Realm
Allows for creating and managing rsa Realm keystores within Keycloak. A realm keystore manages generated key pairs that are used by Keycloak to perform cryptographic signatures and encryption.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.RealmKeystoreRsa;
import com.pulumi.keycloak.RealmKeystoreRsaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.build());
var keystoreRsa = new RealmKeystoreRsa("keystoreRsa", RealmKeystoreRsaArgs.builder()
.name("my-rsa-key")
.realmId(realm.id())
.enabled(true)
.active(true)
.privateKey("<your rsa private key>")
.certificate("<your certificate>")
.priority(100)
.algorithm("RS256")
.keystoreSize(2048)
.providerId("rsa")
.build());
}
}Content copied to clipboard
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
keystoreRsa:
type: keycloak:RealmKeystoreRsa
name: keystore_rsa
properties:
name: my-rsa-key
realmId: ${realm.id}
enabled: true
active: true
privateKey: <your rsa private key>
certificate: <your certificate>
priority: 100
algorithm: RS256
keystoreSize: 2048
providerId: rsaContent copied to clipboard
Import
Realm keys can be imported using realm name and keystore id, you can find it in web UI. Example: bash
$ pulumi import keycloak:index/realmKeystoreRsa:RealmKeystoreRsa keystore_rsa my-realm/618cfba7-49aa-4c09-9a19-2f699b576f0bContent copied to clipboard