keycloak.RealmKeystoreRsa
Allows for creating and managing rsa
Realm keystores within Keycloak.
A realm keystore manages generated key pairs that are used by Keycloak to perform cryptographic signatures and encryption.
Example Usage
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.RealmKeystoreRsa;
import com.pulumi.keycloak.RealmKeystoreRsaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.build());
var keystoreRsa = new RealmKeystoreRsa("keystoreRsa", RealmKeystoreRsaArgs.builder()
.realmId(realm.id())
.enabled(true)
.active(true)
.privateKey("<your rsa private key>")
.certificate("<your certificate>")
.priority(100)
.algorithm("RS256")
.keystoreSize(2048)
.build());
}
}
Coming soon!
Coming soon!
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
keystoreRsa:
type: keycloak:RealmKeystoreRsa
properties:
realmId: ${realm.id}
enabled: true
active: true
privateKey: <your rsa private key>
certificate: <your certificate>
priority: 100
algorithm: RS256
keystoreSize: 2048
Create RealmKeystoreRsa Resource
new RealmKeystoreRsa(name: string, args: RealmKeystoreRsaArgs, opts?: CustomResourceOptions);
@overload
def RealmKeystoreRsa(resource_name: str,
opts: Optional[ResourceOptions] = None,
active: Optional[bool] = None,
algorithm: Optional[str] = None,
certificate: Optional[str] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
priority: Optional[int] = None,
private_key: Optional[str] = None,
realm_id: Optional[str] = None)
@overload
def RealmKeystoreRsa(resource_name: str,
args: RealmKeystoreRsaArgs,
opts: Optional[ResourceOptions] = None)
func NewRealmKeystoreRsa(ctx *Context, name string, args RealmKeystoreRsaArgs, opts ...ResourceOption) (*RealmKeystoreRsa, error)
public RealmKeystoreRsa(string name, RealmKeystoreRsaArgs args, CustomResourceOptions? opts = null)
public RealmKeystoreRsa(String name, RealmKeystoreRsaArgs args)
public RealmKeystoreRsa(String name, RealmKeystoreRsaArgs args, CustomResourceOptions options)
type: keycloak:RealmKeystoreRsa
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RealmKeystoreRsaArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RealmKeystoreRsaArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RealmKeystoreRsaArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RealmKeystoreRsaArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RealmKeystoreRsaArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
RealmKeystoreRsa Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RealmKeystoreRsa resource accepts the following input properties:
- Certificate string
X509 Certificate encoded in PEM format.
- Private
Key string Private RSA Key encoded in PEM format.
- Realm
Id string The realm this keystore exists in.
- Active bool
When
false
, key in not used for signing. Defaults totrue
.- Algorithm string
Intended algorithm for the key. Defaults to
RS256
- Enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- Name string
Display name of provider when linked in admin console.
- Priority int
Priority for the provider. Defaults to
0
- Certificate string
X509 Certificate encoded in PEM format.
- Private
Key string Private RSA Key encoded in PEM format.
- Realm
Id string The realm this keystore exists in.
- Active bool
When
false
, key in not used for signing. Defaults totrue
.- Algorithm string
Intended algorithm for the key. Defaults to
RS256
- Enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- Name string
Display name of provider when linked in admin console.
- Priority int
Priority for the provider. Defaults to
0
- certificate String
X509 Certificate encoded in PEM format.
- private
Key String Private RSA Key encoded in PEM format.
- realm
Id String The realm this keystore exists in.
- active Boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm String
Intended algorithm for the key. Defaults to
RS256
- enabled Boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name String
Display name of provider when linked in admin console.
- priority Integer
Priority for the provider. Defaults to
0
- certificate string
X509 Certificate encoded in PEM format.
- private
Key string Private RSA Key encoded in PEM format.
- realm
Id string The realm this keystore exists in.
- active boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm string
Intended algorithm for the key. Defaults to
RS256
- enabled boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name string
Display name of provider when linked in admin console.
- priority number
Priority for the provider. Defaults to
0
- certificate str
X509 Certificate encoded in PEM format.
- private_
key str Private RSA Key encoded in PEM format.
- realm_
id str The realm this keystore exists in.
- active bool
When
false
, key in not used for signing. Defaults totrue
.- algorithm str
Intended algorithm for the key. Defaults to
RS256
- enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- name str
Display name of provider when linked in admin console.
- priority int
Priority for the provider. Defaults to
0
- certificate String
X509 Certificate encoded in PEM format.
- private
Key String Private RSA Key encoded in PEM format.
- realm
Id String The realm this keystore exists in.
- active Boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm String
Intended algorithm for the key. Defaults to
RS256
- enabled Boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name String
Display name of provider when linked in admin console.
- priority Number
Priority for the provider. Defaults to
0
Outputs
All input properties are implicitly available as output properties. Additionally, the RealmKeystoreRsa resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing RealmKeystoreRsa Resource
Get an existing RealmKeystoreRsa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RealmKeystoreRsaState, opts?: CustomResourceOptions): RealmKeystoreRsa
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active: Optional[bool] = None,
algorithm: Optional[str] = None,
certificate: Optional[str] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
priority: Optional[int] = None,
private_key: Optional[str] = None,
realm_id: Optional[str] = None) -> RealmKeystoreRsa
func GetRealmKeystoreRsa(ctx *Context, name string, id IDInput, state *RealmKeystoreRsaState, opts ...ResourceOption) (*RealmKeystoreRsa, error)
public static RealmKeystoreRsa Get(string name, Input<string> id, RealmKeystoreRsaState? state, CustomResourceOptions? opts = null)
public static RealmKeystoreRsa get(String name, Output<String> id, RealmKeystoreRsaState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active bool
When
false
, key in not used for signing. Defaults totrue
.- Algorithm string
Intended algorithm for the key. Defaults to
RS256
- Certificate string
X509 Certificate encoded in PEM format.
- Enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- Name string
Display name of provider when linked in admin console.
- Priority int
Priority for the provider. Defaults to
0
- Private
Key string Private RSA Key encoded in PEM format.
- Realm
Id string The realm this keystore exists in.
- Active bool
When
false
, key in not used for signing. Defaults totrue
.- Algorithm string
Intended algorithm for the key. Defaults to
RS256
- Certificate string
X509 Certificate encoded in PEM format.
- Enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- Name string
Display name of provider when linked in admin console.
- Priority int
Priority for the provider. Defaults to
0
- Private
Key string Private RSA Key encoded in PEM format.
- Realm
Id string The realm this keystore exists in.
- active Boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm String
Intended algorithm for the key. Defaults to
RS256
- certificate String
X509 Certificate encoded in PEM format.
- enabled Boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name String
Display name of provider when linked in admin console.
- priority Integer
Priority for the provider. Defaults to
0
- private
Key String Private RSA Key encoded in PEM format.
- realm
Id String The realm this keystore exists in.
- active boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm string
Intended algorithm for the key. Defaults to
RS256
- certificate string
X509 Certificate encoded in PEM format.
- enabled boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name string
Display name of provider when linked in admin console.
- priority number
Priority for the provider. Defaults to
0
- private
Key string Private RSA Key encoded in PEM format.
- realm
Id string The realm this keystore exists in.
- active bool
When
false
, key in not used for signing. Defaults totrue
.- algorithm str
Intended algorithm for the key. Defaults to
RS256
- certificate str
X509 Certificate encoded in PEM format.
- enabled bool
When
false
, key is not accessible in this realm. Defaults totrue
.- name str
Display name of provider when linked in admin console.
- priority int
Priority for the provider. Defaults to
0
- private_
key str Private RSA Key encoded in PEM format.
- realm_
id str The realm this keystore exists in.
- active Boolean
When
false
, key in not used for signing. Defaults totrue
.- algorithm String
Intended algorithm for the key. Defaults to
RS256
- certificate String
X509 Certificate encoded in PEM format.
- enabled Boolean
When
false
, key is not accessible in this realm. Defaults totrue
.- name String
Display name of provider when linked in admin console.
- priority Number
Priority for the provider. Defaults to
0
- private
Key String Private RSA Key encoded in PEM format.
- realm
Id String The realm this keystore exists in.
Import
Realm keys can be imported using realm name and keystore id, you can find it in web UI. Examplebash
$ pulumi import keycloak:index/realmKeystoreRsa:RealmKeystoreRsa keystore_rsa my-realm/618cfba7-49aa-4c09-9a19-2f699b576f0b
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
keycloak
Terraform Provider.