Realm
Allows for creating and managing aes-generated Realm keystores within Keycloak. A realm keystore manages generated key pairs that are used by Keycloak to perform cryptographic signatures and encryption.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {realm: "my-realm"});
const keystoreAesGenerated = new keycloak.RealmKeystoreAesGenerated("keystore_aes_generated", {
name: "my-aes-generated-key",
realmId: realm.id,
enabled: true,
active: true,
priority: 100,
secretSize: 16,
});Content copied to clipboard
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm", realm="my-realm")
keystore_aes_generated = keycloak.RealmKeystoreAesGenerated("keystore_aes_generated",
name="my-aes-generated-key",
realm_id=realm.id,
enabled=True,
active=True,
priority=100,
secret_size=16)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var realm = new Keycloak.Realm("realm", new()
{
RealmName = "my-realm",
});
var keystoreAesGenerated = new Keycloak.RealmKeystoreAesGenerated("keystore_aes_generated", new()
{
Name = "my-aes-generated-key",
RealmId = realm.Id,
Enabled = true,
Active = true,
Priority = 100,
SecretSize = 16,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
Realm: pulumi.String("my-realm"),
})
if err != nil {
return err
}
_, err = keycloak.NewRealmKeystoreAesGenerated(ctx, "keystore_aes_generated", &keycloak.RealmKeystoreAesGeneratedArgs{
Name: pulumi.String("my-aes-generated-key"),
RealmId: realm.ID(),
Enabled: pulumi.Bool(true),
Active: pulumi.Bool(true),
Priority: pulumi.Int(100),
SecretSize: pulumi.Int(16),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.RealmKeystoreAesGenerated;
import com.pulumi.keycloak.RealmKeystoreAesGeneratedArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.build());
var keystoreAesGenerated = new RealmKeystoreAesGenerated("keystoreAesGenerated", RealmKeystoreAesGeneratedArgs.builder()
.name("my-aes-generated-key")
.realmId(realm.id())
.enabled(true)
.active(true)
.priority(100)
.secretSize(16)
.build());
}
}Content copied to clipboard
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
keystoreAesGenerated:
type: keycloak:RealmKeystoreAesGenerated
name: keystore_aes_generated
properties:
name: my-aes-generated-key
realmId: ${realm.id}
enabled: true
active: true
priority: 100
secretSize: 16Content copied to clipboard
Import
Realm keys can be imported using realm name and keystore id, you can find it in web UI. Example: bash
$ pulumi import keycloak:index/realmKeystoreAesGenerated:RealmKeystoreAesGenerated keystore_aes_generated my-realm/618cfba7-49aa-4c09-9a19-2f699b576f0bContent copied to clipboard
Properties
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Size in bytes for the generated AES Key. Size 16 is for AES-128, Size 24 for AES-192 and Size 32 for AES-256. WARN: Bigger keys then 128 bits are not allowed on some JDK implementations. Defaults to 16.