Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of your changes
There is a feature request around how to import objects via <realm/name> instead of < uuid >
see: #126
There are already some workarounds in place:
import
property (only a few resources supports that!)This is a proposal how to import resources by name. Code changes are only affecting role resource as an example and foundation for discussions.
We could use a custom implementation of
ExternalName
config (see here and here)GetIDFn
: Use defined props to lookup the Id used in the specific keycloak instance for that resource (i.e. by realmId, clientId & roleId). This could be done by using the terraform projects´skeycloakClient
(i.e.kcClient.GetRoleByName(ctx, realmId.(string), clientId.(string), name.(string))
)GetExternalNameFn
: Builds the ExternalName based on deterministic props (i.e.<realmId>/<clientId>/<roleId>
)What do you think about this approach?
Topics to clarify:
OmittedFields
&SetIdentifierArgumentFn
. Issue with that is, that we can´t specify ClientIDRef which is a big downside!Fixes #126