How to import existing Roles based on their name?

[twuyts]

(This is a question, rather than an actual issue.) We have an existing keycloak that we want to start managing using crossplane, instead of directly with the keycloak rest api, like we do now. But I'm having trouble getting crossplane to import existing resources, using the method described in https://docs.crossplane.io/latest/guides/import-existing-resources/.

For example, when I create a Role named my-role for a keycloak role that already exists, you get CannotCreateExternalResource failure, with a 409: Conflict. When I add the annotation crossplane.io/external-name: 'my-role', the status shows observe failed: external resource does not exist. It's only when I use the keycloak UUID of the role in that annotation, that I get a status of Success.

Is there any way of getting the operator to import the resource based on the name rather than the UUID?

And if not, what would you suggest as plan of action for making these resources usable by crossplane?

[twuyts]

Relates to https://github.com/crossplane-contrib/provider-keycloak/issues/126

Closing this issue as a duplicate, it is clear there is no clearcut solution

FWIW: I worked around it by having a LegacyImport task that uses the keycloak api to list all relevant roles, and create a Crossplane Role with the external-name annotation.