Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-1276

Vault support in the Operator

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      Red Hat build of Keycloak 22 provides out-of-the-box implementations of the Vault SPI: a plain-text file-based vault and Java KeyStore-based vault.

      The file-based vault implementation is especially useful for Kubernetes/OpenShift secrets. One can mount Kubernetes secrets into the Red Hat build of Keycloak Container, and the data fields will be available in the mounted folder with a flat-file structure.

      The Java KeyStore-based vault implementation is useful for storing secrets in bare metal installations. One can use the KeyStore vault, which is encrypted using a password.

      The Operator already allows adding more config options from the Keycloak Quarkus distribution to Keycloak CR as per GHI#13456.

      We need to provide a Vault full support in the Operator, allowing config options for Vault probably requiring to extend current Vault functionality to accommodate more fields throughout Realm representation.

      Cf. GHI#14403

            sthorger@redhat.com Stian Thorgersen
            rhn-support-igueye Issa Gueye
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: