Realm
data class RealmUserProfileArgs(val attributes: Output<List<RealmUserProfileAttributeArgs>>? = null, val groups: Output<List<RealmUserProfileGroupArgs>>? = null, val realmId: Output<String>? = null, val unmanagedAttributePolicy: Output<String>? = null) : ConvertibleToJava<RealmUserProfileArgs>
Allows for managing Realm User Profiles within Keycloak. A user profile defines a schema for representing user attributes and how they are managed within a realm. Information for Keycloak versions < 24: The realm linked to the keycloak.RealmUserProfile resource must have the user profile feature enabled. It can be done via the administration UI, or by setting the userProfileEnabled realm attribute to true.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {realm: "my-realm"});
const userprofile = new keycloak.RealmUserProfile("userprofile", {
realmId: myRealm.id,
unmanagedAttributePolicy: "ENABLED",
attributes: [
{
name: "field1",
displayName: "Field 1",
group: "group1",
multiValued: false,
enabledWhenScopes: ["offline_access"],
requiredForRoles: ["user"],
requiredForScopes: ["offline_access"],
permissions: {
views: [
"admin",
"user",
],
edits: [
"admin",
"user",
],
},
validators: [
{
name: "person-name-prohibited-characters",
},
{
name: "pattern",
config: {
pattern: "^[a-z]+$",
"error-message": "Nope",
},
},
],
annotations: {
foo: "bar",
},
},
{
name: "field2",
validators: [{
name: "options",
config: {
options: JSON.stringify(["opt1"]),
},
}],
annotations: {
foo: JSON.stringify({
key: "val",
}),
},
},
],
groups: [
{
name: "group1",
displayHeader: "Group 1",
displayDescription: "A first group",
annotations: {
foo: "bar",
foo2: JSON.stringify({
key: "val",
}),
},
},
{
name: "group2",
},
],
});Content copied to clipboard
import pulumi
import json
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm", realm="my-realm")
userprofile = keycloak.RealmUserProfile("userprofile",
realm_id=my_realm["id"],
unmanaged_attribute_policy="ENABLED",
attributes=[
{
"name": "field1",
"display_name": "Field 1",
"group": "group1",
"multi_valued": False,
"enabled_when_scopes": ["offline_access"],
"required_for_roles": ["user"],
"required_for_scopes": ["offline_access"],
"permissions": {
"views": [
"admin",
"user",
],
"edits": [
"admin",
"user",
],
},
"validators": [
{
"name": "person-name-prohibited-characters",
},
{
"name": "pattern",
"config": {
"pattern": "^[a-z]+$",
"error-message": "Nope",
},
},
],
"annotations": {
"foo": "bar",
},
},
{
"name": "field2",
"validators": [{
"name": "options",
"config": {
"options": json.dumps(["opt1"]),
},
}],
"annotations": {
"foo": json.dumps({
"key": "val",
}),
},
},
],
groups=[
{
"name": "group1",
"display_header": "Group 1",
"display_description": "A first group",
"annotations": {
"foo": "bar",
"foo2": json.dumps({
"key": "val",
}),
},
},
{
"name": "group2",
},
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var realm = new Keycloak.Realm("realm", new()
{
RealmName = "my-realm",
});
var userprofile = new Keycloak.RealmUserProfile("userprofile", new()
{
RealmId = myRealm.Id,
UnmanagedAttributePolicy = "ENABLED",
Attributes = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeArgs
{
Name = "field1",
DisplayName = "Field 1",
Group = "group1",
MultiValued = false,
EnabledWhenScopes = new[]
{
"offline_access",
},
RequiredForRoles = new[]
{
"user",
},
RequiredForScopes = new[]
{
"offline_access",
},
Permissions = new Keycloak.Inputs.RealmUserProfileAttributePermissionsArgs
{
Views = new[]
{
"admin",
"user",
},
Edits = new[]
{
"admin",
"user",
},
},
Validators = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "person-name-prohibited-characters",
},
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "pattern",
Config =
{
{ "pattern", "^[a-z]+$" },
{ "error-message", "Nope" },
},
},
},
Annotations =
{
{ "foo", "bar" },
},
},
new Keycloak.Inputs.RealmUserProfileAttributeArgs
{
Name = "field2",
Validators = new[]
{
new Keycloak.Inputs.RealmUserProfileAttributeValidatorArgs
{
Name = "options",
Config =
{
{ "options", JsonSerializer.Serialize(new[]
{
"opt1",
}) },
},
},
},
Annotations =
{
{ "foo", JsonSerializer.Serialize(new Dictionary<string, object?>
{
["key"] = "val",
}) },
},
},
},
Groups = new[]
{
new Keycloak.Inputs.RealmUserProfileGroupArgs
{
Name = "group1",
DisplayHeader = "Group 1",
DisplayDescription = "A first group",
Annotations =
{
{ "foo", "bar" },
{ "foo2", JsonSerializer.Serialize(new Dictionary<string, object?>
{
["key"] = "val",
}) },
},
},
new Keycloak.Inputs.RealmUserProfileGroupArgs
{
Name = "group2",
},
},
});
});Content copied to clipboard
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
Realm: pulumi.String("my-realm"),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal([]string{
"opt1",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
tmpJSON1, err := json.Marshal(map[string]interface{}{
"key": "val",
})
if err != nil {
return err
}
json1 := string(tmpJSON1)
tmpJSON2, err := json.Marshal(map[string]interface{}{
"key": "val",
})
if err != nil {
return err
}
json2 := string(tmpJSON2)
_, err = keycloak.NewRealmUserProfile(ctx, "userprofile", &keycloak.RealmUserProfileArgs{
RealmId: pulumi.Any(myRealm.Id),
UnmanagedAttributePolicy: pulumi.String("ENABLED"),
Attributes: keycloak.RealmUserProfileAttributeArray{
&keycloak.RealmUserProfileAttributeArgs{
Name: pulumi.String("field1"),
DisplayName: pulumi.String("Field 1"),
Group: pulumi.String("group1"),
MultiValued: pulumi.Bool(false),
EnabledWhenScopes: pulumi.StringArray{
pulumi.String("offline_access"),
},
RequiredForRoles: pulumi.StringArray{
pulumi.String("user"),
},
RequiredForScopes: pulumi.StringArray{
pulumi.String("offline_access"),
},
Permissions: &keycloak.RealmUserProfileAttributePermissionsArgs{
Views: pulumi.StringArray{
pulumi.String("admin"),
pulumi.String("user"),
},
Edits: pulumi.StringArray{
pulumi.String("admin"),
pulumi.String("user"),
},
},
Validators: keycloak.RealmUserProfileAttributeValidatorArray{
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("person-name-prohibited-characters"),
},
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("pattern"),
Config: pulumi.StringMap{
"pattern": pulumi.String("^[a-z]+$"),
"error-message": pulumi.String("Nope"),
},
},
},
Annotations: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
},
&keycloak.RealmUserProfileAttributeArgs{
Name: pulumi.String("field2"),
Validators: keycloak.RealmUserProfileAttributeValidatorArray{
&keycloak.RealmUserProfileAttributeValidatorArgs{
Name: pulumi.String("options"),
Config: pulumi.StringMap{
"options": pulumi.String(json0),
},
},
},
Annotations: pulumi.StringMap{
"foo": pulumi.String(json1),
},
},
},
Groups: keycloak.RealmUserProfileGroupArray{
&keycloak.RealmUserProfileGroupArgs{
Name: pulumi.String("group1"),
DisplayHeader: pulumi.String("Group 1"),
DisplayDescription: pulumi.String("A first group"),
Annotations: pulumi.StringMap{
"foo": pulumi.String("bar"),
"foo2": pulumi.String(json2),
},
},
&keycloak.RealmUserProfileGroupArgs{
Name: pulumi.String("group2"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.RealmUserProfile;
import com.pulumi.keycloak.RealmUserProfileArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileAttributeArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileAttributePermissionsArgs;
import com.pulumi.keycloak.inputs.RealmUserProfileGroupArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.build());
var userprofile = new RealmUserProfile("userprofile", RealmUserProfileArgs.builder()
.realmId(myRealm.id())
.unmanagedAttributePolicy("ENABLED")
.attributes(
RealmUserProfileAttributeArgs.builder()
.name("field1")
.displayName("Field 1")
.group("group1")
.multiValued(false)
.enabledWhenScopes("offline_access")
.requiredForRoles("user")
.requiredForScopes("offline_access")
.permissions(RealmUserProfileAttributePermissionsArgs.builder()
.views(
"admin",
"user")
.edits(
"admin",
"user")
.build())
.validators(
RealmUserProfileAttributeValidatorArgs.builder()
.name("person-name-prohibited-characters")
.build(),
RealmUserProfileAttributeValidatorArgs.builder()
.name("pattern")
.config(Map.ofEntries(
Map.entry("pattern", "^[a-z]+$"),
Map.entry("error-message", "Nope")
))
.build())
.annotations(Map.of("foo", "bar"))
.build(),
RealmUserProfileAttributeArgs.builder()
.name("field2")
.validators(RealmUserProfileAttributeValidatorArgs.builder()
.name("options")
.config(Map.of("options", serializeJson(
jsonArray("opt1"))))
.build())
.annotations(Map.of("foo", serializeJson(
jsonObject(
jsonProperty("key", "val")
))))
.build())
.groups(
RealmUserProfileGroupArgs.builder()
.name("group1")
.displayHeader("Group 1")
.displayDescription("A first group")
.annotations(Map.ofEntries(
Map.entry("foo", "bar"),
Map.entry("foo2", serializeJson(
jsonObject(
jsonProperty("key", "val")
)))
))
.build(),
RealmUserProfileGroupArgs.builder()
.name("group2")
.build())
.build());
}
}Content copied to clipboard
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
userprofile:
type: keycloak:RealmUserProfile
properties:
realmId: ${myRealm.id}
unmanagedAttributePolicy: ENABLED
attributes:
- name: field1
displayName: Field 1
group: group1
multiValued: false
enabledWhenScopes:
- offline_access
requiredForRoles:
- user
requiredForScopes:
- offline_access
permissions:
views:
- admin
- user
edits:
- admin
- user
validators:
- name: person-name-prohibited-characters
- name: pattern
config:
pattern: ^[a-z]+$
error-message: Nope
annotations:
foo: bar
- name: field2
validators:
- name: options
config:
options:
fn::toJSON:
- opt1
annotations:
foo:
fn::toJSON:
key: val
groups:
- name: group1
displayHeader: Group 1
displayDescription: A first group
annotations:
foo: bar
foo2:
fn::toJSON:
key: val
- name: group2Content copied to clipboard
Import
This resource currently does not support importing.
Constructors
Link copied to clipboard
constructor(attributes: Output<List<RealmUserProfileAttributeArgs>>? = null, groups: Output<List<RealmUserProfileGroupArgs>>? = null, realmId: Output<String>? = null, unmanagedAttributePolicy: Output<String>? = null)
Properties
Link copied to clipboard
An ordered list of attributes.
Link copied to clipboard
A list of groups.
Link copied to clipboard
Unmanaged attributes are user attributes not explicitly defined in the user profile configuration. By default, unmanaged attributes are not enabled. Value could be one of DISABLED, ENABLED, ADMIN_EDIT or ADMIN_VIEW. If value is not specified it means DISABLED