Docs Home
Keycloak v6.5.0 published on Tuesday, May 13, 2025 by Pulumi
keycloak.getUserRealmRoles
Explore with Pulumi AI
This data source can be used to fetch the realm roles of a user within Keycloak.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const masterRealm = keycloak.getRealm({
realm: "master",
});
// use the keycloak_user data source to grab the admin user's ID
const defaultAdminUser = masterRealm.then(masterRealm => keycloak.getUser({
realmId: masterRealm.id,
username: "keycloak",
}));
// use the keycloak_user_realm_roles data source to list role names
const userRealmRoles = Promise.all([masterRealm, defaultAdminUser]).then(([masterRealm, defaultAdminUser]) => keycloak.getUserRealmRoles({
realmId: masterRealm.id,
userId: defaultAdminUser.id,
}));
export const keycloakUserRoleNames = userRealmRoles.then(userRealmRoles => userRealmRoles.roleNames);
import pulumi
import pulumi_keycloak as keycloak
master_realm = keycloak.get_realm(realm="master")
# use the keycloak_user data source to grab the admin user's ID
default_admin_user = keycloak.get_user(realm_id=master_realm.id,
username="keycloak")
# use the keycloak_user_realm_roles data source to list role names
user_realm_roles = keycloak.get_user_realm_roles(realm_id=master_realm.id,
user_id=default_admin_user.id)
pulumi.export("keycloakUserRoleNames", user_realm_roles.role_names)
package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
masterRealm, err := keycloak.LookupRealm(ctx, &keycloak.LookupRealmArgs{
Realm: "master",
}, nil)
if err != nil {
return err
}
// use the keycloak_user data source to grab the admin user's ID
defaultAdminUser, err := keycloak.LookupUser(ctx, &keycloak.LookupUserArgs{
RealmId: masterRealm.Id,
Username: "keycloak",
}, nil)
if err != nil {
return err
}
// use the keycloak_user_realm_roles data source to list role names
userRealmRoles, err := keycloak.GetUserRealmRoles(ctx, &keycloak.GetUserRealmRolesArgs{
RealmId: masterRealm.Id,
UserId: defaultAdminUser.Id,
}, nil)
if err != nil {
return err
}
ctx.Export("keycloakUserRoleNames", userRealmRoles.RoleNames)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var masterRealm = Keycloak.GetRealm.Invoke(new()
{
Realm = "master",
});
// use the keycloak_user data source to grab the admin user's ID
var defaultAdminUser = Keycloak.GetUser.Invoke(new()
{
RealmId = masterRealm.Apply(getRealmResult => getRealmResult.Id),
Username = "keycloak",
});
// use the keycloak_user_realm_roles data source to list role names
var userRealmRoles = Keycloak.GetUserRealmRoles.Invoke(new()
{
RealmId = masterRealm.Apply(getRealmResult => getRealmResult.Id),
UserId = defaultAdminUser.Apply(getUserResult => getUserResult.Id),
});
return new Dictionary<string, object?>
{
["keycloakUserRoleNames"] = userRealmRoles.Apply(getUserRealmRolesResult => getUserRealmRolesResult.RoleNames),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.KeycloakFunctions;
import com.pulumi.keycloak.inputs.GetRealmArgs;
import com.pulumi.keycloak.inputs.GetUserArgs;
import com.pulumi.keycloak.inputs.GetUserRealmRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var masterRealm = KeycloakFunctions.getRealm(GetRealmArgs.builder()
.realm("master")
.build());
// use the keycloak_user data source to grab the admin user's ID
final var defaultAdminUser = KeycloakFunctions.getUser(GetUserArgs.builder()
.realmId(masterRealm.id())
.username("keycloak")
.build());
// use the keycloak_user_realm_roles data source to list role names
final var userRealmRoles = KeycloakFunctions.getUserRealmRoles(GetUserRealmRolesArgs.builder()
.realmId(masterRealm.id())
.userId(defaultAdminUser.id())
.build());
ctx.export("keycloakUserRoleNames", userRealmRoles.roleNames());
}
}
variables:
masterRealm:
fn::invoke:
function: keycloak:getRealm
arguments:
realm: master
# use the keycloak_user data source to grab the admin user's ID
defaultAdminUser:
fn::invoke:
function: keycloak:getUser
arguments:
realmId: ${masterRealm.id}
username: keycloak
# use the keycloak_user_realm_roles data source to list role names
userRealmRoles:
fn::invoke:
function: keycloak:getUserRealmRoles
arguments:
realmId: ${masterRealm.id}
userId: ${defaultAdminUser.id}
outputs:
keycloakUserRoleNames: ${userRealmRoles.roleNames}
Using getUserRealmRoles
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getUserRealmRoles(args: GetUserRealmRolesArgs, opts?: InvokeOptions): Promise<GetUserRealmRolesResult>
function getUserRealmRolesOutput(args: GetUserRealmRolesOutputArgs, opts?: InvokeOptions): Output<GetUserRealmRolesResult>def get_user_realm_roles(realm_id: Optional[str] = None,
user_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetUserRealmRolesResult
def get_user_realm_roles_output(realm_id: Optional[pulumi.Input[str]] = None,
user_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetUserRealmRolesResult]func GetUserRealmRoles(ctx *Context, args *GetUserRealmRolesArgs, opts ...InvokeOption) (*GetUserRealmRolesResult, error)
func GetUserRealmRolesOutput(ctx *Context, args *GetUserRealmRolesOutputArgs, opts ...InvokeOption) GetUserRealmRolesResultOutput> Note: This function is named GetUserRealmRoles in the Go SDK.
public static class GetUserRealmRoles
{
public static Task<GetUserRealmRolesResult> InvokeAsync(GetUserRealmRolesArgs args, InvokeOptions? opts = null)
public static Output<GetUserRealmRolesResult> Invoke(GetUserRealmRolesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetUserRealmRolesResult> getUserRealmRoles(GetUserRealmRolesArgs args, InvokeOptions options)
public static Output<GetUserRealmRolesResult> getUserRealmRoles(GetUserRealmRolesArgs args, InvokeOptions options)
fn::invoke:
function: keycloak:index/getUserRealmRoles:getUserRealmRoles
arguments:
# arguments dictionaryThe following arguments are supported:
getUserRealmRoles Result
The following output properties are available:
- id str
- The provider-assigned unique ID for this managed resource.
- realm_
id str - role_
names Sequence[str] - (Computed) A list of realm roles that belong to this user.
- user_
id str
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
keycloakTerraform Provider.