guillaume
/
ansible-keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible-keycloak/roles/keycloak_realm/README.md

106 lines
2.7 KiB
Markdown
Raw Normal View History

Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
keycloak_realm
==============
Create realms and clients in [keycloak](https://keycloak.org/) or [Red Hat Single Sing-On](https://access.redhat.com/products/red-hat-single-sign-on) services.
Role Defaults
-------------
| Variable | Description | Default |
|:---------|:------------|:---------|
Update READMEs
2021-12-22 13:02:13 +00:00
|`keycloak_admin_user` | Administration console user account | `admin` |
|`keycloak_host` | hostname | `localhost` |
|`keycloak_http_port` | HTTP port | `8080` |
|`keycloak_https_port` | TLS HTTP port | `8443` |
|`keycloak_auth_realm` | Name of the main authentication realm | `master` |
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
Role Variables
--------------
The following are a set of _required_ variables for the role:
| Variable | Description |
|:---------|:------------|
|`keycloak_admin_password`| Password for the administration console user account |
Update READMEs
2021-12-22 13:02:13 +00:00
|`keycloak_realm` | Name of the realm to be created |
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
Update READMEs
2021-12-22 13:02:13 +00:00
The following variables are available for creating clients:
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
| Variable | Description | Default |
|:---------|:------------|:---------|
Update READMEs
2021-12-22 13:02:13 +00:00
|`keycloak_clients` | List of _client_ declarations for the realm | `[]` |
|`keycloak_client_default_roles` | List of default role name for clients | `[]` |
|`keycloak_client_users` | List of user/role mappings for a client | `[]` |
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
Update READMEs
2021-12-22 13:02:13 +00:00
Variable formats
----------------
* `keycloak_clients`, a list of:
```yaml
- name: <name of the client>
roles: <keycloak_client_default_roles>
realm: <name of the realm that contains the client>
public_client: <true for public, false for confidential>
web_origins: <list of allowed we origins for the client>
users: <keycloak_client_users>
```
* `keycloak_client_users`, a list of:
```yaml
- username: <username, required>
password: <password, required>
firstName: <firstName, optional>
lastName: <lastName, optional>
email: <email, optional>
client_roles: <list of client user/role mappings>
```
* Client user/role mappings, a list of:
```yaml
- client: <name of the client>
role: <name of the role>
realm: <name of the realm>
```
For a comprehensive example, refer to the [playbook](playbooks/keycloak.yml).
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
Example Playbook
----------------
Update READMEs
2021-12-22 13:02:13 +00:00
The following is an example playbook that makes use of the role to create a realm in keycloak.
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
```yaml
---
- hosts: ...
collections:
- middleware_automation.keycloak
tasks:
- name: Include keycloak role
include_role:
name: keycloak_realm
vars:
keycloak_admin_password: "changeme"
Update READMEs
2021-12-22 13:02:13 +00:00
keycloak_realm: TestRealm
keycloak_clients: [...]
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
```
Update READMEs
2021-12-22 13:02:13 +00:00
Extract new keycloak_realm role out of keycloak
2021-12-22 09:05:48 +00:00
License
-------
Apache License 2.0
Author Information
------------------
* [Guido Grazioli](https://github.com/guidograzioli)
* [Romain Pelisse](https://github.com/rpelisse)