In order to persist changes to Keycloak data, such as those made by a realm import, the Postgres database should be leverage persistent storage. By default, the Keycloak operator deploys an ephemeral database.
Also, while the operator offers convenient database management, most production use cases will call for integration with an externally managed database instance. Since external integration is the most common scenario, let's use an independently managed Postgres instance.
The connection from the Keycloak instance to the database should be TLS-secured.
davgordo
commented
5 months ago
In order to persist changes to Keycloak data, such as those made by a realm import, the Postgres database should be leverage persistent storage. By default, the Keycloak operator deploys an ephemeral database.
Also, while the operator offers convenient database management, most production use cases will call for integration with an externally managed database instance. Since external integration is the most common scenario, let's use an independently managed Postgres instance.
The connection from the Keycloak instance to the database should be TLS-secured.