Realm import does not include security defenses headers

[ghost]

During i write documentation for the security defenses headers of the keycloak_realm resource (#130), i notice that a terraform import does not write any informations from the headers and brute_force_detection block in the terraform statefile. Its seems all settings of the security_defenses are ignored at a terraform import. Creating and updating a realm with the settings works fine.

I cant fix this by myself, because my go-debugger does not work inside the WSL until the WSL2 release.

[tomrutsaert]

I saw that as well, i have added those fields in pr #215, should work once that PR is merged.
(Thx for the documentation update)

[ghost]

Ah okey great. Thanks for the update as well 👍
I mark this Issue as closed.

[tomrutsaert]

Hey @adresan #215 was merged, Can you check if if this now works for you?

[ghost]

@tomrutsaert

Seems not to work. The security defenses headers are still comple empty in the statefile after a realm import.

"security_defenses": [],

[tomrutsaert]

Strange.
Is any variable in security defenses in your config different from the default?

[ghost]

Mhh yes, strange. Their should be no connection between a import of a realm and the defined attributes/variables inside the keycloak_realm resource. If you left security_defenses complete from your .tf file, he should still import the security_defenses inside the statefile if their are set in a keycloak realm - like he does with the smtp settings. But even if i define it with the example from the doc., he still not import it.

I tryed it with the release version and also with a build from source. No difference.

[tomrutsaert]

First of all I have to correct and excuse myself, The change I did #215 Is a change on data_source_keycloak_realm and that has no influence on keycloak realm resource import.
Thus, my PR will not have fixed this issue.
I was to eager to respond to your issue as it was talking about the exact same fields missing in the data_source_keycloak_realm which I just added a couple minutes before you reported this issue.

Again my excuses for the confusion

[ghost]

Really no problem. I keep this issue open. If you or somebody else could fix this, i can test it again.

[serginhofernandes]

I think I had a related issue: I imported the realm, and some time later I changed via Terraform the passwordPolicy. Although the execution plan showed only the passwordPolicy change, after applying, it wiped out all my customizations under Security Defenses (which was not present on the TF file).
No drift was shown before that change, but now I can see on the old terraform statefile that the security_defenses is empty.