1. Packages
  2. Keycloak Provider
  3. API Docs
  4. RealmKeystoreRsa
Keycloak v5.4.0 published on Monday, Dec 9, 2024 by Pulumi

keycloak.RealmKeystoreRsa

Explore with Pulumi AI

keycloak logo
Keycloak v5.4.0 published on Monday, Dec 9, 2024 by Pulumi

    Allows for creating and managing rsa Realm keystores within Keycloak.

    A realm keystore manages generated key pairs that are used by Keycloak to perform cryptographic signatures and encryption.

    Example Usage

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    resources:
      realm:
        type: keycloak:Realm
        properties:
          realm: my-realm
      keystoreRsa:
        type: keycloak:RealmKeystoreRsa
        name: keystore_rsa
        properties:
          name: my-rsa-key
          realmId: ${realm.id}
          enabled: true
          active: true
          privateKey: <your rsa private key>
          certificate: <your certificate>
          priority: 100
          algorithm: RS256
          keystoreSize: 2048
          providerId: rsa
    

    Create RealmKeystoreRsa Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new RealmKeystoreRsa(name: string, args: RealmKeystoreRsaArgs, opts?: CustomResourceOptions);
    @overload
    def RealmKeystoreRsa(resource_name: str,
                         args: RealmKeystoreRsaArgs,
                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def RealmKeystoreRsa(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         certificate: Optional[str] = None,
                         private_key: Optional[str] = None,
                         realm_id: Optional[str] = None,
                         active: Optional[bool] = None,
                         algorithm: Optional[str] = None,
                         enabled: Optional[bool] = None,
                         name: Optional[str] = None,
                         priority: Optional[int] = None,
                         provider_id: Optional[str] = None)
    func NewRealmKeystoreRsa(ctx *Context, name string, args RealmKeystoreRsaArgs, opts ...ResourceOption) (*RealmKeystoreRsa, error)
    public RealmKeystoreRsa(string name, RealmKeystoreRsaArgs args, CustomResourceOptions? opts = null)
    public RealmKeystoreRsa(String name, RealmKeystoreRsaArgs args)
    public RealmKeystoreRsa(String name, RealmKeystoreRsaArgs args, CustomResourceOptions options)
    
    type: keycloak:RealmKeystoreRsa
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args RealmKeystoreRsaArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RealmKeystoreRsaArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RealmKeystoreRsaArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RealmKeystoreRsaArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RealmKeystoreRsaArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var realmKeystoreRsaResource = new Keycloak.RealmKeystoreRsa("realmKeystoreRsaResource", new()
    {
        Certificate = "string",
        PrivateKey = "string",
        RealmId = "string",
        Active = false,
        Algorithm = "string",
        Enabled = false,
        Name = "string",
        Priority = 0,
        ProviderId = "string",
    });
    
    example, err := keycloak.NewRealmKeystoreRsa(ctx, "realmKeystoreRsaResource", &keycloak.RealmKeystoreRsaArgs{
    	Certificate: pulumi.String("string"),
    	PrivateKey:  pulumi.String("string"),
    	RealmId:     pulumi.String("string"),
    	Active:      pulumi.Bool(false),
    	Algorithm:   pulumi.String("string"),
    	Enabled:     pulumi.Bool(false),
    	Name:        pulumi.String("string"),
    	Priority:    pulumi.Int(0),
    	ProviderId:  pulumi.String("string"),
    })
    
    var realmKeystoreRsaResource = new RealmKeystoreRsa("realmKeystoreRsaResource", RealmKeystoreRsaArgs.builder()
        .certificate("string")
        .privateKey("string")
        .realmId("string")
        .active(false)
        .algorithm("string")
        .enabled(false)
        .name("string")
        .priority(0)
        .providerId("string")
        .build());
    
    realm_keystore_rsa_resource = keycloak.RealmKeystoreRsa("realmKeystoreRsaResource",
        certificate="string",
        private_key="string",
        realm_id="string",
        active=False,
        algorithm="string",
        enabled=False,
        name="string",
        priority=0,
        provider_id="string")
    
    const realmKeystoreRsaResource = new keycloak.RealmKeystoreRsa("realmKeystoreRsaResource", {
        certificate: "string",
        privateKey: "string",
        realmId: "string",
        active: false,
        algorithm: "string",
        enabled: false,
        name: "string",
        priority: 0,
        providerId: "string",
    });
    
    type: keycloak:RealmKeystoreRsa
    properties:
        active: false
        algorithm: string
        certificate: string
        enabled: false
        name: string
        priority: 0
        privateKey: string
        providerId: string
        realmId: string
    

    RealmKeystoreRsa Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The RealmKeystoreRsa resource accepts the following input properties:

    Certificate string
    X509 Certificate encoded in PEM format.
    PrivateKey string
    Private RSA Key encoded in PEM format.
    RealmId string
    The realm this keystore exists in.
    Active bool
    When false, key in not used for signing. Defaults to true.
    Algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    Enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    Name string
    Display name of provider when linked in admin console.
    Priority int
    Priority for the provider. Defaults to 0
    ProviderId string
    Use rsa for signing keys, rsa-enc for encryption keys
    Certificate string
    X509 Certificate encoded in PEM format.
    PrivateKey string
    Private RSA Key encoded in PEM format.
    RealmId string
    The realm this keystore exists in.
    Active bool
    When false, key in not used for signing. Defaults to true.
    Algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    Enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    Name string
    Display name of provider when linked in admin console.
    Priority int
    Priority for the provider. Defaults to 0
    ProviderId string
    Use rsa for signing keys, rsa-enc for encryption keys
    certificate String
    X509 Certificate encoded in PEM format.
    privateKey String
    Private RSA Key encoded in PEM format.
    realmId String
    The realm this keystore exists in.
    active Boolean
    When false, key in not used for signing. Defaults to true.
    algorithm String
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    enabled Boolean
    When false, key is not accessible in this realm. Defaults to true.
    name String
    Display name of provider when linked in admin console.
    priority Integer
    Priority for the provider. Defaults to 0
    providerId String
    Use rsa for signing keys, rsa-enc for encryption keys
    certificate string
    X509 Certificate encoded in PEM format.
    privateKey string
    Private RSA Key encoded in PEM format.
    realmId string
    The realm this keystore exists in.
    active boolean
    When false, key in not used for signing. Defaults to true.
    algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    enabled boolean
    When false, key is not accessible in this realm. Defaults to true.
    name string
    Display name of provider when linked in admin console.
    priority number
    Priority for the provider. Defaults to 0
    providerId string
    Use rsa for signing keys, rsa-enc for encryption keys
    certificate str
    X509 Certificate encoded in PEM format.
    private_key str
    Private RSA Key encoded in PEM format.
    realm_id str
    The realm this keystore exists in.
    active bool
    When false, key in not used for signing. Defaults to true.
    algorithm str
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    name str
    Display name of provider when linked in admin console.
    priority int
    Priority for the provider. Defaults to 0
    provider_id str
    Use rsa for signing keys, rsa-enc for encryption keys
    certificate String
    X509 Certificate encoded in PEM format.
    privateKey String
    Private RSA Key encoded in PEM format.
    realmId String
    The realm this keystore exists in.
    active Boolean
    When false, key in not used for signing. Defaults to true.
    algorithm String
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    enabled Boolean
    When false, key is not accessible in this realm. Defaults to true.
    name String
    Display name of provider when linked in admin console.
    priority Number
    Priority for the provider. Defaults to 0
    providerId String
    Use rsa for signing keys, rsa-enc for encryption keys

    Outputs

    All input properties are implicitly available as output properties. Additionally, the RealmKeystoreRsa resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing RealmKeystoreRsa Resource

    Get an existing RealmKeystoreRsa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RealmKeystoreRsaState, opts?: CustomResourceOptions): RealmKeystoreRsa
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            active: Optional[bool] = None,
            algorithm: Optional[str] = None,
            certificate: Optional[str] = None,
            enabled: Optional[bool] = None,
            name: Optional[str] = None,
            priority: Optional[int] = None,
            private_key: Optional[str] = None,
            provider_id: Optional[str] = None,
            realm_id: Optional[str] = None) -> RealmKeystoreRsa
    func GetRealmKeystoreRsa(ctx *Context, name string, id IDInput, state *RealmKeystoreRsaState, opts ...ResourceOption) (*RealmKeystoreRsa, error)
    public static RealmKeystoreRsa Get(string name, Input<string> id, RealmKeystoreRsaState? state, CustomResourceOptions? opts = null)
    public static RealmKeystoreRsa get(String name, Output<String> id, RealmKeystoreRsaState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Active bool
    When false, key in not used for signing. Defaults to true.
    Algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    Certificate string
    X509 Certificate encoded in PEM format.
    Enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    Name string
    Display name of provider when linked in admin console.
    Priority int
    Priority for the provider. Defaults to 0
    PrivateKey string
    Private RSA Key encoded in PEM format.
    ProviderId string
    Use rsa for signing keys, rsa-enc for encryption keys
    RealmId string
    The realm this keystore exists in.
    Active bool
    When false, key in not used for signing. Defaults to true.
    Algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    Certificate string
    X509 Certificate encoded in PEM format.
    Enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    Name string
    Display name of provider when linked in admin console.
    Priority int
    Priority for the provider. Defaults to 0
    PrivateKey string
    Private RSA Key encoded in PEM format.
    ProviderId string
    Use rsa for signing keys, rsa-enc for encryption keys
    RealmId string
    The realm this keystore exists in.
    active Boolean
    When false, key in not used for signing. Defaults to true.
    algorithm String
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    certificate String
    X509 Certificate encoded in PEM format.
    enabled Boolean
    When false, key is not accessible in this realm. Defaults to true.
    name String
    Display name of provider when linked in admin console.
    priority Integer
    Priority for the provider. Defaults to 0
    privateKey String
    Private RSA Key encoded in PEM format.
    providerId String
    Use rsa for signing keys, rsa-enc for encryption keys
    realmId String
    The realm this keystore exists in.
    active boolean
    When false, key in not used for signing. Defaults to true.
    algorithm string
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    certificate string
    X509 Certificate encoded in PEM format.
    enabled boolean
    When false, key is not accessible in this realm. Defaults to true.
    name string
    Display name of provider when linked in admin console.
    priority number
    Priority for the provider. Defaults to 0
    privateKey string
    Private RSA Key encoded in PEM format.
    providerId string
    Use rsa for signing keys, rsa-enc for encryption keys
    realmId string
    The realm this keystore exists in.
    active bool
    When false, key in not used for signing. Defaults to true.
    algorithm str
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    certificate str
    X509 Certificate encoded in PEM format.
    enabled bool
    When false, key is not accessible in this realm. Defaults to true.
    name str
    Display name of provider when linked in admin console.
    priority int
    Priority for the provider. Defaults to 0
    private_key str
    Private RSA Key encoded in PEM format.
    provider_id str
    Use rsa for signing keys, rsa-enc for encryption keys
    realm_id str
    The realm this keystore exists in.
    active Boolean
    When false, key in not used for signing. Defaults to true.
    algorithm String
    Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
    certificate String
    X509 Certificate encoded in PEM format.
    enabled Boolean
    When false, key is not accessible in this realm. Defaults to true.
    name String
    Display name of provider when linked in admin console.
    priority Number
    Priority for the provider. Defaults to 0
    privateKey String
    Private RSA Key encoded in PEM format.
    providerId String
    Use rsa for signing keys, rsa-enc for encryption keys
    realmId String
    The realm this keystore exists in.

    Import

    Realm keys can be imported using realm name and keystore id, you can find it in web UI.

    Example:

    bash

    $ pulumi import keycloak:index/realmKeystoreRsa:RealmKeystoreRsa keystore_rsa my-realm/618cfba7-49aa-4c09-9a19-2f699b576f0b
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v5.4.0 published on Monday, Dec 9, 2024 by Pulumi