Automation

`terraform`

Cloud-IAM Keycloak deployments are compatible with Keycloak terraform providers because deployed Keycloaks expose the full Keycloak REST admin API.

TIP

terraform might be rate limited during the process. You should add the IP of where terraform is running to the admin allow list.

`pulumi`

Cloud-IAM Keycloak deployments are compatible with Keycloak pulumi provider because deployed Keycloaks expose the full Keycloak REST admin API.

Troubleshooting

Sometimes when adding a new realm pulumi gets a timeout within seconds as api response.

keycloak:index:Realm (REALM_NAME):
error: 1 error occurred:
error sending request: Post "https://YOUR_DOMAIN.cloud-iam.com/auth/admin/realms": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

Resources:
1 unchanged

Duration: 7s

Increasing the request timeout will solve the issue. The pulumi native customTimeouts flag does not seem to work but setting KEYCLOAK_CLIENT_TIMEOUT=60 environment variable to 60 seconds will work.

Automation ​

terraform ​

pulumi ​

Troubleshooting ​

Automation

`terraform`

`pulumi`

Troubleshooting