Resource type: openid_user_realm_role_protocol_mapper

[mircea-pavel-anton]

I am working on converting some Terraform manifests over to crossplane. I have a resource of this type:

https://registry.terraform.io/providers/mrparkers/keycloak/latest/docs/resources/openid_user_realm_role_protocol_mapper

I did not manage to find it while looking through the docs. Is it not supported?

[mircea-pavel-anton]

I managed to find an example in the documentation. Apparently it's a generic protocol mapper which we have to configure to cover different usecases:

apiVersion: client.keycloak.crossplane.io/v1alpha1
kind: ProtocolMapper
metadata:
  name: openid-role-mapper
spec:
  forProvider:
    clientId: another-openid-client
    config:
      claim.name: roles
      multivalued: "true"
    name: role-mapper
    protocol: openid-connect
    protocolMapper: oidc-usermodel-realm-role-mapper
    realmId: another-realm
  providerConfigRef:
    name: keycloak-provider-config

link: https://marketplace.upbound.io/providers/crossplane-contrib/provider-keycloak/v1.4.0/resources/client.keycloak.crossplane.io/ProtocolMapper/v1alpha1

[Breee]

Hey man, sorry for the radio silence, i'm in the process of moving to a different location.
So far only the generic one is implemented, but we could implement other ones as well.

[mircea-pavel-anton]

@Breee

No worries! Apparently I didn't read the docs carefully enough so that's on me

So far only the generic one is implemented, but we could implement other ones as well

I'm not entirely sure that's necessary. There is currently a way to achieve the same result and it is in fact documented. I wouldn't say this is a high priority item on the to-do list Sure, the UX could be a bit better, since at least to me it wasn't obvious from the start, but again, it is in fact documented