Docs Home
Keycloak Provider: Installation & Configuration
The Pulumi Keycloak provider uses the Keycloak SDK to manage and provision resources.
Installation
The Keycloak provider is available as a package in all Pulumi languages:
- JavaScript/TypeScript:
@pulumi/keycloak - Python:
pulumi-keycloak - Go:
github.com/pulumi/pulumi-keycloak/sdk/v4/go/keycloak - .NET:
Pulumi.Keycloak - Java:
com.pulumi/keycloak
Configuring Credentials
Pulumi relies on the Keycloak SDK to authenticate requests from your computer to Keycloak. Your credentials are never sent to pulumi.com. The Pulumi Keycloak Provider needs to be configured with Keycloak credentials before it can be used to create resources.
Once the credentials are obtained, there are two ways to communicate your authorization tokens to Pulumi:
Set the environment variables
KEYCLOAK_URL,KEYCLOAK_CLIENT_IDandKEYCLOAK_CLIENT_SECRET:$ export KEYCLOAK_URL=XXXXXXXXXXXXXX $ export KEYCLOAK_CLIENT_ID=YYYYYYYYYYYYYY $ export KEYCLOAK_CLIENT_SECRET=ZZZZZZZZZZZZZZSet them using configuration, if you prefer that they be stored alongside your Pulumi stack for easy multi-user access:
$ pulumi config set keycloak:url XXXXXXXXXXXXXX $ pulumi config set keycloak:clientId YYYYYYYYYYYYYY --secret $ pulumi config set keycloak:clientSecret ZZZZZZZZZZZZZZ --secret
Remember to pass --secret when setting keycloak:clientId and keycloak:clientSecret so that they are properly encrypted. The complete list of
configuration parameters is in the Keycloak provider README.