From 144069117a2f1126183a85beb352f8a4c2c11b1e Mon Sep 17 00:00:00 2001
From: sar <sar.haidar@gmail.com>
Date: Thu, 21 Nov 2024 15:02:23 -0600
Subject: [PATCH] Remove some complexity

---
 .../substructure/vault/secrets/__main__.py       | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/src/ol_infrastructure/substructure/vault/secrets/__main__.py b/src/ol_infrastructure/substructure/vault/secrets/__main__.py
index 675b3d173..65f2f017f 100644
--- a/src/ol_infrastructure/substructure/vault/secrets/__main__.py
+++ b/src/ol_infrastructure/substructure/vault/secrets/__main__.py
@@ -70,6 +70,7 @@
         oidc_discovery_url=f"{keycloak_config.get("url")}/realms/ol-platform-engineering",
         oidc_client_id=keycloak_config.get("client_id"),
         oidc_client_secret=keycloak_config.get("client_secret"),
+        default_role="local-developer",
         opts=ResourceOptions(delete_before_replace=True),
     )
 
@@ -96,24 +97,9 @@
         ],
         bound_audiences=[f"{keycloak_config.get('client_id')}"],
         user_claim="sub",
-        oidc_scopes=["email profile"],
-        groups_claim="groups",
-        bound_claims_type="string",
-        bound_claims={"groups": "vault-admin"},
         role_type="oidc",
     )
 
-    # Configure external group
-    local_dev_group = vault.identity.Group(
-        "local-dev-group",
-        name="external",
-        type="external",
-        policies=[local_developer_policy.name],
-        metadata={
-            "responsibility": "1",
-        },
-    )
-
 vault.kv.SecretV2(
     f"grafana-vault-secrets-{stack_info.env_suffix}",
     name="grafana",