I thought it worth mentioning - it could be useful to have a warning in the documentation for keycloak_user purely as this will often end up in a git repo- and if that repo is not locked down and very throughly managed there is the possibility that this approach will violate GDPR. Namely the right to have data be confidencial (it's possible that the repo may be public, or at least public within an organisation for everyone to see) and the right to erasure (git logs are hard to clean if someone wants their personal data out of the repo when they, say, leave the company).
Groups and roles are less susceptible to this, and it's possible that using some thing like keycloak_user for a service account would be safe, but I still feel it might be pertinent to add a slight warning to users to make use of this resource with caution.
Hi,
I thought it worth mentioning - it could be useful to have a warning in the documentation for
keycloak_userpurely as this will often end up in a git repo- and if that repo is not locked down and very throughly managed there is the possibility that this approach will violate GDPR. Namely the right to have data be confidencial (it's possible that the repo may be public, or at least public within an organisation for everyone to see) and the right to erasure (git logs are hard to clean if someone wants their personal data out of the repo when they, say, leave the company).Groups and roles are less susceptible to this, and it's possible that using some thing like
keycloak_userfor a service account would be safe, but I still feel it might be pertinent to add a slight warning to users to make use of this resource with caution.