Keycloak v5.3.1, Mar 11 24

Keycloak v5.3.1 published on Monday, Mar 11, 2024 by Pulumi

keycloak.authentication.Bindings

Explore with Pulumi AI

Keycloak v5.3.1 published on Monday, Mar 11, 2024 by Pulumi

Note that you can also use the keycloak.Realm resource to assign authentication flow bindings at the realm level. This resource is useful if you would like to create a realm and an authentication flow, and assign this flow to the realm within a single run of pulumi up. In any case, do not attempt to use both the arguments within the keycloak.Realm resource and this resource to manage authentication flow bindings, you should choose one or the other.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const flow = new keycloak.authentication.Flow("flow", {
    realmId: realm.id,
    alias: "my-flow-alias",
});
// first execution
const executionOne = new keycloak.authentication.Execution("executionOne", {
    realmId: realm.id,
    parentFlowAlias: flow.alias,
    authenticator: "auth-cookie",
    requirement: "ALTERNATIVE",
});
// second execution
const executionTwo = new keycloak.authentication.Execution("executionTwo", {
    realmId: realm.id,
    parentFlowAlias: flow.alias,
    authenticator: "identity-provider-redirector",
    requirement: "ALTERNATIVE",
}, {
    dependsOn: [executionOne],
});
const browserAuthenticationBinding = new keycloak.authentication.Bindings("browserAuthenticationBinding", {
    realmId: realm.id,
    browserFlow: flow.alias,
});

import pulumi
import pulumi_keycloak as keycloak

realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
flow = keycloak.authentication.Flow("flow",
    realm_id=realm.id,
    alias="my-flow-alias")
# first execution
execution_one = keycloak.authentication.Execution("executionOne",
    realm_id=realm.id,
    parent_flow_alias=flow.alias,
    authenticator="auth-cookie",
    requirement="ALTERNATIVE")
# second execution
execution_two = keycloak.authentication.Execution("executionTwo",
    realm_id=realm.id,
    parent_flow_alias=flow.alias,
    authenticator="identity-provider-redirector",
    requirement="ALTERNATIVE",
    opts=pulumi.ResourceOptions(depends_on=[execution_one]))
browser_authentication_binding = keycloak.authentication.Bindings("browserAuthenticationBinding",
    realm_id=realm.id,
    browser_flow=flow.alias)

package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/authentication"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		flow, err := authentication.NewFlow(ctx, "flow", &authentication.FlowArgs{
			RealmId: realm.ID(),
			Alias:   pulumi.String("my-flow-alias"),
		})
		if err != nil {
			return err
		}
		// first execution
		executionOne, err := authentication.NewExecution(ctx, "executionOne", &authentication.ExecutionArgs{
			RealmId:         realm.ID(),
			ParentFlowAlias: flow.Alias,
			Authenticator:   pulumi.String("auth-cookie"),
			Requirement:     pulumi.String("ALTERNATIVE"),
		})
		if err != nil {
			return err
		}
		// second execution
		_, err = authentication.NewExecution(ctx, "executionTwo", &authentication.ExecutionArgs{
			RealmId:         realm.ID(),
			ParentFlowAlias: flow.Alias,
			Authenticator:   pulumi.String("identity-provider-redirector"),
			Requirement:     pulumi.String("ALTERNATIVE"),
		}, pulumi.DependsOn([]pulumi.Resource{
			executionOne,
		}))
		if err != nil {
			return err
		}
		_, err = authentication.NewBindings(ctx, "browserAuthenticationBinding", &authentication.BindingsArgs{
			RealmId:     realm.ID(),
			BrowserFlow: flow.Alias,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var realm = new Keycloak.Realm("realm", new()
    {
        RealmName = "my-realm",
        Enabled = true,
    });

    var flow = new Keycloak.Authentication.Flow("flow", new()
    {
        RealmId = realm.Id,
        Alias = "my-flow-alias",
    });

    // first execution
    var executionOne = new Keycloak.Authentication.Execution("executionOne", new()
    {
        RealmId = realm.Id,
        ParentFlowAlias = flow.Alias,
        Authenticator = "auth-cookie",
        Requirement = "ALTERNATIVE",
    });

    // second execution
    var executionTwo = new Keycloak.Authentication.Execution("executionTwo", new()
    {
        RealmId = realm.Id,
        ParentFlowAlias = flow.Alias,
        Authenticator = "identity-provider-redirector",
        Requirement = "ALTERNATIVE",
    }, new CustomResourceOptions
    {
        DependsOn = new[]
        {
            executionOne,
        },
    });

    var browserAuthenticationBinding = new Keycloak.Authentication.Bindings("browserAuthenticationBinding", new()
    {
        RealmId = realm.Id,
        BrowserFlow = flow.Alias,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.authentication.Flow;
import com.pulumi.keycloak.authentication.FlowArgs;
import com.pulumi.keycloak.authentication.Execution;
import com.pulumi.keycloak.authentication.ExecutionArgs;
import com.pulumi.keycloak.authentication.Bindings;
import com.pulumi.keycloak.authentication.BindingsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var realm = new Realm("realm", RealmArgs.builder()        
            .realm("my-realm")
            .enabled(true)
            .build());

        var flow = new Flow("flow", FlowArgs.builder()        
            .realmId(realm.id())
            .alias("my-flow-alias")
            .build());

        var executionOne = new Execution("executionOne", ExecutionArgs.builder()        
            .realmId(realm.id())
            .parentFlowAlias(flow.alias())
            .authenticator("auth-cookie")
            .requirement("ALTERNATIVE")
            .build());

        var executionTwo = new Execution("executionTwo", ExecutionArgs.builder()        
            .realmId(realm.id())
            .parentFlowAlias(flow.alias())
            .authenticator("identity-provider-redirector")
            .requirement("ALTERNATIVE")
            .build(), CustomResourceOptions.builder()
                .dependsOn(executionOne)
                .build());

        var browserAuthenticationBinding = new Bindings("browserAuthenticationBinding", BindingsArgs.builder()        
            .realmId(realm.id())
            .browserFlow(flow.alias())
            .build());

    }
}

resources:
  realm:
    type: keycloak:Realm
    properties:
      realm: my-realm
      enabled: true
  flow:
    type: keycloak:authentication:Flow
    properties:
      realmId: ${realm.id}
      alias: my-flow-alias
  # first execution
  executionOne:
    type: keycloak:authentication:Execution
    properties:
      realmId: ${realm.id}
      parentFlowAlias: ${flow.alias}
      authenticator: auth-cookie
      requirement: ALTERNATIVE
  # second execution
  executionTwo:
    type: keycloak:authentication:Execution
    properties:
      realmId: ${realm.id}
      parentFlowAlias: ${flow.alias}
      authenticator: identity-provider-redirector
      requirement: ALTERNATIVE
    options:
      dependson:
        - ${executionOne}
  browserAuthenticationBinding:
    type: keycloak:authentication:Bindings
    properties:
      realmId: ${realm.id}
      browserFlow: ${flow.alias}

Create Bindings Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Bindings(name: string, args: BindingsArgs, opts?: CustomResourceOptions);

@overload
def Bindings(resource_name: str,
             args: BindingsArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def Bindings(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             realm_id: Optional[str] = None,
             browser_flow: Optional[str] = None,
             client_authentication_flow: Optional[str] = None,
             direct_grant_flow: Optional[str] = None,
             docker_authentication_flow: Optional[str] = None,
             registration_flow: Optional[str] = None,
             reset_credentials_flow: Optional[str] = None)

func NewBindings(ctx *Context, name string, args BindingsArgs, opts ...ResourceOption) (*Bindings, error)

public Bindings(string name, BindingsArgs args, CustomResourceOptions? opts = null)

public Bindings(String name, BindingsArgs args)
public Bindings(String name, BindingsArgs args, CustomResourceOptions options)

type: keycloak:authentication:Bindings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args BindingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args BindingsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args BindingsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args BindingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args BindingsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var bindingsResource = new Keycloak.Authentication.Bindings("bindingsResource", new()
{
    RealmId = "string",
    BrowserFlow = "string",
    ClientAuthenticationFlow = "string",
    DirectGrantFlow = "string",
    DockerAuthenticationFlow = "string",
    RegistrationFlow = "string",
    ResetCredentialsFlow = "string",
});

example, err := authentication.NewBindings(ctx, "bindingsResource", &authentication.BindingsArgs{
	RealmId:                  pulumi.String("string"),
	BrowserFlow:              pulumi.String("string"),
	ClientAuthenticationFlow: pulumi.String("string"),
	DirectGrantFlow:          pulumi.String("string"),
	DockerAuthenticationFlow: pulumi.String("string"),
	RegistrationFlow:         pulumi.String("string"),
	ResetCredentialsFlow:     pulumi.String("string"),
})

var bindingsResource = new Bindings("bindingsResource", BindingsArgs.builder()        
    .realmId("string")
    .browserFlow("string")
    .clientAuthenticationFlow("string")
    .directGrantFlow("string")
    .dockerAuthenticationFlow("string")
    .registrationFlow("string")
    .resetCredentialsFlow("string")
    .build());

bindings_resource = keycloak.authentication.Bindings("bindingsResource",
    realm_id="string",
    browser_flow="string",
    client_authentication_flow="string",
    direct_grant_flow="string",
    docker_authentication_flow="string",
    registration_flow="string",
    reset_credentials_flow="string")

const bindingsResource = new keycloak.authentication.Bindings("bindingsResource", {
    realmId: "string",
    browserFlow: "string",
    clientAuthenticationFlow: "string",
    directGrantFlow: "string",
    dockerAuthenticationFlow: "string",
    registrationFlow: "string",
    resetCredentialsFlow: "string",
});

type: keycloak:authentication:Bindings
properties:
    browserFlow: string
    clientAuthenticationFlow: string
    directGrantFlow: string
    dockerAuthenticationFlow: string
    realmId: string
    registrationFlow: string
    resetCredentialsFlow: string

Bindings Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Bindings resource accepts the following input properties:

RealmId string: The realm the authentication flow binding exists in.
BrowserFlow string: The alias of the flow to assign to the realm BrowserFlow.
ClientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
DirectGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
DockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
RegistrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
ResetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

RealmId string: The realm the authentication flow binding exists in.
BrowserFlow string: The alias of the flow to assign to the realm BrowserFlow.
ClientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
DirectGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
DockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
RegistrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
ResetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

realmId String: The realm the authentication flow binding exists in.
browserFlow String: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow String: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow String: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow String: The alias of the flow to assign to the realm DockerAuthenticationFlow.
registrationFlow String: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow String: The alias of the flow to assign to the realm ResetCredentialsFlow.

realmId string: The realm the authentication flow binding exists in.
browserFlow string: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
registrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

realm_id str: The realm the authentication flow binding exists in.
browser_flow str: The alias of the flow to assign to the realm BrowserFlow.
client_authentication_flow str: The alias of the flow to assign to the realm ClientAuthenticationFlow.
direct_grant_flow str: The alias of the flow to assign to the realm DirectGrantFlow.
docker_authentication_flow str: The alias of the flow to assign to the realm DockerAuthenticationFlow.
registration_flow str: The alias of the flow to assign to the realm RegistrationFlow.
reset_credentials_flow str: The alias of the flow to assign to the realm ResetCredentialsFlow.

realmId String: The realm the authentication flow binding exists in.
browserFlow String: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow String: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow String: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow String: The alias of the flow to assign to the realm DockerAuthenticationFlow.
registrationFlow String: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow String: The alias of the flow to assign to the realm ResetCredentialsFlow.

Outputs

All input properties are implicitly available as output properties. Additionally, the Bindings resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Bindings Resource

Get an existing Bindings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BindingsState, opts?: CustomResourceOptions): Bindings

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        browser_flow: Optional[str] = None,
        client_authentication_flow: Optional[str] = None,
        direct_grant_flow: Optional[str] = None,
        docker_authentication_flow: Optional[str] = None,
        realm_id: Optional[str] = None,
        registration_flow: Optional[str] = None,
        reset_credentials_flow: Optional[str] = None) -> Bindings

func GetBindings(ctx *Context, name string, id IDInput, state *BindingsState, opts ...ResourceOption) (*Bindings, error)

public static Bindings Get(string name, Input<string> id, BindingsState? state, CustomResourceOptions? opts = null)

public static Bindings get(String name, Output<String> id, BindingsState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

BrowserFlow string: The alias of the flow to assign to the realm BrowserFlow.
ClientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
DirectGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
DockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
RealmId string: The realm the authentication flow binding exists in.
RegistrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
ResetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

BrowserFlow string: The alias of the flow to assign to the realm BrowserFlow.
ClientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
DirectGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
DockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
RealmId string: The realm the authentication flow binding exists in.
RegistrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
ResetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

browserFlow String: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow String: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow String: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow String: The alias of the flow to assign to the realm DockerAuthenticationFlow.
realmId String: The realm the authentication flow binding exists in.
registrationFlow String: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow String: The alias of the flow to assign to the realm ResetCredentialsFlow.

browserFlow string: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow string: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow string: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow string: The alias of the flow to assign to the realm DockerAuthenticationFlow.
realmId string: The realm the authentication flow binding exists in.
registrationFlow string: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow string: The alias of the flow to assign to the realm ResetCredentialsFlow.

browser_flow str: The alias of the flow to assign to the realm BrowserFlow.
client_authentication_flow str: The alias of the flow to assign to the realm ClientAuthenticationFlow.
direct_grant_flow str: The alias of the flow to assign to the realm DirectGrantFlow.
docker_authentication_flow str: The alias of the flow to assign to the realm DockerAuthenticationFlow.
realm_id str: The realm the authentication flow binding exists in.
registration_flow str: The alias of the flow to assign to the realm RegistrationFlow.
reset_credentials_flow str: The alias of the flow to assign to the realm ResetCredentialsFlow.

browserFlow String: The alias of the flow to assign to the realm BrowserFlow.
clientAuthenticationFlow String: The alias of the flow to assign to the realm ClientAuthenticationFlow.
directGrantFlow String: The alias of the flow to assign to the realm DirectGrantFlow.
dockerAuthenticationFlow String: The alias of the flow to assign to the realm DockerAuthenticationFlow.
realmId String: The realm the authentication flow binding exists in.
registrationFlow String: The alias of the flow to assign to the realm RegistrationFlow.
resetCredentialsFlow String: The alias of the flow to assign to the realm ResetCredentialsFlow.

Package Details

Repository: Keycloak pulumi/pulumi-keycloak
License: Apache-2.0
Notes: This Pulumi package is based on the keycloak Terraform Provider.

Keycloak v5.3.1 published on Monday, Mar 11, 2024 by Pulumi

pulumi/pulumi-keycloak

keycloak.authentication.Bindings

On this page

On this page

Example Usage

Create Bindings Resource

Constructor syntax

Parameters

Example

Bindings Resource Properties

Inputs

Outputs

Look up Existing Bindings Resource

Package Details

On this page

On this page