keycloak.saml.ClientDefaultScope
Explore with Pulumi AI
Import
This resource does not support import. Instead of importing, feel free to create this resource as if it did not already exist on the server.
Example Usage
using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var realm = new Keycloak.Realm("realm", new()
{
RealmName = "my-realm",
Enabled = true,
});
var samlClient = new Keycloak.Saml.Client("samlClient", new()
{
RealmId = realm.Id,
ClientId = "saml-client",
SignDocuments = false,
SignAssertions = true,
IncludeAuthnStatement = true,
SigningCertificate = File.ReadAllText("saml-cert.pem"),
SigningPrivateKey = File.ReadAllText("saml-key.pem"),
});
var clientScope = new Keycloak.Saml.ClientScope("clientScope", new()
{
RealmId = realm.Id,
});
var clientDefaultScopes = new Keycloak.Saml.ClientDefaultScope("clientDefaultScopes", new()
{
RealmId = realm.Id,
ClientId = keycloak_saml_client.Client.Id,
DefaultScopes = new[]
{
"role_list",
clientScope.Name,
},
});
});
package main
import (
"os"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
Realm: pulumi.String("my-realm"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
RealmId: realm.ID(),
ClientId: pulumi.String("saml-client"),
SignDocuments: pulumi.Bool(false),
SignAssertions: pulumi.Bool(true),
IncludeAuthnStatement: pulumi.Bool(true),
SigningCertificate: readFileOrPanic("saml-cert.pem"),
SigningPrivateKey: readFileOrPanic("saml-key.pem"),
})
if err != nil {
return err
}
clientScope, err := saml.NewClientScope(ctx, "clientScope", &saml.ClientScopeArgs{
RealmId: realm.ID(),
})
if err != nil {
return err
}
_, err = saml.NewClientDefaultScope(ctx, "clientDefaultScopes", &saml.ClientDefaultScopeArgs{
RealmId: realm.ID(),
ClientId: pulumi.Any(keycloak_saml_client.Client.Id),
DefaultScopes: pulumi.StringArray{
pulumi.String("role_list"),
clientScope.Name,
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.saml.Client;
import com.pulumi.keycloak.saml.ClientArgs;
import com.pulumi.keycloak.saml.ClientScope;
import com.pulumi.keycloak.saml.ClientScopeArgs;
import com.pulumi.keycloak.saml.ClientDefaultScope;
import com.pulumi.keycloak.saml.ClientDefaultScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("my-realm")
.enabled(true)
.build());
var samlClient = new Client("samlClient", ClientArgs.builder()
.realmId(realm.id())
.clientId("saml-client")
.signDocuments(false)
.signAssertions(true)
.includeAuthnStatement(true)
.signingCertificate(Files.readString(Paths.get("saml-cert.pem")))
.signingPrivateKey(Files.readString(Paths.get("saml-key.pem")))
.build());
var clientScope = new ClientScope("clientScope", ClientScopeArgs.builder()
.realmId(realm.id())
.build());
var clientDefaultScopes = new ClientDefaultScope("clientDefaultScopes", ClientDefaultScopeArgs.builder()
.realmId(realm.id())
.clientId(keycloak_saml_client.client().id())
.defaultScopes(
"role_list",
clientScope.name())
.build());
}
}
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
realm="my-realm",
enabled=True)
saml_client = keycloak.saml.Client("samlClient",
realm_id=realm.id,
client_id="saml-client",
sign_documents=False,
sign_assertions=True,
include_authn_statement=True,
signing_certificate=(lambda path: open(path).read())("saml-cert.pem"),
signing_private_key=(lambda path: open(path).read())("saml-key.pem"))
client_scope = keycloak.saml.ClientScope("clientScope", realm_id=realm.id)
client_default_scopes = keycloak.saml.ClientDefaultScope("clientDefaultScopes",
realm_id=realm.id,
client_id=keycloak_saml_client["client"]["id"],
default_scopes=[
"role_list",
client_scope.name,
])
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
realm: "my-realm",
enabled: true,
});
const samlClient = new keycloak.saml.Client("samlClient", {
realmId: realm.id,
clientId: "saml-client",
signDocuments: false,
signAssertions: true,
includeAuthnStatement: true,
signingCertificate: fs.readFileSync("saml-cert.pem"),
signingPrivateKey: fs.readFileSync("saml-key.pem"),
});
const clientScope = new keycloak.saml.ClientScope("clientScope", {realmId: realm.id});
const clientDefaultScopes = new keycloak.saml.ClientDefaultScope("clientDefaultScopes", {
realmId: realm.id,
clientId: keycloak_saml_client.client.id,
defaultScopes: [
"role_list",
clientScope.name,
],
});
resources:
realm:
type: keycloak:Realm
properties:
realm: my-realm
enabled: true
samlClient:
type: keycloak:saml:Client
properties:
realmId: ${realm.id}
clientId: saml-client
signDocuments: false
signAssertions: true
includeAuthnStatement: true
signingCertificate:
fn::readFile: saml-cert.pem
signingPrivateKey:
fn::readFile: saml-key.pem
clientScope:
type: keycloak:saml:ClientScope
properties:
realmId: ${realm.id}
clientDefaultScopes:
type: keycloak:saml:ClientDefaultScope
properties:
realmId: ${realm.id}
clientId: ${keycloak_saml_client.client.id}
defaultScopes:
- role_list
- ${clientScope.name}
Create ClientDefaultScope Resource
new ClientDefaultScope(name: string, args: ClientDefaultScopeArgs, opts?: CustomResourceOptions);
@overload
def ClientDefaultScope(resource_name: str,
opts: Optional[ResourceOptions] = None,
client_id: Optional[str] = None,
default_scopes: Optional[Sequence[str]] = None,
realm_id: Optional[str] = None)
@overload
def ClientDefaultScope(resource_name: str,
args: ClientDefaultScopeArgs,
opts: Optional[ResourceOptions] = None)
func NewClientDefaultScope(ctx *Context, name string, args ClientDefaultScopeArgs, opts ...ResourceOption) (*ClientDefaultScope, error)
public ClientDefaultScope(string name, ClientDefaultScopeArgs args, CustomResourceOptions? opts = null)
public ClientDefaultScope(String name, ClientDefaultScopeArgs args)
public ClientDefaultScope(String name, ClientDefaultScopeArgs args, CustomResourceOptions options)
type: keycloak:saml:ClientDefaultScope
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientDefaultScopeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClientDefaultScopeArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClientDefaultScopeArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientDefaultScopeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClientDefaultScopeArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ClientDefaultScope Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ClientDefaultScope resource accepts the following input properties:
- Client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- Default
Scopes List<string> An array of client scope names to attach to this client.
- Realm
Id string The realm this client and scopes exists in.
- Client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- Default
Scopes []string An array of client scope names to attach to this client.
- Realm
Id string The realm this client and scopes exists in.
- client
Id String The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes List<String> An array of client scope names to attach to this client.
- realm
Id String The realm this client and scopes exists in.
- client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes string[] An array of client scope names to attach to this client.
- realm
Id string The realm this client and scopes exists in.
- client_
id str The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default_
scopes Sequence[str] An array of client scope names to attach to this client.
- realm_
id str The realm this client and scopes exists in.
- client
Id String The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes List<String> An array of client scope names to attach to this client.
- realm
Id String The realm this client and scopes exists in.
Outputs
All input properties are implicitly available as output properties. Additionally, the ClientDefaultScope resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing ClientDefaultScope Resource
Get an existing ClientDefaultScope resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ClientDefaultScopeState, opts?: CustomResourceOptions): ClientDefaultScope
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
client_id: Optional[str] = None,
default_scopes: Optional[Sequence[str]] = None,
realm_id: Optional[str] = None) -> ClientDefaultScope
func GetClientDefaultScope(ctx *Context, name string, id IDInput, state *ClientDefaultScopeState, opts ...ResourceOption) (*ClientDefaultScope, error)
public static ClientDefaultScope Get(string name, Input<string> id, ClientDefaultScopeState? state, CustomResourceOptions? opts = null)
public static ClientDefaultScope get(String name, Output<String> id, ClientDefaultScopeState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- Default
Scopes List<string> An array of client scope names to attach to this client.
- Realm
Id string The realm this client and scopes exists in.
- Client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- Default
Scopes []string An array of client scope names to attach to this client.
- Realm
Id string The realm this client and scopes exists in.
- client
Id String The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes List<String> An array of client scope names to attach to this client.
- realm
Id String The realm this client and scopes exists in.
- client
Id string The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes string[] An array of client scope names to attach to this client.
- realm
Id string The realm this client and scopes exists in.
- client_
id str The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default_
scopes Sequence[str] An array of client scope names to attach to this client.
- realm_
id str The realm this client and scopes exists in.
- client
Id String The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
- default
Scopes List<String> An array of client scope names to attach to this client.
- realm
Id String The realm this client and scopes exists in.
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
keycloak
Terraform Provider.