1. Docs
  2. Reference
  3. API
  4. Keycloak
  5. Realm

Realm

Create a Realm Resource

new Realm(name: string, args: RealmArgs, opts?: CustomResourceOptions);
def Realm(resource_name, opts=None, access_code_lifespan=None, access_code_lifespan_login=None, access_code_lifespan_user_action=None, access_token_lifespan=None, access_token_lifespan_for_implicit_flow=None, account_theme=None, action_token_generated_by_admin_lifespan=None, action_token_generated_by_user_lifespan=None, admin_theme=None, attributes=None, browser_flow=None, client_authentication_flow=None, direct_grant_flow=None, display_name=None, display_name_html=None, docker_authentication_flow=None, duplicate_emails_allowed=None, edit_username_allowed=None, email_theme=None, enabled=None, internationalization=None, login_theme=None, login_with_email_allowed=None, offline_session_idle_timeout=None, offline_session_max_lifespan=None, password_policy=None, realm=None, refresh_token_max_reuse=None, registration_allowed=None, registration_email_as_username=None, registration_flow=None, remember_me=None, reset_credentials_flow=None, reset_password_allowed=None, revoke_refresh_token=None, security_defenses=None, smtp_server=None, ssl_required=None, sso_session_idle_timeout=None, sso_session_max_lifespan=None, user_managed_access=None, verify_email=None, __props__=None);
func NewRealm(ctx *Context, name string, args RealmArgs, opts ...ResourceOption) (*Realm, error)
public Realm(string name, RealmArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RealmArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RealmArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RealmArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Realm Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Realm resource accepts the following input properties:

RealmName string
AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes Dictionary<string, object>
BrowserFlow string

Which flow should be used for BrowserFlow

ClientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

DirectGrantFlow string

Which flow should be used for DirectGrantFlow

DisplayName string
DisplayNameHtml string
DockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
Internationalization RealmInternationalizationArgs
LoginTheme string
LoginWithEmailAllowed bool
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
PasswordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string

Which flow should be used for RegistrationFlow

RememberMe bool
ResetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses RealmSecurityDefensesArgs
SmtpServer RealmSmtpServerArgs
SslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

SsoSessionIdleTimeout string
SsoSessionMaxLifespan string
UserManagedAccess bool
VerifyEmail bool
Realm string
AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes map[string]interface{}
BrowserFlow string

Which flow should be used for BrowserFlow

ClientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

DirectGrantFlow string

Which flow should be used for DirectGrantFlow

DisplayName string
DisplayNameHtml string
DockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
Internationalization RealmInternationalization
LoginTheme string
LoginWithEmailAllowed bool
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
PasswordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string

Which flow should be used for RegistrationFlow

RememberMe bool
ResetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses RealmSecurityDefenses
SmtpServer RealmSmtpServer
SslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

SsoSessionIdleTimeout string
SsoSessionMaxLifespan string
UserManagedAccess bool
VerifyEmail bool
realm string
accessCodeLifespan string
accessCodeLifespanLogin string
accessCodeLifespanUserAction string
accessTokenLifespan string
accessTokenLifespanForImplicitFlow string
accountTheme string
actionTokenGeneratedByAdminLifespan string
actionTokenGeneratedByUserLifespan string
adminTheme string
attributes {[key: string]: any}
browserFlow string

Which flow should be used for BrowserFlow

clientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

directGrantFlow string

Which flow should be used for DirectGrantFlow

displayName string
displayNameHtml string
dockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

duplicateEmailsAllowed boolean
editUsernameAllowed boolean
emailTheme string
enabled boolean
internationalization RealmInternationalization
loginTheme string
loginWithEmailAllowed boolean
offlineSessionIdleTimeout string
offlineSessionMaxLifespan string
passwordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

refreshTokenMaxReuse number
registrationAllowed boolean
registrationEmailAsUsername boolean
registrationFlow string

Which flow should be used for RegistrationFlow

rememberMe boolean
resetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

resetPasswordAllowed boolean
revokeRefreshToken boolean
securityDefenses RealmSecurityDefenses
smtpServer RealmSmtpServer
sslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

ssoSessionIdleTimeout string
ssoSessionMaxLifespan string
userManagedAccess boolean
verifyEmail boolean
realm str
access_code_lifespan str
access_code_lifespan_login str
access_code_lifespan_user_action str
access_token_lifespan str
access_token_lifespan_for_implicit_flow str
account_theme str
action_token_generated_by_admin_lifespan str
action_token_generated_by_user_lifespan str
admin_theme str
attributes Dict[str, Any]
browser_flow str

Which flow should be used for BrowserFlow

client_authentication_flow str

Which flow should be used for ClientAuthenticationFlow

direct_grant_flow str

Which flow should be used for DirectGrantFlow

display_name str
display_name_html str
docker_authentication_flow str

Which flow should be used for DockerAuthenticationFlow

duplicate_emails_allowed bool
edit_username_allowed bool
email_theme str
enabled bool
internationalization Dict[RealmInternationalization]
login_theme str
login_with_email_allowed bool
offline_session_idle_timeout str
offline_session_max_lifespan str
password_policy str

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

refresh_token_max_reuse float
registration_allowed bool
registration_email_as_username bool
registration_flow str

Which flow should be used for RegistrationFlow

remember_me bool
reset_credentials_flow str

Which flow should be used for ResetCredentialsFlow

reset_password_allowed bool
revoke_refresh_token bool
security_defenses Dict[RealmSecurityDefenses]
smtp_server Dict[RealmSmtpServer]
ssl_required str

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

sso_session_idle_timeout str
sso_session_max_lifespan str
user_managed_access bool
verify_email bool

Outputs

All input properties are implicitly available as output properties. Additionally, the Realm resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
InternalId string
Id string
The provider-assigned unique ID for this managed resource.
InternalId string
id string
The provider-assigned unique ID for this managed resource.
internalId string
id str
The provider-assigned unique ID for this managed resource.
internal_id str

Look up an Existing Realm Resource

Get an existing Realm resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RealmState, opts?: CustomResourceOptions): Realm
static get(resource_name, id, opts=None, access_code_lifespan=None, access_code_lifespan_login=None, access_code_lifespan_user_action=None, access_token_lifespan=None, access_token_lifespan_for_implicit_flow=None, account_theme=None, action_token_generated_by_admin_lifespan=None, action_token_generated_by_user_lifespan=None, admin_theme=None, attributes=None, browser_flow=None, client_authentication_flow=None, direct_grant_flow=None, display_name=None, display_name_html=None, docker_authentication_flow=None, duplicate_emails_allowed=None, edit_username_allowed=None, email_theme=None, enabled=None, internal_id=None, internationalization=None, login_theme=None, login_with_email_allowed=None, offline_session_idle_timeout=None, offline_session_max_lifespan=None, password_policy=None, realm=None, refresh_token_max_reuse=None, registration_allowed=None, registration_email_as_username=None, registration_flow=None, remember_me=None, reset_credentials_flow=None, reset_password_allowed=None, revoke_refresh_token=None, security_defenses=None, smtp_server=None, ssl_required=None, sso_session_idle_timeout=None, sso_session_max_lifespan=None, user_managed_access=None, verify_email=None, __props__=None);
func GetRealm(ctx *Context, name string, id IDInput, state *RealmState, opts ...ResourceOption) (*Realm, error)
public static Realm Get(string name, Input<string> id, RealmState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes Dictionary<string, object>
BrowserFlow string

Which flow should be used for BrowserFlow

ClientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

DirectGrantFlow string

Which flow should be used for DirectGrantFlow

DisplayName string
DisplayNameHtml string
DockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
InternalId string
Internationalization RealmInternationalizationArgs
LoginTheme string
LoginWithEmailAllowed bool
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
PasswordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

RealmName string
RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string

Which flow should be used for RegistrationFlow

RememberMe bool
ResetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses RealmSecurityDefensesArgs
SmtpServer RealmSmtpServerArgs
SslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

SsoSessionIdleTimeout string
SsoSessionMaxLifespan string
UserManagedAccess bool
VerifyEmail bool
AccessCodeLifespan string
AccessCodeLifespanLogin string
AccessCodeLifespanUserAction string
AccessTokenLifespan string
AccessTokenLifespanForImplicitFlow string
AccountTheme string
ActionTokenGeneratedByAdminLifespan string
ActionTokenGeneratedByUserLifespan string
AdminTheme string
Attributes map[string]interface{}
BrowserFlow string

Which flow should be used for BrowserFlow

ClientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

DirectGrantFlow string

Which flow should be used for DirectGrantFlow

DisplayName string
DisplayNameHtml string
DockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

DuplicateEmailsAllowed bool
EditUsernameAllowed bool
EmailTheme string
Enabled bool
InternalId string
Internationalization RealmInternationalization
LoginTheme string
LoginWithEmailAllowed bool
OfflineSessionIdleTimeout string
OfflineSessionMaxLifespan string
PasswordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

Realm string
RefreshTokenMaxReuse int
RegistrationAllowed bool
RegistrationEmailAsUsername bool
RegistrationFlow string

Which flow should be used for RegistrationFlow

RememberMe bool
ResetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

ResetPasswordAllowed bool
RevokeRefreshToken bool
SecurityDefenses RealmSecurityDefenses
SmtpServer RealmSmtpServer
SslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

SsoSessionIdleTimeout string
SsoSessionMaxLifespan string
UserManagedAccess bool
VerifyEmail bool
accessCodeLifespan string
accessCodeLifespanLogin string
accessCodeLifespanUserAction string
accessTokenLifespan string
accessTokenLifespanForImplicitFlow string
accountTheme string
actionTokenGeneratedByAdminLifespan string
actionTokenGeneratedByUserLifespan string
adminTheme string
attributes {[key: string]: any}
browserFlow string

Which flow should be used for BrowserFlow

clientAuthenticationFlow string

Which flow should be used for ClientAuthenticationFlow

directGrantFlow string

Which flow should be used for DirectGrantFlow

displayName string
displayNameHtml string
dockerAuthenticationFlow string

Which flow should be used for DockerAuthenticationFlow

duplicateEmailsAllowed boolean
editUsernameAllowed boolean
emailTheme string
enabled boolean
internalId string
internationalization RealmInternationalization
loginTheme string
loginWithEmailAllowed boolean
offlineSessionIdleTimeout string
offlineSessionMaxLifespan string
passwordPolicy string

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

realm string
refreshTokenMaxReuse number
registrationAllowed boolean
registrationEmailAsUsername boolean
registrationFlow string

Which flow should be used for RegistrationFlow

rememberMe boolean
resetCredentialsFlow string

Which flow should be used for ResetCredentialsFlow

resetPasswordAllowed boolean
revokeRefreshToken boolean
securityDefenses RealmSecurityDefenses
smtpServer RealmSmtpServer
sslRequired string

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

ssoSessionIdleTimeout string
ssoSessionMaxLifespan string
userManagedAccess boolean
verifyEmail boolean
access_code_lifespan str
access_code_lifespan_login str
access_code_lifespan_user_action str
access_token_lifespan str
access_token_lifespan_for_implicit_flow str
account_theme str
action_token_generated_by_admin_lifespan str
action_token_generated_by_user_lifespan str
admin_theme str
attributes Dict[str, Any]
browser_flow str

Which flow should be used for BrowserFlow

client_authentication_flow str

Which flow should be used for ClientAuthenticationFlow

direct_grant_flow str

Which flow should be used for DirectGrantFlow

display_name str
display_name_html str
docker_authentication_flow str

Which flow should be used for DockerAuthenticationFlow

duplicate_emails_allowed bool
edit_username_allowed bool
email_theme str
enabled bool
internal_id str
internationalization Dict[RealmInternationalization]
login_theme str
login_with_email_allowed bool
offline_session_idle_timeout str
offline_session_max_lifespan str
password_policy str

String that represents the passwordPolicies that are in place. Each policy is separated with “ and “. Supported policies can be found in the server-info providers page. example: “upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)”

realm str
refresh_token_max_reuse float
registration_allowed bool
registration_email_as_username bool
registration_flow str

Which flow should be used for RegistrationFlow

remember_me bool
reset_credentials_flow str

Which flow should be used for ResetCredentialsFlow

reset_password_allowed bool
revoke_refresh_token bool
security_defenses Dict[RealmSecurityDefenses]
smtp_server Dict[RealmSmtpServer]
ssl_required str

SSL Required: Values can be ‘none’, ‘external’ or ‘all’.

sso_session_idle_timeout str
sso_session_max_lifespan str
user_managed_access bool
verify_email bool

Supporting Types

RealmInternationalization

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

DefaultLocale string
SupportedLocales List<string>
DefaultLocale string
SupportedLocales []string
defaultLocale string
supportedLocales string[]
defaultLocale str
supportedLocales List[str]

RealmSecurityDefenses

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

BruteForceDetection RealmSecurityDefensesBruteForceDetectionArgs
Headers RealmSecurityDefensesHeadersArgs
BruteForceDetection RealmSecurityDefensesBruteForceDetection
Headers RealmSecurityDefensesHeaders
bruteForceDetection RealmSecurityDefensesBruteForceDetection
headers RealmSecurityDefensesHeaders
bruteForceDetection Dict[RealmSecurityDefensesBruteForceDetection]
headers Dict[RealmSecurityDefensesHeaders]

RealmSecurityDefensesBruteForceDetection

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

FailureResetTimeSeconds int
MaxFailureWaitSeconds int
MaxLoginFailures int
MinimumQuickLoginWaitSeconds int
PermanentLockout bool
QuickLoginCheckMilliSeconds int
WaitIncrementSeconds int
FailureResetTimeSeconds int
MaxFailureWaitSeconds int
MaxLoginFailures int
MinimumQuickLoginWaitSeconds int
PermanentLockout bool
QuickLoginCheckMilliSeconds int
WaitIncrementSeconds int
failureResetTimeSeconds number
maxFailureWaitSeconds number
maxLoginFailures number
minimumQuickLoginWaitSeconds number
permanentLockout boolean
quickLoginCheckMilliSeconds number
waitIncrementSeconds number
failureResetTimeSeconds float
maxFailureWaitSeconds float
maxLoginFailures float
minimumQuickLoginWaitSeconds float
permanentLockout bool
quickLoginCheckMilliSeconds float
waitIncrementSeconds float

RealmSecurityDefensesHeaders

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

ContentSecurityPolicy string
ContentSecurityPolicyReportOnly string
StrictTransportSecurity string
XContentTypeOptions string
XFrameOptions string
XRobotsTag string
XXssProtection string
ContentSecurityPolicy string
ContentSecurityPolicyReportOnly string
StrictTransportSecurity string
XContentTypeOptions string
XFrameOptions string
XRobotsTag string
XXssProtection string
contentSecurityPolicy string
contentSecurityPolicyReportOnly string
strictTransportSecurity string
xContentTypeOptions string
xFrameOptions string
xRobotsTag string
xXssProtection string
contentSecurityPolicy str
contentSecurityPolicyReportOnly str
strictTransportSecurity str
xContentTypeOptions str
xFrameOptions str
xRobotsTag str
xXssProtection str

RealmSmtpServer

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

From string
Host string
Auth RealmSmtpServerAuthArgs
EnvelopeFrom string
FromDisplayName string
Port string
ReplyTo string
ReplyToDisplayName string
Ssl bool
Starttls bool
From string
Host string
Auth RealmSmtpServerAuth
EnvelopeFrom string
FromDisplayName string
Port string
ReplyTo string
ReplyToDisplayName string
Ssl bool
Starttls bool
from string
host string
auth RealmSmtpServerAuth
envelopeFrom string
fromDisplayName string
port string
replyTo string
replyToDisplayName string
ssl boolean
starttls boolean
from str
host str
auth Dict[RealmSmtpServerAuth]
envelopeFrom str
fromDisplayName str
port str
replyTo str
replyToDisplayName str
ssl bool
starttls bool

RealmSmtpServerAuth

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Password string
Username string
Password string
Username string
password string
username string
password str
username str

Package Details

Repository
https://github.com/pulumi/pulumi-keycloak
License
Apache-2.0
Notes
This Pulumi package is based on the keycloak Terraform Provider.