Realm
data class RealmUserProfileArgs(val attributes: Output<List<RealmUserProfileAttributeArgs>>? = null, val groups: Output<List<RealmUserProfileGroupArgs>>? = null, val realmId: Output<String>? = null) : ConvertibleToJava<RealmUserProfileArgs>
Allows for managing Realm User Profiles within Keycloak. A user profile defines a schema for representing user attributes and how they are managed within a realm. This is a preview feature, hence not fully supported and disabled by default. To enable it, start the server with one of the following flags:
WildFly distribution:
-Dkeycloak.profile.feature.declarative_user_profile=enabledQuarkus distribution:
--features=previewor--features=declarative-user-profileThe realm linked to thekeycloak.RealmUserProfileresource must have the user profile feature enabled. It can be done via the administration UI, or by setting theuserProfileEnabledrealm attribute totrue.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
realm: "my-realm",
attributes: {
userProfileEnabled: "true",
},
});
const userprofile = new keycloak.RealmUserProfile("userprofile", {
realmId: myRealm.id,
attributes: [
{
name: "field1",
displayName: "Field 1",
group: "group1",
enabledWhenScopes: ["offline_access"],
requiredForRoles: ["user"],
requiredForScopes: ["offline_access"],
permissions: {
views: [
"admin",
"user",
],
edits: [
"admin",
"user",
],
},
validators: [
{
name: "person-name-prohibited-characters",
},
{
name: "pattern",
config: {
pattern: "^[a-z]+$",
"error-message": "Nope",
},
},
],
annotations: {
foo: "bar",
},
},
{
name: "field2",
validators: [{
name: "options",
config: {
options: JSON.stringify(["opt1"]),
},
}],
annotations: {
foo: JSON.stringify({
key: "val",
}),
},
},
],
groups: [
{
name: "group1",
displayHeader: "Group 1",
displayDescription: "A first group",
annotations: {
foo: "bar",
foo2: JSON.stringify({
key: "val",
}),
},
},
{
name: "group2",
},
],
});Content copied to clipboard
import pulumi
import json
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
realm="my-realm",
attributes={
"userProfileEnabled": "true",
})
userprofile = keycloak.RealmUserProfile("userprofile",
realm_id=my_realm["id"],
attributes=[
{
"name": "field1",
"display_name": "Field 1",
"group": "group1",
"enabled_when_scopes": ["offline_access"],
"required_for_roles": ["user"],
"required_for_scopes": ["offline_access"],
"permissions": {
"views": [
"admin",
"user",
],
"edits": [
"admin",
"user",
],
},
"validators": [
{
"name": "person-name-prohibited-characters",
},
{
"name": "pattern",
"config": {
"pattern": "^[a-z]+$",
"error-message": "Nope",
},
},
],
"annotations": {
"foo": "bar",
},
},
{
"name": "field2",
"validators": [{
"name": "options",
"config": {
"options": json.dumps(["opt1"]),
},
}],
"annotations": {
"foo": json.dumps({
"key": "val",
}),
},
},
],
groups=[
{
"name": "group1",
"display_header": "Group 1",
"display_description": "A first group",
"annotations": {
"foo": "bar",
"foo2": json.dumps({
"key": "val",
}),
},
},
{
"name": "group2",
},
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var realm = new Keycloak.Realm("realm", new()
{
RealmName = "my-realm",
Attributes =
{
{ "userProfileEnabled", "true" },
},
});
var userprofile = new Keycloak.RealmUserProfile("userprofile", new()
{
RealmId = myRealm.Id,
Attributes = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeArgs
{
Name = "field1",
DisplayName = "Field 1",
Group = "group1",
EnabledWhenScopes = new[]
{
"offline_access",
},
RequiredForRoles = new[]
{
"user",
},
RequiredForScopes = new[]
{
"offline_access",
},
Permissions = new Keycloak.Inputs.RealmUserProfileAttributePermissionsArgs
{
Views = new[]
{
"admin",
"user",
},
Edits = new[]
{
"admin",
"user",
},
},
Validators = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "person-name-prohibited-characters",
},
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "pattern",
Config =
{
{ "pattern", "^[a-z]+$" },
{ "error-message", "Nope" },
},
},
},
Annotations =
{
{ "foo", "bar" },
},
},
new Keycloak.Inputs.RealmUserProfileAttributeArgs
{
Name = "field2",
Validators = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "options",
Config =
{
{ "options", JsonSerializer.Serialize(new[]
{
"opt1",
}) },
},
},
},
Annotations =
{
{ "foo", JsonSerializer.Serialize(new Dictionary<string, object?>
{
["key"] = "val",
}) },
},
},
},
Groups = new[]
{
new Keycloak.Inputs.RealmUserProfileGroupArgs
{
Name = "group1",
DisplayHeader = "Group 1",
DisplayDescription = "A first group",
Annotations =
{
{ "foo", "bar" },
{ "foo2", JsonSerializer.Serialize(new Dictionary<string, object?>
{
["key"] = "val",
}) },
},
},
new Keycloak.Inputs.RealmUserProfileGroupArgs
{
Name = "group2",
},
},
});
});Content copied to clipboard
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
Realm: pulumi.String("my-realm"),
Attributes: pulumi.StringMap{
"userProfileEnabled": pulumi.String("true"),
},
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal([]string{
"opt1",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
tmpJSON1, err := json.Marshal(map[string]interface{}{
"key": "val",
})
if err != nil {
return err
}
json1 := string(tmpJSON1)
tmpJSON2, err := json.Marshal(map[string]interface{}{
"key": "val",
})
if err != nil {
return err
}
json2 := string(tmpJSON2)
_, err = keycloak.NewRealmUserProfile(ctx, "userprofile", &keycloak.RealmUserProfileArgs{
RealmId: pulumi.Any(myRealm.Id),
Attributes: keycloak.RealmUserProfileAttributeArray{
&keycloak.RealmUserProfileAttributeArgs{
Name: pulumi.String("field1"),
DisplayName: pulumi.String("Field 1"),
Group: pulumi.String("group1"),
EnabledWhenScopes: pulumi.StringArray{
pulumi.String("offline_access"),
},
RequiredForRoles: pulumi.StringArray{
pulumi.String("user"),
},
RequiredForScopes: pulumi.StringArray{
pulumi.String("offline_access"),
},
Permissions: &keycloak.RealmUserProfileAttributePermissionsArgs{
Views: pulumi.StringArray{
pulumi.String("admin"),
pulumi.String("user"),
},
Edits: pulumi.StringArray{
pulumi.String("admin"),
pulumi.String("user"),
},
},
Validators: keycloak.RealmUserProfileAttributeValidatorArray{
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("person-name-prohibited-characters"),
},
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("pattern"),
Config: pulumi.StringMap{
"pattern": pulumi.String("^[a-z]+$"),
"error-message": pulumi.String("Nope"),
},
},
},
Annotations: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
},
&keycloak.RealmUserProfileAttributeArgs{
Name: pulumi.String("field2"),
Validators: keycloak.RealmUserProfileAttributeValidatorArray{
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("options"),
Config: pulumi.StringMap{
"options": pulumi.String(json0),
},
},
},
Annotations: pulumi.StringMap{
"foo": pulumi.String(json1),
},
},
},
Groups: keycloak.RealmUserProfileGroupArray{
&keycloak.RealmUserProfileGroupArgs{
Name: pulumi.String("group1"),
DisplayHeader: pulumi.String("Group 1"),
DisplayDescription: pulumi.String("A first group"),
Annotations: pulumi.StringMap{
"foo": pulumi.String("bar"),
"foo2": pulumi.String(json2),
},
},
&keycloak.RealmUserProfileGroupArgs{
Name: pulumi.String("group2"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.RealmUserProfile;
import com.pulumi.keycloak.RealmUserProfileArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileAttributeArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileAttributePermissionsArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileGroupArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.attributes(Map.of("userProfileEnabled", true))
.build());
var userprofile = new RealmUserProfile("userprofile", RealmUserProfileArgs.builder()
.realmId(myRealm.id())
.attributes(
RealmUserProfileAttributeArgs.builder()
.name("field1")
.displayName("Field 1")
.group("group1")
.enabledWhenScopes("offline_access")
.requiredForRoles("user")
.requiredForScopes("offline_access")
.permissions(RealmUserProfileAttributePermissionsArgs.builder()
.views(
"admin",
"user")
.edits(
"admin",
"user")
.build())
.validators(
RealmUserProfileAttributeValidatorArgs.builder()
.name("person-name-prohibited-characters")
.build(),
RealmUserProfileAttributeValidatorArgs.builder()
.name("pattern")
.config(Map.ofEntries(
Map.entry("pattern", "^[a-z]+$"),
Map.entry("error-message", "Nope")
))
.build())
.annotations(Map.of("foo", "bar"))
.build(),
RealmUserProfileAttributeArgs.builder()
.name("field2")
.validators(RealmUserProfileAttributeValidatorArgs.builder()
.name("options")
.config(Map.of("options", serializeJson(
jsonArray("opt1"))))
.build())
.annotations(Map.of("foo", serializeJson(
jsonObject(
jsonProperty("key", "val")
))))
.build())
.groups(
RealmUserProfileGroupArgs.builder()
.name("group1")
.displayHeader("Group 1")
.displayDescription("A first group")
.annotations(Map.ofEntries(
Map.entry("foo", "bar"),
Map.entry("foo2", serializeJson(
jsonObject(
jsonProperty("key", "val")
)))
))
.build(),
RealmUserProfileGroupArgs.builder()
.name("group2")
.build())
.build());
}
}Content copied to clipboard
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
attributes:
userProfileEnabled: true
userprofile:
type: keycloak:RealmUserProfile
properties:
realmId: ${myRealm.id}
attributes:
- name: field1
displayName: Field 1
group: group1
enabledWhenScopes:
- offline_access
requiredForRoles:
- user
requiredForScopes:
- offline_access
permissions:
views:
- admin
- user
edits:
- admin
- user
validators:
- name: person-name-prohibited-characters
- name: pattern
config:
pattern: ^[a-z]+$
error-message: Nope
annotations:
foo: bar
- name: field2
validators:
- name: options
config:
options:
fn::toJSON:
- opt1
annotations:
foo:
fn::toJSON:
key: val
groups:
- name: group1
displayHeader: Group 1
displayDescription: A first group
annotations:
foo: bar
foo2:
fn::toJSON:
key: val
- name: group2Content copied to clipboard
Import
This resource currently does not support importing.
Constructors
Link copied to clipboard
constructor(attributes: Output<List<RealmUserProfileAttributeArgs>>? = null, groups: Output<List<RealmUserProfileGroupArgs>>? = null, realmId: Output<String>? = null)