contract-first-idp / platform-components

GitOps manifest for the platform
0 stars 11 forks source link

Configure an external Postgres instance for Keycloak #11

Closed davgordo closed 4 months ago

davgordo commented 5 months ago

In order to persist changes to Keycloak data, such as those made by a realm import, the Postgres database should be leverage persistent storage. By default, the Keycloak operator deploys an ephemeral database.

Also, while the operator offers convenient database management, most production use cases will call for integration with an externally managed database instance. Since external integration is the most common scenario, let's use an independently managed Postgres instance.

The connection from the Keycloak instance to the database should be TLS-secured.

davgordo commented 4 months ago

Addressed in #12