Automation

Cloud-IAM managed Keycloak support automation to help you seamlessly manage, configure, and integrate your managed Keycloak deployments.
Because Cloud-IAM exposes the full Keycloak Admin REST API, automation tools such as Terraform and Pulumi can be used without restrictions.

`terraform`

Cloud-IAM Keycloak deployments are compatible with Keycloak Terraform providers since all deployments expose the full Keycloak REST Admin API.

TIP

terraform requests may be rate limited.
Make sure to add the IP of the system running Terraform to the admin allow list in your deployment.

`pulumi`

Cloud-IAM Keycloak deployments are compatible with the Keycloak Pulumi provider for the same reason: full access to the Keycloak REST Admin API.

Troubleshooting

Sometimes when adding a new realm pulumi gets a timeout within seconds as api response.

keycloak:index:Realm (REALM_NAME):
error: 1 error occurred:
error sending request: Post "https://YOUR_DOMAIN.cloud-iam.com/auth/admin/realms": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

Resources:
1 unchanged

Duration: 7s

Increasing the request timeout will solve the issue. The pulumi native customTimeouts flag does not seem to work but setting KEYCLOAK_CLIENT_TIMEOUT=60 environment variable to 60 seconds will work.

Automation ​

terraform ​

pulumi ​

Troubleshooting ​

Automation

`terraform`

`pulumi`

Troubleshooting