Terraform for managing dedicated Keycloak instance per stage?

As I’m pretty new to Terraform, I’m not sure if Terraform is suitable for the problem I’d like to solve. Here is the scenario…

We are using Keycloak as our Identity & Access Management tool. Currently, we’re running dedicated Keycloak instances in different environments:

  • (locally - on each developer’s machine)
  • dev
  • preproduction
  • production

The configuration is done completely via the web UI which is, no surprise, cumbersome and error-prone.

For adding a Keycloak client or adding roles, the workflow is similar to the following:

  1. A developer makes the configuration changes on her local Keycloak instance.
  2. If things are working, the same configuration needs to be applied to the dev instance.
  3. Then on the preproduction instance…
  4. Finally, on the production instance.

I was able to create a basic Terraform main.tf which successfully performs all the configuration on my local machine. But thinking this further, I have some difficulties…

The above workflow is not “cloud-centric”, that is, it’s not our goal to apply the same Keycloak configuration to different environments, but rather applying different Keycloak configurations depending on their stage to a dedicated environment. For example, a Keycloak role app_admin may exist in the dev stage but not yet in the preprod and prod stage.

The most basic question:
Is Terraform a suitable tool to cover the above workflow?