RealmKeystoreRsa

Allows for creating and managing rsa Realm keystores within Keycloak.

A realm keystore manages generated key pairs that are used by Keycloak to perform cryptographic signatures and encryption.

Example Usage

Coming soon!

Coming soon!

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const myRealm = new keycloak.Realm("myRealm", {realm: "my-realm"});
const keystoreRsa = new keycloak.RealmKeystoreRsa("keystoreRsa", {
    realmId: myRealm.realm,
    enabled: true,
    active: true,
    privateKey: "<your rsa private key>",
    certificate: "<your certificate>",
    priority: 100,
    algorithm: "RS256",
    keystoreSize: 2048,
});

Create a RealmKeystoreRsa Resource

new RealmKeystoreRsa(name: string, args: RealmKeystoreRsaArgs, opts?: CustomResourceOptions);
@overload
def RealmKeystoreRsa(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     active: Optional[bool] = None,
                     algorithm: Optional[str] = None,
                     certificate: Optional[str] = None,
                     enabled: Optional[bool] = None,
                     name: Optional[str] = None,
                     priority: Optional[int] = None,
                     private_key: Optional[str] = None,
                     realm_id: Optional[str] = None)
@overload
def RealmKeystoreRsa(resource_name: str,
                     args: RealmKeystoreRsaArgs,
                     opts: Optional[ResourceOptions] = None)
func NewRealmKeystoreRsa(ctx *Context, name string, args RealmKeystoreRsaArgs, opts ...ResourceOption) (*RealmKeystoreRsa, error)
public RealmKeystoreRsa(string name, RealmKeystoreRsaArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RealmKeystoreRsaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args RealmKeystoreRsaArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RealmKeystoreRsaArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RealmKeystoreRsaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

RealmKeystoreRsa Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The RealmKeystoreRsa resource accepts the following input properties:

Certificate string
X509 Certificate encoded in PEM format.
PrivateKey string
Private RSA Key encoded in PEM format.
RealmId string
The realm this keystore exists in.
Active bool
When false, key in not used for signing. Defaults to true.
Algorithm string
Intended algorithm for the key. Defaults to RS256
Enabled bool
When false, key is not accessible in this realm. Defaults to true.
Name string
Display name of provider when linked in admin console.
Priority int
Priority for the provider. Defaults to 0
Certificate string
X509 Certificate encoded in PEM format.
PrivateKey string
Private RSA Key encoded in PEM format.
RealmId string
The realm this keystore exists in.
Active bool
When false, key in not used for signing. Defaults to true.
Algorithm string
Intended algorithm for the key. Defaults to RS256
Enabled bool
When false, key is not accessible in this realm. Defaults to true.
Name string
Display name of provider when linked in admin console.
Priority int
Priority for the provider. Defaults to 0
certificate string
X509 Certificate encoded in PEM format.
privateKey string
Private RSA Key encoded in PEM format.
realmId string
The realm this keystore exists in.
active boolean
When false, key in not used for signing. Defaults to true.
algorithm string
Intended algorithm for the key. Defaults to RS256
enabled boolean
When false, key is not accessible in this realm. Defaults to true.
name string
Display name of provider when linked in admin console.
priority number
Priority for the provider. Defaults to 0
certificate str
X509 Certificate encoded in PEM format.
private_key str
Private RSA Key encoded in PEM format.
realm_id str
The realm this keystore exists in.
active bool
When false, key in not used for signing. Defaults to true.
algorithm str
Intended algorithm for the key. Defaults to RS256
enabled bool
When false, key is not accessible in this realm. Defaults to true.
name str
Display name of provider when linked in admin console.
priority int
Priority for the provider. Defaults to 0

Outputs

All input properties are implicitly available as output properties. Additionally, the RealmKeystoreRsa resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing RealmKeystoreRsa Resource

Get an existing RealmKeystoreRsa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RealmKeystoreRsaState, opts?: CustomResourceOptions): RealmKeystoreRsa
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        active: Optional[bool] = None,
        algorithm: Optional[str] = None,
        certificate: Optional[str] = None,
        enabled: Optional[bool] = None,
        name: Optional[str] = None,
        priority: Optional[int] = None,
        private_key: Optional[str] = None,
        realm_id: Optional[str] = None) -> RealmKeystoreRsa
func GetRealmKeystoreRsa(ctx *Context, name string, id IDInput, state *RealmKeystoreRsaState, opts ...ResourceOption) (*RealmKeystoreRsa, error)
public static RealmKeystoreRsa Get(string name, Input<string> id, RealmKeystoreRsaState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Active bool
When false, key in not used for signing. Defaults to true.
Algorithm string
Intended algorithm for the key. Defaults to RS256
Certificate string
X509 Certificate encoded in PEM format.
Enabled bool
When false, key is not accessible in this realm. Defaults to true.
Name string
Display name of provider when linked in admin console.
Priority int
Priority for the provider. Defaults to 0
PrivateKey string
Private RSA Key encoded in PEM format.
RealmId string
The realm this keystore exists in.
Active bool
When false, key in not used for signing. Defaults to true.
Algorithm string
Intended algorithm for the key. Defaults to RS256
Certificate string
X509 Certificate encoded in PEM format.
Enabled bool
When false, key is not accessible in this realm. Defaults to true.
Name string
Display name of provider when linked in admin console.
Priority int
Priority for the provider. Defaults to 0
PrivateKey string
Private RSA Key encoded in PEM format.
RealmId string
The realm this keystore exists in.
active boolean
When false, key in not used for signing. Defaults to true.
algorithm string
Intended algorithm for the key. Defaults to RS256
certificate string
X509 Certificate encoded in PEM format.
enabled boolean
When false, key is not accessible in this realm. Defaults to true.
name string
Display name of provider when linked in admin console.
priority number
Priority for the provider. Defaults to 0
privateKey string
Private RSA Key encoded in PEM format.
realmId string
The realm this keystore exists in.
active bool
When false, key in not used for signing. Defaults to true.
algorithm str
Intended algorithm for the key. Defaults to RS256
certificate str
X509 Certificate encoded in PEM format.
enabled bool
When false, key is not accessible in this realm. Defaults to true.
name str
Display name of provider when linked in admin console.
priority int
Priority for the provider. Defaults to 0
private_key str
Private RSA Key encoded in PEM format.
realm_id str
The realm this keystore exists in.

Import

Realm keys can be imported using realm name and keystore id, you can find it in web UI. Examplebash

 $ pulumi import keycloak:index/realmKeystoreRsa:RealmKeystoreRsa keystore_rsa my-realm/my-realm/618cfba7-49aa-4c09-9a19-2f699b576f0b

Package Details

Repository
https://github.com/pulumi/pulumi-keycloak
License
Apache-2.0
Notes
This Pulumi package is based on the keycloak Terraform Provider.