUMER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_SIT/CONSUMER"]: Refreshing state... [id=moh_applications/client/77fc59ec-16d3-4416-96e6-4b3286236a66/scope-mappings/1197df69-9199-49a5-a49a-c7d43d35551c/6578e80a-fbe5-4866-830d-76ac324c298c] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-CONSUMER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_CONF/CONSUMER"]: Refreshing state... [id=moh_applications/client/77fc59ec-16d3-4416-96e6-4b3286236a66/scope-mappings/c0fe2e9f-6937-4ffa-9296-d786d9b0a98b/52caf85e-e771-4fa4-8274-1afc8d170cd2] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-CONSUMER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_REV/CONSUMER"]: Refreshing state... [id=moh_applications/client/77fc59ec-16d3-4416-96e6-4b3286236a66/scope-mappings/20e896f4-bf43-43ed-9441-d166e0513f34/d3dc70e8-af0e-4cb9-9e79-3706c94fd8da] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-CONSUMER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_UAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/77fc59ec-16d3-4416-96e6-4b3286236a66/scope-mappings/045f3224-9637-4785-a661-fc6f028804d2/d8799ef3-97b8-4f85-8f04-fb39cc8b813a] module.KEYCLOAK_TEST.module.moh_applications.module.PLR-QA-CONSUMER.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PLR_IAT/CONSUMER"]: Refreshing state... [id=moh_applications/client/77fc59ec-16d3-4416-96e6-4b3286236a66/scope-mappings/a837283e-f96e-446d-9c51-5ac7d0eab773/1251650d-4190-4cda-a00b-011cf1cbffc7] module.KEYCLOAK_DEV.module.moh_applications.module.MANAGE-USERS.keycloak_role.REALM_ROLE: Refreshing state... [id=8e526714-e19a-4760-b5e8-40efcb2c0b9c] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/658f081c-a8b0-4c1b-b9ee-7e8901158ce7] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-MIDTIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/782fe94e-79a2-438f-9bc1-28717395b28d] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/1798203d-027f-4856-a445-8a90c1dc9756] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DBA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/9ada1d3b-be63-40a3-84f2-e4ec0e10be88] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/eb2dce73-6fe7-4b63-8b7a-c5995a530714] module.KEYCLOAK_TEST.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/ba2aead8-cd2d-4519-991b-3bd44c71c057] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-MID-TIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/4e3d322a-fbe7-438d-8ee7-95a1707d40dc] module.KEYCLOAK_PROD.module.moh_applications.module.MANAGE-USERS.keycloak_role.REALM_ROLE: Refreshing state... [id=eeac5c0a-7b1b-4607-ad95-1630769b5892] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/feature_pidp_demo"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/86ec4f91-45fb-4e65-ae4f-e1b952fd4e47] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["account/view-profile"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/60dfb3b9-5ceb-4498-a24c-9641796bd991/43bf4fca-777a-4c9c-9127-f9677c654fef] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/ADMIN"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/7489c26e-77c8-47ad-9c07-a9bb97a37d91] module.KEYCLOAK_PROD.module.moh_applications.module.PIDP-WEBAPP.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/USER"]: Refreshing state... [id=moh_applications/client/8021d870-8e65-46a4-8cef-40a3639edaac/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/65d6f8b7-0703-46ed-9ced-55457bd6c14b] module.KEYCLOAK_PROD.module.moh_applications.module.DMFT-SERVICE.module.service-account-roles.keycloak_openid_client_service_account_role.ROLE["PIDP-SERVICE/view_endorsement_data"]: Refreshing state... [id=68a46e0b-2861-4850-8cb3-dfae13e47ca3/0c2d08b1-b900-4b0c-a4d3-9e6e3e1ef847] module.KEYCLOAK_PROD.module.moh_applications.module.DMFT-SERVICE.module.scope-mappings.keycloak_generic_client_role_mapper.SCOPE-MAPPING["PIDP-SERVICE/view_endorsement_data"]: Refreshing state... [id=moh_applications/client/c87f3feb-3c06-4d61-a5c2-48c593cccd1b/scope-mappings/c55eb420-fd84-41a8-b653-6e1b3e291519/0c2d08b1-b900-4b0c-a4d3-9e6e3e1ef847] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/053fa749-b569-4258-bc9e-bc8ca0541dfe] module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/27967216-03f7-4259-b50a-955b995d51ad] module.KEYCLOAK_PROD.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/270966e6-985c-4d55-a35c-53e32ab4cf46] Note: Objects have changed outside of Terraform Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan: # module.KEYCLOAK_TEST.module.moh_applications.module.HSPP.module.client-roles.keycloak_role.ROLES["HSPP_LTC"] has changed ~ resource "keycloak_role" "ROLES" { + attributes = {} id = "e46c4be1-0425-482d-bfed-69064a23a12c" name = "HSPP_LTC" # (2 unchanged attributes hidden) } # module.KEYCLOAK_TEST.module.moh_applications.module.HSPP.module.client-roles.keycloak_role.ROLES["HSPP_ReportProgram_LTC"] has changed ~ resource "keycloak_role" "ROLES" { + attributes = {} id = "189accca-c511-44ff-b28d-d2e57ad6c635" name = "HSPP_ReportProgram_LTC" # (2 unchanged attributes hidden) } # module.KEYCLOAK_TEST.module.moh_applications.module.HSPP.module.client-roles.keycloak_role.ROLES["HSPP_ReportSection_LTC"] has changed ~ resource "keycloak_role" "ROLES" { + attributes = {} id = "9bf76a75-4c59-42f6-b1b9-00982ebb31ea" name = "HSPP_ReportSection_LTC" # (2 unchanged attributes hidden) } Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes. ───────────────────────────────────────────────────────────────────────────── Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.KEYCLOAK_TEST.module.moh_applications.module.REGISTRIES-CONNECTIONS-TEAM.keycloak_group_roles.GROUP_ROLES will be updated in-place ~ resource "keycloak_group_roles" "GROUP_ROLES" { id = "moh_applications/82f8f2dc-9397-44b0-b150-f017893d30eb" ~ role_ids = [ + "a12207f5-c312-46b7-a930-1a9e5bcba742", # (19 unchanged elements hidden) ] # (3 unchanged attributes hidden) } Plan: 0 to add, 1 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @filipflorek, Action: pull_request