Show Plan
```
module.KEYCLOAK_DEV.module.moh_applications.module.CGI-MID-TIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/4e3d322a-fbe7-438d-8ee7-95a1707d40dc]
module.KEYCLOAK_DEV.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/053fa749-b569-4258-bc9e-bc8ca0541dfe]
module.KEYCLOAK_DEV.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/27967216-03f7-4259-b50a-955b995d51ad]
module.KEYCLOAK_TEST.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/658f081c-a8b0-4c1b-b9ee-7e8901158ce7]
module.KEYCLOAK_DEV.module.moh_applications.module.CGI-QA.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/1798203d-027f-4856-a445-8a90c1dc9756]
module.KEYCLOAK_TEST.module.moh_applications.module.CGI-MIDTIER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/782fe94e-79a2-438f-9bc1-28717395b28d]
module.KEYCLOAK_PROD.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/270966e6-985c-4d55-a35c-53e32ab4cf46]
module.KEYCLOAK_TEST.module.moh_applications.module.CGI-AM-TEAM.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/eb2dce73-6fe7-4b63-8b7a-c5995a530714]
module.KEYCLOAK_TEST.module.moh_applications.module.CGI-DEVELOPER.keycloak_group_roles.GROUP_ROLES: Refreshing state... [id=moh_applications/ba2aead8-cd2d-4519-991b-3bd44c71c057]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:
# module.KEYCLOAK_TEST.module.moh_citizen.module.EMACCS.module.client-roles.keycloak_role.ROLES["CA"] has changed
~ resource "keycloak_role" "ROLES" {
+ attributes = {}
id = "76710301-40e3-4bbf-a2cb-26b624e54814"
name = "CA"
# (2 unchanged attributes hidden)
}
# module.KEYCLOAK_TEST.module.moh_citizen.module.EMACCS.module.client-roles.keycloak_role.ROLES["CCA"] has changed
~ resource "keycloak_role" "ROLES" {
+ attributes = {}
id = "072b5fa4-f94f-4660-99af-83475b044139"
name = "CCA"
# (2 unchanged attributes hidden)
}
# module.KEYCLOAK_TEST.module.moh_citizen.module.EMACCS.module.client-roles.keycloak_role.ROLES["DIRECTOR"] has changed
~ resource "keycloak_role" "ROLES" {
+ attributes = {}
id = "9cd03b9a-7b63-49da-80a6-efcb1942e78e"
name = "DIRECTOR"
# (2 unchanged attributes hidden)
}
# module.KEYCLOAK_TEST.module.moh_citizen.module.EMACCS.module.client-roles.keycloak_role.ROLES["READONLY"] has changed
~ resource "keycloak_role" "ROLES" {
+ attributes = {}
id = "de8fe6db-22d4-4239-b5b9-4fc0a00209c6"
name = "READONLY"
# (2 unchanged attributes hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# module.KEYCLOAK_DEV.module.moh_applications.module.IEN.keycloak_openid_client.CLIENT will be updated in-place
~ resource "keycloak_openid_client" "CLIENT" {
id = "f58456b0-4fe2-46d4-9f05-be965253b205"
+ login_theme = "moh-app-realm-idp-restriction"
name = "IEN"
# (24 unchanged attributes hidden)
+ authentication_flow_binding_overrides {
+ browser_id = "9caca0f9-1c0c-4def-85c6-637d1c8a4d24"
}
}
# module.KEYCLOAK_DEV.module.moh_applications.module.IEN.keycloak_openid_client_default_scopes.client_default_scopes will be created
+ resource "keycloak_openid_client_default_scopes" "client_default_scopes" {
+ client_id = "f58456b0-4fe2-46d4-9f05-be965253b205"
+ default_scopes = [
+ "bceid_business",
+ "bcprovider_aad",
+ "email",
+ "fnha_aad",
+ "idir_aad",
+ "moh_idp",
+ "phsa",
+ "phsa_aad",
+ "profile",
+ "roles",
+ "web-origins",
]
+ id = (known after apply)
+ realm_id = "moh_applications"
}
Plan: 1 to add, 1 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
```
Changes being made
Removing login with IDIR option of IEN by applying IDP restriction module.
Quality Check