Skip to content

v1.v1alpha1.clusterKeycloakRealm

"ClusterKeycloakRealm is the Schema for the clusterkeycloakrealms API."

Index

Fields

fn new

new(name)

new returns an instance of ClusterKeycloakRealm

obj metadata

"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create."

fn metadata.withAnnotations

withAnnotations(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

fn metadata.withAnnotationsMixin

withAnnotationsMixin(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

Note: This function appends passed data to existing values

fn metadata.withClusterName

withClusterName(clusterName)

"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request."

fn metadata.withCreationTimestamp

withCreationTimestamp(creationTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withDeletionGracePeriodSeconds

withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)

"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."

fn metadata.withDeletionTimestamp

withDeletionTimestamp(deletionTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withFinalizers

withFinalizers(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

fn metadata.withFinalizersMixin

withFinalizersMixin(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

Note: This function appends passed data to existing values

fn metadata.withGenerateName

withGenerateName(generateName)

"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"

fn metadata.withGeneration

withGeneration(generation)

"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."

fn metadata.withLabels

withLabels(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

fn metadata.withLabelsMixin

withLabelsMixin(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

Note: This function appends passed data to existing values

fn metadata.withName

withName(name)

"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names"

fn metadata.withNamespace

withNamespace(namespace)

"Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"

fn metadata.withOwnerReferences

withOwnerReferences(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

fn metadata.withOwnerReferencesMixin

withOwnerReferencesMixin(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

Note: This function appends passed data to existing values

fn metadata.withResourceVersion

withResourceVersion(resourceVersion)

"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"

withSelfLink(selfLink)

"SelfLink is a URL representing this object. Populated by the system. Read-only.\n\nDEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release."

fn metadata.withUid

withUid(uid)

"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids"

obj spec

"ClusterKeycloakRealmSpec defines the desired state of ClusterKeycloakRealm."

fn spec.withBrowserSecurityHeaders

withBrowserSecurityHeaders(browserSecurityHeaders)

"BrowserSecurityHeaders is a map of security headers to apply to HTTP responses from the realm's browser clients."

fn spec.withBrowserSecurityHeadersMixin

withBrowserSecurityHeadersMixin(browserSecurityHeaders)

"BrowserSecurityHeaders is a map of security headers to apply to HTTP responses from the realm's browser clients."

Note: This function appends passed data to existing values

fn spec.withClusterKeycloakRef

withClusterKeycloakRef(clusterKeycloakRef)

"ClusterKeycloakRef is a name of the ClusterKeycloak instance that owns the realm."

fn spec.withFrontendUrl

withFrontendUrl(frontendUrl)

"FrontendURL Set the frontend URL for the realm.\nUse in combination with the default hostname provider to override the base URL for frontend requests for a specific realm."

fn spec.withPasswordPolicy

withPasswordPolicy(passwordPolicy)

"PasswordPolicies is a list of password policies to apply to the realm."

fn spec.withPasswordPolicyMixin

withPasswordPolicyMixin(passwordPolicy)

"PasswordPolicies is a list of password policies to apply to the realm."

Note: This function appends passed data to existing values

fn spec.withRealmName

withRealmName(realmName)

"RealmName specifies the name of the realm."

obj spec.authenticationFlows

"AuthenticationFlow is the configuration for authentication flows in the realm."

fn spec.authenticationFlows.withBrowserFlow

withBrowserFlow(browserFlow)

"BrowserFlow specifies the authentication flow to use for the realm's browser clients."

obj spec.localization

"Localization is the configuration for localization in the realm."

fn spec.localization.withInternationalizationEnabled

withInternationalizationEnabled(internationalizationEnabled)

"InternationalizationEnabled indicates whether to enable internationalization."

obj spec.passwordPolicy

"PasswordPolicies is a list of password policies to apply to the realm."

fn spec.passwordPolicy.withType

withType(type)

"Type of password policy."

fn spec.passwordPolicy.withValue

withValue(value)

"Value of password policy."

obj spec.realmEventConfig

"RealmEventConfig is the configuration for events in the realm."

fn spec.realmEventConfig.withAdminEventsDetailsEnabled

withAdminEventsDetailsEnabled(adminEventsDetailsEnabled)

"AdminEventsDetailsEnabled indicates whether to enable detailed admin events."

fn spec.realmEventConfig.withAdminEventsEnabled

withAdminEventsEnabled(adminEventsEnabled)

"AdminEventsEnabled indicates whether to enable admin events."

fn spec.realmEventConfig.withEnabledEventTypes

withEnabledEventTypes(enabledEventTypes)

"EnabledEventTypes is a list of event types to enable."

fn spec.realmEventConfig.withEnabledEventTypesMixin

withEnabledEventTypesMixin(enabledEventTypes)

"EnabledEventTypes is a list of event types to enable."

Note: This function appends passed data to existing values

fn spec.realmEventConfig.withEventsEnabled

withEventsEnabled(eventsEnabled)

"EventsEnabled indicates whether to enable events."

fn spec.realmEventConfig.withEventsExpiration

withEventsExpiration(eventsExpiration)

"EventsExpiration is the number of seconds after which events expire."

fn spec.realmEventConfig.withEventsListeners

withEventsListeners(eventsListeners)

"EventsListeners is a list of event listeners to enable."

fn spec.realmEventConfig.withEventsListenersMixin

withEventsListenersMixin(eventsListeners)

"EventsListeners is a list of event listeners to enable."

Note: This function appends passed data to existing values

obj spec.themes

"Themes is a map of themes to apply to the realm."

fn spec.themes.withAccountTheme

withAccountTheme(accountTheme)

"AccountTheme specifies the account theme to use for the realm."

fn spec.themes.withAdminConsoleTheme

withAdminConsoleTheme(adminConsoleTheme)

"AdminConsoleTheme specifies the admin console theme to use for the realm."

fn spec.themes.withEmailTheme

withEmailTheme(emailTheme)

"EmailTheme specifies the email theme to use for the realm."

fn spec.themes.withLoginTheme

withLoginTheme(loginTheme)

"LoginTheme specifies the login theme to use for the realm."

obj spec.tokenSettings

"TokenSettings is the configuration for tokens in the realm."

fn spec.tokenSettings.withAccessCodeLifespan

withAccessCodeLifespan(accessCodeLifespan)

"AccessCodeLifespan specifies max time(in seconds)a client has to finish the access token protocol.\nThis should normally be 1 minute."

fn spec.tokenSettings.withAccessToken

withAccessToken(accessToken)

"AccessTokenLifespanForImplicitFlow specifies max time(in seconds) before an access token is expired for implicit flow."

fn spec.tokenSettings.withAccessTokenLifespan

withAccessTokenLifespan(accessTokenLifespan)

"AccessTokenLifespan specifies max time(in seconds) before an access token is expired.\nThis value is recommended to be short relative to the SSO timeout."

fn spec.tokenSettings.withActionTokenGeneratedByAdminLifespan

withActionTokenGeneratedByAdminLifespan(actionTokenGeneratedByAdminLifespan)

"ActionTokenGeneratedByAdminLifespan specifies max time(in seconds) before an action permit sent to a user by administrator is expired.\nThis value is recommended to be long to allow administrators to send e-mails for users that are currently offline.\nThe default timeout can be overridden immediately before issuing the token."

fn spec.tokenSettings.withActionTokenGeneratedByUserLifespan

withActionTokenGeneratedByUserLifespan(actionTokenGeneratedByUserLifespan)

"AccessCodeLifespanUserAction specifies max time(in seconds) before an action permit sent by a user (such as a forgot password e-mail) is expired.\nThis value is recommended to be short because it's expected that the user would react to self-created action quickly."

fn spec.tokenSettings.withDefaultSignatureAlgorithm

withDefaultSignatureAlgorithm(defaultSignatureAlgorithm)

"DefaultSignatureAlgorithm specifies the default algorithm used to sign tokens for the realm"

fn spec.tokenSettings.withRefreshTokenMaxReuse

withRefreshTokenMaxReuse(refreshTokenMaxReuse)

"RefreshTokenMaxReuse specifies maximum number of times a refresh token can be reused.\nWhen a different token is used, revocation is immediate."

fn spec.tokenSettings.withRevokeRefreshToken

withRevokeRefreshToken(revokeRefreshToken)

"RevokeRefreshToken if enabled a refresh token can only be used up to 'refreshTokenMaxReuse' and\nis revoked when a different token is used.\nOtherwise, refresh tokens are not revoked when used and can be used multiple times."