keycloak.CustomUserFederation
Explore with Pulumi AI
# keycloak.CustomUserFederation
Allows for creating and managing custom user federation providers within Keycloak.
A custom user federation provider is an implementation of Keycloak’s User Storage SPI. An example of this implementation can be found here.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
realm: "test",
enabled: true,
});
const customUserFederation = new keycloak.CustomUserFederation("custom_user_federation", {
name: "custom",
realmId: realm.id,
providerId: "custom",
enabled: true,
});
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
realm="test",
enabled=True)
custom_user_federation = keycloak.CustomUserFederation("custom_user_federation",
name="custom",
realm_id=realm.id,
provider_id="custom",
enabled=True)
package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
Realm: pulumi.String("test"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = keycloak.NewCustomUserFederation(ctx, "custom_user_federation", &keycloak.CustomUserFederationArgs{
Name: pulumi.String("custom"),
RealmId: realm.ID(),
ProviderId: pulumi.String("custom"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var realm = new Keycloak.Realm("realm", new()
{
RealmName = "test",
Enabled = true,
});
var customUserFederation = new Keycloak.CustomUserFederation("custom_user_federation", new()
{
Name = "custom",
RealmId = realm.Id,
ProviderId = "custom",
Enabled = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.CustomUserFederation;
import com.pulumi.keycloak.CustomUserFederationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var realm = new Realm("realm", RealmArgs.builder()
.realm("test")
.enabled(true)
.build());
var customUserFederation = new CustomUserFederation("customUserFederation", CustomUserFederationArgs.builder()
.name("custom")
.realmId(realm.id())
.providerId("custom")
.enabled(true)
.build());
}
}
resources:
realm:
type: keycloak:Realm
properties:
realm: test
enabled: true
customUserFederation:
type: keycloak:CustomUserFederation
name: custom_user_federation
properties:
name: custom
realmId: ${realm.id}
providerId: custom
enabled: true
Argument Reference
The following arguments are supported:
realm_id
- (Required) The realm that this provider will provide user federation for.name
- (Required) Display name of the provider when displayed in the console.provider_id
- (Required) The unique ID of the custom provider, specified in thegetId
implementation for theUserStorageProviderFactory
interface.enabled
- (Optional) Whenfalse
, this provider will not be used when performing queries for users. Defaults totrue
.priority
- (Optional) Priority of this provider when looking up users. Lower values are first. Defaults to0
.cache_policy
- (Optional) Can be one ofDEFAULT
,EVICT_DAILY
,EVICT_WEEKLY
,MAX_LIFESPAN
, orNO_CACHE
. Defaults toDEFAULT
.
Import
Custom user federation providers can be imported using the format {{realm_id}}/{{custom_user_federation_id}}
.
The ID of the custom user federation provider can be found within the Keycloak GUI and is typically a GUID:
$ terraform import keycloak_custom_user_federation.custom_user_federation my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860
Create CustomUserFederation Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CustomUserFederation(name: string, args: CustomUserFederationArgs, opts?: CustomResourceOptions);
@overload
def CustomUserFederation(resource_name: str,
args: CustomUserFederationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CustomUserFederation(resource_name: str,
opts: Optional[ResourceOptions] = None,
provider_id: Optional[str] = None,
realm_id: Optional[str] = None,
cache_policy: Optional[str] = None,
changed_sync_period: Optional[int] = None,
config: Optional[Mapping[str, str]] = None,
enabled: Optional[bool] = None,
full_sync_period: Optional[int] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
priority: Optional[int] = None)
func NewCustomUserFederation(ctx *Context, name string, args CustomUserFederationArgs, opts ...ResourceOption) (*CustomUserFederation, error)
public CustomUserFederation(string name, CustomUserFederationArgs args, CustomResourceOptions? opts = null)
public CustomUserFederation(String name, CustomUserFederationArgs args)
public CustomUserFederation(String name, CustomUserFederationArgs args, CustomResourceOptions options)
type: keycloak:CustomUserFederation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CustomUserFederationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomUserFederationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomUserFederationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomUserFederationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomUserFederationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var customUserFederationResource = new Keycloak.CustomUserFederation("customUserFederationResource", new()
{
ProviderId = "string",
RealmId = "string",
CachePolicy = "string",
ChangedSyncPeriod = 0,
Config =
{
{ "string", "string" },
},
Enabled = false,
FullSyncPeriod = 0,
Name = "string",
ParentId = "string",
Priority = 0,
});
example, err := keycloak.NewCustomUserFederation(ctx, "customUserFederationResource", &keycloak.CustomUserFederationArgs{
ProviderId: pulumi.String("string"),
RealmId: pulumi.String("string"),
CachePolicy: pulumi.String("string"),
ChangedSyncPeriod: pulumi.Int(0),
Config: pulumi.StringMap{
"string": pulumi.String("string"),
},
Enabled: pulumi.Bool(false),
FullSyncPeriod: pulumi.Int(0),
Name: pulumi.String("string"),
ParentId: pulumi.String("string"),
Priority: pulumi.Int(0),
})
var customUserFederationResource = new CustomUserFederation("customUserFederationResource", CustomUserFederationArgs.builder()
.providerId("string")
.realmId("string")
.cachePolicy("string")
.changedSyncPeriod(0)
.config(Map.of("string", "string"))
.enabled(false)
.fullSyncPeriod(0)
.name("string")
.parentId("string")
.priority(0)
.build());
custom_user_federation_resource = keycloak.CustomUserFederation("customUserFederationResource",
provider_id="string",
realm_id="string",
cache_policy="string",
changed_sync_period=0,
config={
"string": "string",
},
enabled=False,
full_sync_period=0,
name="string",
parent_id="string",
priority=0)
const customUserFederationResource = new keycloak.CustomUserFederation("customUserFederationResource", {
providerId: "string",
realmId: "string",
cachePolicy: "string",
changedSyncPeriod: 0,
config: {
string: "string",
},
enabled: false,
fullSyncPeriod: 0,
name: "string",
parentId: "string",
priority: 0,
});
type: keycloak:CustomUserFederation
properties:
cachePolicy: string
changedSyncPeriod: 0
config:
string: string
enabled: false
fullSyncPeriod: 0
name: string
parentId: string
priority: 0
providerId: string
realmId: string
CustomUserFederation Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CustomUserFederation resource accepts the following input properties:
- Provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - Realm
Id string - The realm (name) this provider will provide user federation for.
- Cache
Policy string - Changed
Sync intPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- Config Dictionary<string, string>
- Enabled bool
- When false, this provider will not be used when performing queries for users.
- Full
Sync intPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- Name string
- Display name of the provider when displayed in the console.
- Parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- Priority int
- Priority of this provider when looking up users. Lower values are first.
- Provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - Realm
Id string - The realm (name) this provider will provide user federation for.
- Cache
Policy string - Changed
Sync intPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- Config map[string]string
- Enabled bool
- When false, this provider will not be used when performing queries for users.
- Full
Sync intPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- Name string
- Display name of the provider when displayed in the console.
- Parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- Priority int
- Priority of this provider when looking up users. Lower values are first.
- provider
Id String - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id String - The realm (name) this provider will provide user federation for.
- cache
Policy String - changed
Sync IntegerPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Map<String,String>
- enabled Boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync IntegerPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name String
- Display name of the provider when displayed in the console.
- parent
Id String - The parent_id of the generated component. will use realm_id if not specified.
- priority Integer
- Priority of this provider when looking up users. Lower values are first.
- provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id string - The realm (name) this provider will provide user federation for.
- cache
Policy string - changed
Sync numberPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config {[key: string]: string}
- enabled boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync numberPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name string
- Display name of the provider when displayed in the console.
- parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- priority number
- Priority of this provider when looking up users. Lower values are first.
- provider_
id str - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm_
id str - The realm (name) this provider will provide user federation for.
- cache_
policy str - changed_
sync_ intperiod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Mapping[str, str]
- enabled bool
- When false, this provider will not be used when performing queries for users.
- full_
sync_ intperiod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name str
- Display name of the provider when displayed in the console.
- parent_
id str - The parent_id of the generated component. will use realm_id if not specified.
- priority int
- Priority of this provider when looking up users. Lower values are first.
- provider
Id String - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id String - The realm (name) this provider will provide user federation for.
- cache
Policy String - changed
Sync NumberPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Map<String>
- enabled Boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync NumberPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name String
- Display name of the provider when displayed in the console.
- parent
Id String - The parent_id of the generated component. will use realm_id if not specified.
- priority Number
- Priority of this provider when looking up users. Lower values are first.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomUserFederation resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CustomUserFederation Resource
Get an existing CustomUserFederation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CustomUserFederationState, opts?: CustomResourceOptions): CustomUserFederation
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
cache_policy: Optional[str] = None,
changed_sync_period: Optional[int] = None,
config: Optional[Mapping[str, str]] = None,
enabled: Optional[bool] = None,
full_sync_period: Optional[int] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
priority: Optional[int] = None,
provider_id: Optional[str] = None,
realm_id: Optional[str] = None) -> CustomUserFederation
func GetCustomUserFederation(ctx *Context, name string, id IDInput, state *CustomUserFederationState, opts ...ResourceOption) (*CustomUserFederation, error)
public static CustomUserFederation Get(string name, Input<string> id, CustomUserFederationState? state, CustomResourceOptions? opts = null)
public static CustomUserFederation get(String name, Output<String> id, CustomUserFederationState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Cache
Policy string - Changed
Sync intPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- Config Dictionary<string, string>
- Enabled bool
- When false, this provider will not be used when performing queries for users.
- Full
Sync intPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- Name string
- Display name of the provider when displayed in the console.
- Parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- Priority int
- Priority of this provider when looking up users. Lower values are first.
- Provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - Realm
Id string - The realm (name) this provider will provide user federation for.
- Cache
Policy string - Changed
Sync intPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- Config map[string]string
- Enabled bool
- When false, this provider will not be used when performing queries for users.
- Full
Sync intPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- Name string
- Display name of the provider when displayed in the console.
- Parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- Priority int
- Priority of this provider when looking up users. Lower values are first.
- Provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - Realm
Id string - The realm (name) this provider will provide user federation for.
- cache
Policy String - changed
Sync IntegerPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Map<String,String>
- enabled Boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync IntegerPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name String
- Display name of the provider when displayed in the console.
- parent
Id String - The parent_id of the generated component. will use realm_id if not specified.
- priority Integer
- Priority of this provider when looking up users. Lower values are first.
- provider
Id String - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id String - The realm (name) this provider will provide user federation for.
- cache
Policy string - changed
Sync numberPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config {[key: string]: string}
- enabled boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync numberPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name string
- Display name of the provider when displayed in the console.
- parent
Id string - The parent_id of the generated component. will use realm_id if not specified.
- priority number
- Priority of this provider when looking up users. Lower values are first.
- provider
Id string - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id string - The realm (name) this provider will provide user federation for.
- cache_
policy str - changed_
sync_ intperiod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Mapping[str, str]
- enabled bool
- When false, this provider will not be used when performing queries for users.
- full_
sync_ intperiod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name str
- Display name of the provider when displayed in the console.
- parent_
id str - The parent_id of the generated component. will use realm_id if not specified.
- priority int
- Priority of this provider when looking up users. Lower values are first.
- provider_
id str - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm_
id str - The realm (name) this provider will provide user federation for.
- cache
Policy String - changed
Sync NumberPeriod - How frequently Keycloak should sync changed users, in seconds. Omit this property to disable periodic changed users sync.
- config Map<String>
- enabled Boolean
- When false, this provider will not be used when performing queries for users.
- full
Sync NumberPeriod - How frequently Keycloak should sync all users, in seconds. Omit this property to disable periodic full sync.
- name String
- Display name of the provider when displayed in the console.
- parent
Id String - The parent_id of the generated component. will use realm_id if not specified.
- priority Number
- Priority of this provider when looking up users. Lower values are first.
- provider
Id String - The unique ID of the custom provider, specified in the
getId
implementation for the UserStorageProviderFactory interface - realm
Id String - The realm (name) this provider will provide user federation for.
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
keycloak
Terraform Provider.