acslev
commented
1 year ago I think the problem persists with the keycloak_realm auth field as well, the permissions are not getting updated there either. (Perhaps because of the asterisk, which comes from the json response)
HI,
we use https://github.com/mrparkers/terraform-provider-keycloak/blob/master/provider/resource_keycloak_ldap_user_federation.go and provide bind_credential from data.password" (from a hashicorp vault value)
The issue is, that terraform never tries to store the password in keycloak. I suspect this has something to do with the DiffSuppressFunc.
"bindcredential": { Type: schema.TypeString, Optional: true, Sensitive: true, DiffSuppressFunc: func(, remoteBindCredential, string, *schema.ResourceData) bool { return remoteBindCredential == "**" }, Description: "Password of LDAP admin.", },