Setup a satosa for auth. misnamed secgroup.

main.tf

@@ -14,7 +14,7 @@ provider "openstack" {
   cloud = "sto4-rut"
 }
 resource "openstack_networking_secgroup_v2" "https" {
-  name        = "microk8s"
+  name        = "https"
   description = "Traffic to allow between microk8s hosts"
 }
 resource "openstack_networking_secgroup_rule_v2" "https_rule1" {
@@ -76,3 +76,26 @@ resource "openstack_compute_instance_v2" "monitor-node" {
       group = openstack_compute_servergroup_v2.controllers.id 
   }
 }
+resource "openstack_compute_instance_v2" "satosa-node" {
+  name            = "internal-sto4-test-satosa-1.${var.dns_suffix}"
+  flavor_name     = "${var.monitor_instance_type}"
+  key_pair        = "mifr-yubi"
+  security_groups = ["https", "Allow SSH from SUNET jumphosts",]
+  
+
+  block_device {
+    uuid                  = "5d24aca9-11be-4de1-9770-4a097d68f361" #debian 12
+    source_type           = "image"
+    volume_size           = 20
+    boot_index            = 0
+    destination_type      = "volume"
+    delete_on_termination = false
+  }
+  network {
+    name = "public"
+  }
+    scheduler_hints {
+      #We want this server on another host than the controllers. We don't want to loose a controller and the monitoring at the same time. 
+      group = openstack_compute_servergroup_v2.controllers.id 
+  }
+}