keycloak_component – Allows administration of Keycloak components using Keycloak API
Note
This module is part of the middleware_automation.keycloak collection.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install middleware_automation.keycloak.
To use it in a playbook, specify: middleware_automation.keycloak.keycloak_component.
New in middleware_automation.keycloak 3.0.0
Synopsis
This module allows the administration of Keycloak components using the Keycloak REST API. It requires access to the REST API using OpenID Connect; the user connecting and the realm being used must have the requisite access rights. In a default Keycloak installation,
admin-cliand anadminuser would work, as would a separate realm definition with the scope tailored to your needs and a user having the expected roles.The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at https://www.keycloak.org/docs-api/latest/rest-api/index.html. Aliases are provided so camelCased versions can be used as well.
Parameters
Parameter |
Comments |
|---|---|
OpenID Connect client_id to authenticate to the API with. Default: |
|
Client Secret to use in conjunction with auth_client_id (if required). |
|
URL to the Keycloak instance. |
|
Password to authenticate for API access with. |
|
Keycloak realm name to authenticate to for API access. |
|
Username to authenticate for API access with. |
|
Configuration properties for the provider. Contents vary depending on the provider type. |
|
Controls the HTTP connections timeout period (in seconds) to Keycloak API. Default: |
|
Configures the HTTP User-Agent header. Default: |
|
Name of the component to create. |
|
The parent_id of the component. In practice the ID (name) of the realm. |
|
The name of the "provider ID" for the key. |
|
The name of the "provider type" for the key. That is, See https://www.keycloak.org/docs/latest/server_development/index.html#_providers. |
|
Authentication refresh token for Keycloak API. |
|
State of the Keycloak component. On On Choices:
|
|
Authentication token for Keycloak API. |
|
Verify TLS certificates (do not disable this in production). Choices:
|
Attributes
Attribute |
Support |
Description |
|---|---|---|
Action group: middleware_automation.keycloak.keycloak added in middleware_automation.keycloak 3.0.0 |
Use |
|
Support: full |
Can run in |
|
Support: full |
Will return details on what has changed (or possibly needs changing in |
Examples
- name: Manage Keycloak User Storage Provider
middleware_automation.keycloak.keycloak_component:
auth_keycloak_url: http://localhost:8080
auth_username: keycloak
auth_password: keycloak
auth_realm: master
name: my storage provider
state: present
parent_id: some_realm
provider_id: my storage
provider_type: "org.keycloak.storage.UserStorageProvider"
config:
myCustomKey: "my_custom_key"
cachePolicy: "NO_CACHE"
enabled: true
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Representation of the keycloak_component after module execution. Returned: on success |
|
Component configuration. Returned: success |
|
The type of provider. Returned: when |