pulumi-keycloak-kotlin/com.pulumi.keycloak.authentication.kotlin/Bindings

Bindings

class Bindings : KotlinCustomResource

Allows for creating and managing realm authentication flow bindings within Keycloak. Authentication flows describe a sequence of actions that a user or service must perform in order to be authenticated to Keycloak. The authentication flow itself is a container for these actions, which are otherwise known as executions. Realms assign authentication flows to supported user flows such as registration and browser. This resource allows the updating of realm authentication flow bindings to custom authentication flows created by keycloak.authentication.Flow. Note that you can also use the keycloak.Realm resource to assign authentication flow bindings at the realm level. This resource is useful if you would like to create a realm and an authentication flow, and assign this flow to the realm within a single run of pulumi up. In any case, do not attempt to use both the arguments within the keycloak.Realm resource and this resource to manage authentication flow bindings, you should choose one or the other.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const flow = new keycloak.authentication.Flow("flow", {
    realmId: realm.id,
    alias: "my-flow-alias",
});
// first execution
const executionOne = new keycloak.authentication.Execution("execution_one", {
    realmId: realm.id,
    parentFlowAlias: flow.alias,
    authenticator: "auth-cookie",
    requirement: "ALTERNATIVE",
});
// second execution
const executionTwo = new keycloak.authentication.Execution("execution_two", {
    realmId: realm.id,
    parentFlowAlias: flow.alias,
    authenticator: "identity-provider-redirector",
    requirement: "ALTERNATIVE",
}, {
    dependsOn: [executionOne],
});
const browserAuthenticationBinding = new keycloak.authentication.Bindings("browser_authentication_binding", {
    realmId: realm.id,
    browserFlow: flow.alias,
});
Content copied to clipboard
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
flow = keycloak.authentication.Flow("flow",
    realm_id=realm.id,
    alias="my-flow-alias")
# first execution
execution_one = keycloak.authentication.Execution("execution_one",
    realm_id=realm.id,
    parent_flow_alias=flow.alias,
    authenticator="auth-cookie",
    requirement="ALTERNATIVE")
# second execution
execution_two = keycloak.authentication.Execution("execution_two",
    realm_id=realm.id,
    parent_flow_alias=flow.alias,
    authenticator="identity-provider-redirector",
    requirement="ALTERNATIVE",
    opts = pulumi.ResourceOptions(depends_on=[execution_one]))
browser_authentication_binding = keycloak.authentication.Bindings("browser_authentication_binding",
    realm_id=realm.id,
    browser_flow=flow.alias)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
    var realm = new Keycloak.Realm("realm", new()
    {
        RealmName = "my-realm",
        Enabled = true,
    });
    var flow = new Keycloak.Authentication.Flow("flow", new()
    {
        RealmId = realm.Id,
        Alias = "my-flow-alias",
    });
    // first execution
    var executionOne = new Keycloak.Authentication.Execution("execution_one", new()
    {
        RealmId = realm.Id,
        ParentFlowAlias = flow.Alias,
        Authenticator = "auth-cookie",
        Requirement = "ALTERNATIVE",
    });
    // second execution
    var executionTwo = new Keycloak.Authentication.Execution("execution_two", new()
    {
        RealmId = realm.Id,
        ParentFlowAlias = flow.Alias,
        Authenticator = "identity-provider-redirector",
        Requirement = "ALTERNATIVE",
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            executionOne,
        },
    });
    var browserAuthenticationBinding = new Keycloak.Authentication.Bindings("browser_authentication_binding", new()
    {
        RealmId = realm.Id,
        BrowserFlow = flow.Alias,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/authentication"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		flow, err := authentication.NewFlow(ctx, "flow", &authentication.FlowArgs{
			RealmId: realm.ID(),
			Alias:   pulumi.String("my-flow-alias"),
		})
		if err != nil {
			return err
		}
		// first execution
		executionOne, err := authentication.NewExecution(ctx, "execution_one", &authentication.ExecutionArgs{
			RealmId:         realm.ID(),
			ParentFlowAlias: flow.Alias,
			Authenticator:   pulumi.String("auth-cookie"),
			Requirement:     pulumi.String("ALTERNATIVE"),
		})
		if err != nil {
			return err
		}
		// second execution
		_, err = authentication.NewExecution(ctx, "execution_two", &authentication.ExecutionArgs{
			RealmId:         realm.ID(),
			ParentFlowAlias: flow.Alias,
			Authenticator:   pulumi.String("identity-provider-redirector"),
			Requirement:     pulumi.String("ALTERNATIVE"),
		}, pulumi.DependsOn([]pulumi.Resource{
			executionOne,
		}))
		if err != nil {
			return err
		}
		_, err = authentication.NewBindings(ctx, "browser_authentication_binding", &authentication.BindingsArgs{
			RealmId:     realm.ID(),
			BrowserFlow: flow.Alias,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.authentication.Flow;
import com.pulumi.keycloak.authentication.FlowArgs;
import com.pulumi.keycloak.authentication.Execution;
import com.pulumi.keycloak.authentication.ExecutionArgs;
import com.pulumi.keycloak.authentication.Bindings;
import com.pulumi.keycloak.authentication.BindingsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var realm = new Realm("realm", RealmArgs.builder()
            .realm("my-realm")
            .enabled(true)
            .build());
        var flow = new Flow("flow", FlowArgs.builder()
            .realmId(realm.id())
            .alias("my-flow-alias")
            .build());
        // first execution
        var executionOne = new Execution("executionOne", ExecutionArgs.builder()
            .realmId(realm.id())
            .parentFlowAlias(flow.alias())
            .authenticator("auth-cookie")
            .requirement("ALTERNATIVE")
            .build());
        // second execution
        var executionTwo = new Execution("executionTwo", ExecutionArgs.builder()
            .realmId(realm.id())
            .parentFlowAlias(flow.alias())
            .authenticator("identity-provider-redirector")
            .requirement("ALTERNATIVE")
            .build(), CustomResourceOptions.builder()
                .dependsOn(executionOne)
                .build());
        var browserAuthenticationBinding = new Bindings("browserAuthenticationBinding", BindingsArgs.builder()
            .realmId(realm.id())
            .browserFlow(flow.alias())
            .build());
    }
}
Content copied to clipboard
resources:
  realm:
    type: keycloak:Realm
    properties:
      realm: my-realm
      enabled: true
  flow:
    type: keycloak:authentication:Flow
    properties:
      realmId: ${realm.id}
      alias: my-flow-alias
  # first execution
  executionOne:
    type: keycloak:authentication:Execution
    name: execution_one
    properties:
      realmId: ${realm.id}
      parentFlowAlias: ${flow.alias}
      authenticator: auth-cookie
      requirement: ALTERNATIVE
  # second execution
  executionTwo:
    type: keycloak:authentication:Execution
    name: execution_two
    properties:
      realmId: ${realm.id}
      parentFlowAlias: ${flow.alias}
      authenticator: identity-provider-redirector
      requirement: ALTERNATIVE
    options:
      dependsOn:
        - ${executionOne}
  browserAuthenticationBinding:
    type: keycloak:authentication:Bindings
    name: browser_authentication_binding
    properties:
      realmId: ${realm.id}
      browserFlow: ${flow.alias}
Content copied to clipboard

Properties

Link copied to clipboard
val browserFlow: Output<String>

The alias of the flow to assign to the realm BrowserFlow.

Link copied to clipboard
val clientAuthenticationFlow: Output<String>

The alias of the flow to assign to the realm ClientAuthenticationFlow.

Link copied to clipboard
val directGrantFlow: Output<String>

The alias of the flow to assign to the realm DirectGrantFlow.

Link copied to clipboard
val dockerAuthenticationFlow: Output<String>

The alias of the flow to assign to the realm DockerAuthenticationFlow.

Link copied to clipboard
val firstBrokerLoginFlow: Output<String>

The alias of the flow to assign to the realm FirstBrokerLoginFlow (since Keycloak 24).

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val realmId: Output<String>

The realm the authentication flow binding exists in.

Link copied to clipboard
val registrationFlow: Output<String>

The alias of the flow to assign to the realm RegistrationFlow.

Link copied to clipboard
val resetCredentialsFlow: Output<String>

The alias of the flow to assign to the realm ResetCredentialsFlow.

Link copied to clipboard
val urn: Output<String>