search

mrparkers / terraform-provider-keycloak

Terraform provider for Keycloak
https://registry.terraform.io/providers/mrparkers/keycloak/latest/docs
MIT License
607 stars 295 forks source link

Needed data:keycloak_user handle user not existence #876

Open nevlkv opened 11 months ago

nevlkv commented 11 months ago

I try to set group members

vars

groups = {
  "group1"        = { members = ["user1", "user2"], roles = ["realm-admin"] }
}

user 1 and user 2 uids from ldap federation

locals {
  user_names = [
    for id, v in data.keycloak_user.users : v.username
  ]
}

data "keycloak_user" "users" {
  for_each = toset(var.members)

  realm_id = var.realm_id
  username = each.key
}

resource "keycloak_group_memberships" "group_members" {
  count    = length(var.members) == 0 ? 0 : 1
  realm_id = var.realm_id
  group_id = keycloak_group.group.id
  members  = local.user_names
}

if one of users in group1 blocked in ldap creating data instance brakes. Need safe mode with empty result

nevlkv commented 11 months ago

ex:

data "keycloak_user" "users" {
  filter {
    username   = "any_name"
  }
}