ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-10-22 12:04:06 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
middleware_automation.keycloak/roles/keycloak_realm
History
Guido Grazioli cc6ddd3959
 Merge pull request #10 from motaparthipavankumar/user-federation 
User federation
2022-02-01 12:50:04 +01:00
..
defaults User Federation changes 2022-01-17 15:53:16 -06:00
meta Complete galaxy_info metadata 2021-12-23 09:30:13 +01:00
tasks Merge pull request #10 from motaparthipavankumar/user-federation 2022-02-01 12:50:04 +01:00
templates Extract new keycloak_realm role out of keycloak 2021-12-22 10:05:48 +01:00
vars User Federation changes 2022-01-17 15:53:16 -06:00
README.md User Federation changes 2022-01-17 15:53:16 -06:00

README.md

keycloak_realm

Create realms and clients in keycloak or Red Hat Single Sing-On services.

Role Defaults

Variable Description Default
keycloak_admin_user Administration console user account admin
keycloak_host hostname localhost
keycloak_http_port HTTP port 8080
keycloak_https_port TLS HTTP port 8443
keycloak_auth_realm Name of the main authentication realm master
keycloak_rhsso_enable Define service is an upstream(Keycloak) or RHSSO master

Role Variables

The following are a set of required variables for the role:

Variable Description
keycloak_admin_password Password for the administration console user account
keycloak_realm Name of the realm to be created

The following variables are available for creating clients:

Variable Description Default
keycloak_clients List of client declarations for the realm []
keycloak_client_default_roles List of default role name for clients []
keycloak_client_users List of user/role mappings for a client []

The following variable are available for creating user federation:

Variable Description Default
keycloak_user_federation List of keycloak_user_federation for the realm []

Variable formats

  • keycloak_user_federation, a list of:
    - realm:  <name of the realm in which user federation should be configured, required>
      name: <name of the user federation provider, required>
      provider_id: <Type of the user federation provider, required>
      provider_type: < Provider Type, default is set to org.keycloak.storage.UserStorageProvider>
      config: <Dictionary of supported configuration values, required>
      mappers: <List of supported configuration values, required>

Refer to docs for information on supported variables.

  • keycloak_clients, a list of:
    - name: <name of the client>
      roles: <keycloak_client_default_roles>
      realm: <name of the realm that contains the client>
      public_client: <true for public, false for confidential>
      web_origins: <list of allowed we origins for the client>
      users: <keycloak_client_users>
  • keycloak_client_users, a list of:
    - username: <username, required>
      password: <password, required>
      firstName: <firstName, optional>
      lastName: <lastName, optional>
      email: <email, optional>
      client_roles: <list of client user/role mappings>
  • Client user/role mappings, a list of:
    - client: <name of the client>
      role: <name of the role>
      realm: <name of the realm>

For a comprehensive example, refer to the playbook.

Example Playbook

The following is an example playbook that makes use of the role to create a realm in keycloak.

---
- hosts: ...
      collections:
        - middleware_automation.keycloak
      tasks:
        - name: Include keycloak role
          include_role:
            name: keycloak_realm
          vars:
            keycloak_admin_password: "changeme"
            keycloak_realm: TestRealm
            keycloak_clients: [...]

License

Apache License 2.0

Author Information