Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

getRole

This data source can be used to fetch properties of a Keycloak role for usage with other resources, such as keycloak.GroupRoles.

Example Usage

using Pulumi;
using Keycloak = Pulumi.Keycloak;

class MyStack : Stack
{
    public MyStack()
    {
        var realm = new Keycloak.Realm("realm", new Keycloak.RealmArgs
        {
            Realm = "my-realm",
            Enabled = true,
        });
        var offlineAccess = realm.Id.Apply(id => Keycloak.GetRole.InvokeAsync(new Keycloak.GetRoleArgs
        {
            RealmId = id,
            Name = "offline_access",
        }));
        var @group = new Keycloak.Group("group", new Keycloak.GroupArgs
        {
            RealmId = realm.Id,
        });
        var groupRoles = new Keycloak.GroupRoles("groupRoles", new Keycloak.GroupRolesArgs
        {
            RealmId = realm.Id,
            GroupId = @group.Id,
            RoleIds = 
            {
                offlineAccess.Apply(offlineAccess => offlineAccess.Id),
            },
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
            Realm:   pulumi.String("my-realm"),
            Enabled: pulumi.Bool(true),
        })
        if err != nil {
            return err
        }
        group, err := keycloak.NewGroup(ctx, "group", &keycloak.GroupArgs{
            RealmId: realm.ID(),
        })
        if err != nil {
            return err
        }
        _, err = keycloak.NewGroupRoles(ctx, "groupRoles", &keycloak.GroupRolesArgs{
            RealmId: realm.ID(),
            GroupId: group.ID(),
            RoleIds: pulumi.StringArray{
                offlineAccess.ApplyT(func(offlineAccess keycloak.LookupRoleResult) (string, error) {
                    return offlineAccess.Id, nil
                }).(pulumi.StringOutput),
            },
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_keycloak as keycloak

realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
offline_access = realm.id.apply(lambda id: keycloak.get_role(realm_id=id,
    name="offline_access"))
group = keycloak.Group("group", realm_id=realm.id)
group_roles = keycloak.GroupRoles("groupRoles",
    realm_id=realm.id,
    group_id=group.id,
    role_ids=[offline_access.id])
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const offlineAccess = realm.id.apply(id => keycloak.getRole({
    realmId: id,
    name: "offline_access",
}));
const group = new keycloak.Group("group", {realmId: realm.id});
const groupRoles = new keycloak.GroupRoles("groupRoles", {
    realmId: realm.id,
    groupId: group.id,
    roleIds: [offlineAccess.id],
});

Using getRole

function getRole(args: GetRoleArgs, opts?: InvokeOptions): Promise<GetRoleResult>
def get_role(client_id: Optional[str] = None, name: Optional[str] = None, realm_id: Optional[str] = None, opts: Optional[InvokeOptions] = None) -> GetRoleResult
func LookupRole(ctx *Context, args *LookupRoleArgs, opts ...InvokeOption) (*LookupRoleResult, error)

Note: This function is named LookupRole in the Go SDK.

public static class GetRole {
    public static Task<GetRoleResult> InvokeAsync(GetRoleArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Name string

The name of the role.

RealmId string

The realm this role exists within.

ClientId string

When specified, this role is assumed to be a client role belonging to the client with the provided ID. The id attribute of a keycloak_client resource should be used here.

Name string

The name of the role.

RealmId string

The realm this role exists within.

ClientId string

When specified, this role is assumed to be a client role belonging to the client with the provided ID. The id attribute of a keycloak_client resource should be used here.

name string

The name of the role.

realmId string

The realm this role exists within.

clientId string

When specified, this role is assumed to be a client role belonging to the client with the provided ID. The id attribute of a keycloak_client resource should be used here.

name str

The name of the role.

realm_id str

The realm this role exists within.

client_id str

When specified, this role is assumed to be a client role belonging to the client with the provided ID. The id attribute of a keycloak_client resource should be used here.

getRole Result

The following output properties are available:

Description string

(Computed) The description of the role.

Id string

The provider-assigned unique ID for this managed resource.

Name string
RealmId string
ClientId string
Description string

(Computed) The description of the role.

Id string

The provider-assigned unique ID for this managed resource.

Name string
RealmId string
ClientId string
description string

(Computed) The description of the role.

id string

The provider-assigned unique ID for this managed resource.

name string
realmId string
clientId string
description str

(Computed) The description of the role.

id str

The provider-assigned unique ID for this managed resource.

name str
realm_id str
client_id str

Package Details

Repository
https://github.com/pulumi/pulumi-keycloak
License
Apache-2.0
Notes
This Pulumi package is based on the keycloak Terraform Provider.