Extract new keycloak_realm role out of keycloak

roles/keycloak_realm/tasks/manage_user_client_roles.yml

@@ -0,0 +1,40 @@
+---
+- name: "Get Realm for role"
+  uri:
+    url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}"
+    method: GET
+    status_code:
+      - 200
+    headers:
+      Accept: "application/json"
+      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
+  register: client_role_realm
+
+- name: Check if Mapping is available
+  uri:
+    url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available"
+    method: GET
+    status_code:
+      - 200
+    headers:
+      Accept: "application/json"
+      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
+  register: client_role_user_available
+
+- name: "Create Role Mapping"
+  uri:
+    url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}"
+    method: POST
+    body:
+      - id: "{{ item.id }}"
+        clientRole: "{{ item.clientRole }}"
+        containerId: "{{ item.containerId }}"
+        name: "{{ item.name }}"
+        composite: "{{ item.composite }}"
+    validate_certs: False
+    body_format: json
+    headers:
+      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
+    status_code: 204
+  loop: "{{ client_role_user_available.json | flatten }}"
+  when: item.name == client_role.role