keycloak logo
Keycloak v5.1.0, Mar 14 23

keycloak.getRealm

This data source can be used to fetch properties of a Keycloak realm for usage with other resources.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var realm = Keycloak.GetRealm.Invoke(new()
    {
        Realm = "my-realm",
    });

    var @group = new Keycloak.Role("group", new()
    {
        RealmId = realm.Apply(getRealmResult => getRealmResult.Id),
    });

});
package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.LookupRealm(ctx, &keycloak.LookupRealmArgs{
			Realm: "my-realm",
		}, nil)
		if err != nil {
			return err
		}
		_, err = keycloak.NewRole(ctx, "group", &keycloak.RoleArgs{
			RealmId: *pulumi.String(realm.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.KeycloakFunctions;
import com.pulumi.keycloak.inputs.GetRealmArgs;
import com.pulumi.keycloak.Role;
import com.pulumi.keycloak.RoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var realm = KeycloakFunctions.getRealm(GetRealmArgs.builder()
            .realm("my-realm")
            .build());

        var group = new Role("group", RoleArgs.builder()        
            .realmId(realm.applyValue(getRealmResult -> getRealmResult.id()))
            .build());

    }
}
import pulumi
import pulumi_keycloak as keycloak

realm = keycloak.get_realm(realm="my-realm")
group = keycloak.Role("group", realm_id=realm.id)
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realm = keycloak.getRealm({
    realm: "my-realm",
});
const group = new keycloak.Role("group", {realmId: realm.then(realm => realm.id)});
resources:
  group:
    type: keycloak:Role
    properties:
      realmId: ${realm.id}
variables:
  realm: # use the data source
    fn::invoke:
      Function: keycloak:getRealm
      Arguments:
        realm: my-realm

Using getRealm

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getRealm(args: GetRealmArgs, opts?: InvokeOptions): Promise<GetRealmResult>
function getRealmOutput(args: GetRealmOutputArgs, opts?: InvokeOptions): Output<GetRealmResult>
def get_realm(attributes: Optional[Mapping[str, Any]] = None,
              default_default_client_scopes: Optional[Sequence[str]] = None,
              default_optional_client_scopes: Optional[Sequence[str]] = None,
              display_name_html: Optional[str] = None,
              internationalizations: Optional[Sequence[GetRealmInternationalization]] = None,
              otp_policy: Optional[GetRealmOtpPolicy] = None,
              realm: Optional[str] = None,
              security_defenses: Optional[Sequence[GetRealmSecurityDefense]] = None,
              smtp_servers: Optional[Sequence[GetRealmSmtpServer]] = None,
              web_authn_passwordless_policy: Optional[GetRealmWebAuthnPasswordlessPolicy] = None,
              web_authn_policy: Optional[GetRealmWebAuthnPolicy] = None,
              opts: Optional[InvokeOptions] = None) -> GetRealmResult
def get_realm_output(attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None,
              default_default_client_scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
              default_optional_client_scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
              display_name_html: Optional[pulumi.Input[str]] = None,
              internationalizations: Optional[pulumi.Input[Sequence[pulumi.Input[GetRealmInternationalizationArgs]]]] = None,
              otp_policy: Optional[pulumi.Input[GetRealmOtpPolicyArgs]] = None,
              realm: Optional[pulumi.Input[str]] = None,
              security_defenses: Optional[pulumi.Input[Sequence[pulumi.Input[GetRealmSecurityDefenseArgs]]]] = None,
              smtp_servers: Optional[pulumi.Input[Sequence[pulumi.Input[GetRealmSmtpServerArgs]]]] = None,
              web_authn_passwordless_policy: Optional[pulumi.Input[GetRealmWebAuthnPasswordlessPolicyArgs]] = None,
              web_authn_policy: Optional[pulumi.Input[GetRealmWebAuthnPolicyArgs]] = None,
              opts: Optional[InvokeOptions] = None) -> Output[GetRealmResult]
func LookupRealm(ctx *Context, args *LookupRealmArgs, opts ...InvokeOption) (*LookupRealmResult, error)
func LookupRealmOutput(ctx *Context, args *LookupRealmOutputArgs, opts ...InvokeOption) LookupRealmResultOutput

> Note: This function is named LookupRealm in the Go SDK.

public static class GetRealm 
{
    public static Task<GetRealmResult> InvokeAsync(GetRealmArgs args, InvokeOptions? opts = null)
    public static Output<GetRealmResult> Invoke(GetRealmInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetRealmResult> getRealm(GetRealmArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: keycloak:index/getRealm:getRealm
  arguments:
    # arguments dictionary

The following arguments are supported:

getRealm Result

The following output properties are available:

AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes Dictionary<string, object>
BrowserFlow string
ClientAuthenticationFlow string
ClientSessionIdleTimeout string
ClientSessionMaxLifespan string
DefaultDefaultClientScopes List<string>
DefaultOptionalClientScopes List<string>
DefaultSignatureAlgorithm string
DirectGrantFlow string
DisplayName string
DockerAuthenticationFlow string
DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
Id string

The provider-assigned unique ID for this managed resource.

InternalId string
Internationalizations List<GetRealmInternationalization>
LoginTheme string
LoginWithEmailAllowed bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval int
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
OfflineSessionMaxLifespanEnabled bool
OtpPolicy GetRealmOtpPolicy
PasswordPolicy string
Realm string
RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string
RememberMe bool
ResetCredentialsFlow string
ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses List<GetRealmSecurityDefense>
SmtpServers List<GetRealmSmtpServer>
SslRequired string
SsoSessionIdleTimeout string
SsoSessionIdleTimeoutRememberMe string
SsoSessionMaxLifespan string
SsoSessionMaxLifespanRememberMe string
UserManagedAccess bool
VerifyEmail bool
WebAuthnPasswordlessPolicy GetRealmWebAuthnPasswordlessPolicy
WebAuthnPolicy GetRealmWebAuthnPolicy
DisplayNameHtml string
AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes map[string]interface{}
BrowserFlow string
ClientAuthenticationFlow string
ClientSessionIdleTimeout string
ClientSessionMaxLifespan string
DefaultDefaultClientScopes []string
DefaultOptionalClientScopes []string
DefaultSignatureAlgorithm string
DirectGrantFlow string
DisplayName string
DockerAuthenticationFlow string
DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
Id string

The provider-assigned unique ID for this managed resource.

InternalId string
Internationalizations []GetRealmInternationalization
LoginTheme string
LoginWithEmailAllowed bool
Oauth2DeviceCodeLifespan string
Oauth2DevicePollingInterval int
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
OfflineSessionMaxLifespanEnabled bool
OtpPolicy GetRealmOtpPolicy
PasswordPolicy string
Realm string
RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string
RememberMe bool
ResetCredentialsFlow string
ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses []GetRealmSecurityDefense
SmtpServers []GetRealmSmtpServer
SslRequired string
SsoSessionIdleTimeout string
SsoSessionIdleTimeoutRememberMe string
SsoSessionMaxLifespan string
SsoSessionMaxLifespanRememberMe string
UserManagedAccess bool
VerifyEmail bool
WebAuthnPasswordlessPolicy GetRealmWebAuthnPasswordlessPolicy
WebAuthnPolicy GetRealmWebAuthnPolicy
DisplayNameHtml string
accessCodeLifespan String
accessCodeLifespanLogin String
accessCodeLifespanUserAction String
accessTokenLifespan String
accessTokenLifespanForImplicitFlow String
accountTheme String
actionTokenGeneratedByAdminLifespan String
actionTokenGeneratedByUserLifespan String
adminTheme String
attributes Map<String,Object>
browserFlow String
clientAuthenticationFlow String
clientSessionIdleTimeout String
clientSessionMaxLifespan String
defaultDefaultClientScopes List<String>
defaultOptionalClientScopes List<String>
defaultSignatureAlgorithm String
directGrantFlow String
displayName String
dockerAuthenticationFlow String
duplicateEmailsAllowed Boolean
editUsernameAllowed Boolean
emailTheme String
enabled Boolean
id String

The provider-assigned unique ID for this managed resource.

internalId String
internationalizations List<GetRealmInternationalization>
loginTheme String
loginWithEmailAllowed Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval Integer
offlineSessionIdleTimeout String
offlineSessionMaxLifespan String
offlineSessionMaxLifespanEnabled Boolean
otpPolicy GetRealmOtpPolicy
passwordPolicy String
realm String
refreshTokenMaxReuse Integer
registrationAllowed Boolean
registrationEmailAsUsername Boolean
registrationFlow String
rememberMe Boolean
resetCredentialsFlow String
resetPasswordAllowed Boolean
revokeRefreshToken Boolean
securityDefenses List<GetRealmSecurityDefense>
smtpServers List<GetRealmSmtpServer>
sslRequired String
ssoSessionIdleTimeout String
ssoSessionIdleTimeoutRememberMe String
ssoSessionMaxLifespan String
ssoSessionMaxLifespanRememberMe String
userManagedAccess Boolean
verifyEmail Boolean
webAuthnPasswordlessPolicy GetRealmWebAuthnPasswordlessPolicy
webAuthnPolicy GetRealmWebAuthnPolicy
displayNameHtml String
accessCodeLifespan string
accessCodeLifespanLogin string
accessCodeLifespanUserAction string
accessTokenLifespan string
accessTokenLifespanForImplicitFlow string
accountTheme string
actionTokenGeneratedByAdminLifespan string
actionTokenGeneratedByUserLifespan string
adminTheme string
attributes {[key: string]: any}
browserFlow string
clientAuthenticationFlow string
clientSessionIdleTimeout string
clientSessionMaxLifespan string
defaultDefaultClientScopes string[]
defaultOptionalClientScopes string[]
defaultSignatureAlgorithm string
directGrantFlow string
displayName string
dockerAuthenticationFlow string
duplicateEmailsAllowed boolean
editUsernameAllowed boolean
emailTheme string
enabled boolean
id string

The provider-assigned unique ID for this managed resource.

internalId string
internationalizations GetRealmInternationalization[]
loginTheme string
loginWithEmailAllowed boolean
oauth2DeviceCodeLifespan string
oauth2DevicePollingInterval number
offlineSessionIdleTimeout string
offlineSessionMaxLifespan string
offlineSessionMaxLifespanEnabled boolean
otpPolicy GetRealmOtpPolicy
passwordPolicy string
realm string
refreshTokenMaxReuse number
registrationAllowed boolean
registrationEmailAsUsername boolean
registrationFlow string
rememberMe boolean
resetCredentialsFlow string
resetPasswordAllowed boolean
revokeRefreshToken boolean
securityDefenses GetRealmSecurityDefense[]
smtpServers GetRealmSmtpServer[]
sslRequired string
ssoSessionIdleTimeout string
ssoSessionIdleTimeoutRememberMe string
ssoSessionMaxLifespan string
ssoSessionMaxLifespanRememberMe string
userManagedAccess boolean
verifyEmail boolean
webAuthnPasswordlessPolicy GetRealmWebAuthnPasswordlessPolicy
webAuthnPolicy GetRealmWebAuthnPolicy
displayNameHtml string
access_code_lifespan str
access_code_lifespan_login str
access_code_lifespan_user_action str
access_token_lifespan str
access_token_lifespan_for_implicit_flow str
account_theme str
action_token_generated_by_admin_lifespan str
action_token_generated_by_user_lifespan str
admin_theme str
attributes Mapping[str, Any]
browser_flow str
client_authentication_flow str
client_session_idle_timeout str
client_session_max_lifespan str
default_default_client_scopes Sequence[str]
default_optional_client_scopes Sequence[str]
default_signature_algorithm str
direct_grant_flow str
display_name str
docker_authentication_flow str
duplicate_emails_allowed bool
edit_username_allowed bool
email_theme str
enabled bool
id str

The provider-assigned unique ID for this managed resource.

internal_id str
internationalizations Sequence[GetRealmInternationalization]
login_theme str
login_with_email_allowed bool
oauth2_device_code_lifespan str
oauth2_device_polling_interval int
offline_session_idle_timeout str
offline_session_max_lifespan str
offline_session_max_lifespan_enabled bool
otp_policy GetRealmOtpPolicy
password_policy str
realm str
refresh_token_max_reuse int
registration_allowed bool
registration_email_as_username bool
registration_flow str
remember_me bool
reset_credentials_flow str
reset_password_allowed bool
revoke_refresh_token bool
security_defenses Sequence[GetRealmSecurityDefense]
smtp_servers Sequence[GetRealmSmtpServer]
ssl_required str
sso_session_idle_timeout str
sso_session_idle_timeout_remember_me str
sso_session_max_lifespan str
sso_session_max_lifespan_remember_me str
user_managed_access bool
verify_email bool
web_authn_passwordless_policy GetRealmWebAuthnPasswordlessPolicy
web_authn_policy GetRealmWebAuthnPolicy
display_name_html str
accessCodeLifespan String
accessCodeLifespanLogin String
accessCodeLifespanUserAction String
accessTokenLifespan String
accessTokenLifespanForImplicitFlow String
accountTheme String
actionTokenGeneratedByAdminLifespan String
actionTokenGeneratedByUserLifespan String
adminTheme String
attributes Map<Any>
browserFlow String
clientAuthenticationFlow String
clientSessionIdleTimeout String
clientSessionMaxLifespan String
defaultDefaultClientScopes List<String>
defaultOptionalClientScopes List<String>
defaultSignatureAlgorithm String
directGrantFlow String
displayName String
dockerAuthenticationFlow String
duplicateEmailsAllowed Boolean
editUsernameAllowed Boolean
emailTheme String
enabled Boolean
id String

The provider-assigned unique ID for this managed resource.

internalId String
internationalizations List<Property Map>
loginTheme String
loginWithEmailAllowed Boolean
oauth2DeviceCodeLifespan String
oauth2DevicePollingInterval Number
offlineSessionIdleTimeout String
offlineSessionMaxLifespan String
offlineSessionMaxLifespanEnabled Boolean
otpPolicy Property Map
passwordPolicy String
realm String
refreshTokenMaxReuse Number
registrationAllowed Boolean
registrationEmailAsUsername Boolean
registrationFlow String
rememberMe Boolean
resetCredentialsFlow String
resetPasswordAllowed Boolean
revokeRefreshToken Boolean
securityDefenses List<Property Map>
smtpServers List<Property Map>
sslRequired String
ssoSessionIdleTimeout String
ssoSessionIdleTimeoutRememberMe String
ssoSessionMaxLifespan String
ssoSessionMaxLifespanRememberMe String
userManagedAccess Boolean
verifyEmail Boolean
webAuthnPasswordlessPolicy Property Map
webAuthnPolicy Property Map
displayNameHtml String

Supporting Types

GetRealmInternationalization

DefaultLocale string
SupportedLocales List<string>
defaultLocale String
supportedLocales List<String>
defaultLocale String
supportedLocales List<String>

GetRealmOtpPolicy

algorithm String
digits Integer
initialCounter Integer
lookAheadWindow Integer
period Integer
type String
algorithm string
digits number
initialCounter number
lookAheadWindow number
period number
type string
algorithm String
digits Number
initialCounter Number
lookAheadWindow Number
period Number
type String

GetRealmSecurityDefense

GetRealmSecurityDefenseBruteForceDetection

GetRealmSecurityDefenseHeader

GetRealmSmtpServer

auths List<Property Map>
envelopeFrom String
from String
fromDisplayName String
host String
port String
replyTo String
replyToDisplayName String
ssl Boolean
starttls Boolean

GetRealmSmtpServerAuth

Password string
Username string
Password string
Username string
password String
username String
password string
username string
password String
username String

GetRealmWebAuthnPasswordlessPolicy

GetRealmWebAuthnPolicy

Package Details

Repository
Keycloak pulumi/pulumi-keycloak
License
Apache-2.0
Notes

This Pulumi package is based on the keycloak Terraform Provider.