2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
[[_realm-cr]]
=== Creating a realm custom resource
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
You can use the Operator to create realms in {project_name} as defined by a custom resource. You define the properties of the realm custom resource in a YAML file.
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
[NOTE]
====
2022-04-20 15:17:21 +00:00
You can only create or delete realms by creating or deleting the YAML file, and changes appear in the {project_name} admin console. However changes to the admin console are not reflected back and updates of the CR after the realm is created are not supported.
2020-05-09 01:16:38 +00:00
====
.Example YAML file for a `Realm` custom resource
2019-12-03 10:22:58 +00:00
```yaml
apiVersion: keycloak.org/v1alpha1
kind: KeycloakRealm
metadata:
2020-05-09 01:16:38 +00:00
name: test
2019-12-03 10:22:58 +00:00
labels:
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
2020-08-20 20:31:44 +00:00
app: example-keycloak
2020-06-08 21:53:30 +00:00
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
app: sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
spec:
realm:
id: "basic"
realm: "basic"
enabled: True
displayName: "Basic Realm"
instanceSelector:
matchLabels:
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
app: example-keycloak
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
app: sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
```
2020-05-09 01:16:38 +00:00
.Prerequisites
* You have a YAML file for this custom resource.
* In the YAML file, the `app` under `instanceSelector` matches the label of a Keycloak custom resource. Matching these values ensures that you create the realm in the right instance of {project_name}.
* You have cluster-admin permission or an equivalent level of permissions granted by an administrator.
.Procedure
. Use this command on the YAML file that you created: `{create_cmd} -f <realm-name>.yaml`. For example:
+
[source,bash,subs=+attributes]
----
$ {create_cmd} -f initial_realm.yaml
keycloak.keycloak.org/test created
----
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
. Log into the admin console for the related instance of {project_name}.
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
. Click Select Realm and locate the realm that you created.
+
The new realm opens.
+
.Admin console master realm
image:images/test-realm-cr.png[]
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
.Results
After the Operator processes the custom resource, view the status with this command:
[source,bash,subs=+attributes]
----
2020-06-08 21:53:30 +00:00
$ {create_cmd_brief} describe keycloak <CR-name>
2020-05-09 01:16:38 +00:00
----
.Realm custom resource status
2019-12-03 10:22:58 +00:00
```yaml
Name: example-keycloakrealm
Namespace: keycloak
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
Labels: app=example-keycloak
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
Labels: app=sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
Annotations: <none>
API Version: keycloak.org/v1alpha1
Kind: KeycloakRealm
Metadata:
Creation Timestamp: 2019-12-03T09:46:02Z
Finalizers:
realm.cleanup
Generation: 1
Resource Version: 804596
Self Link: /apis/keycloak.org/v1alpha1/namespaces/keycloak/keycloakrealms/example-keycloakrealm
UID: b7b2f883-15b1-11ea-91e6-02cb885627a6
Spec:
Instance Selector:
Match Labels:
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
App: example-keycloak
endif::[]
ifeval::[{project_product}==true]
App: sso
endif::[]
2019-12-03 10:22:58 +00:00
Realm:
Display Name: Basic Realm
Enabled: true
Id: basic
Realm: basic
Status:
Login URL:
Message:
Phase: reconciling
Ready: true
Events: <none>
```
2020-05-09 01:16:38 +00:00
Additional resources
2020-08-20 20:31:44 +00:00
* When the realm creation completes, you are ready to xref:_client-cr[create a client custom resource].