Creating AAD Keycloak composite roles (optional post deployment step)
You can create composite roles in Keycloak and link them to Azure Active Directory groups.
This may simplify the Keycloak identity provider configuration.
Prerequisites
To successfully create composite roles in Keycloak you need the following:
The Keycloak admin password and URLs of your kdb Insights Enterprise deployment.
Create kdb Insights Enterprise composite roles
kdb Insights Enterprise uses Keycloak as its Identity and Access Management component.
Follow the steps below to log into Keycloak and create the necessary roles.
-
Use the
keycloakUrl
or theinsightsUiUrl
+/auth/
from the section above to navigate to the Keycloak web UI. -
Click on
Administration Console
and log in with the usernameuser
and the password you provided during the deployment. -
Choose the
Insights
target realm from the top-left realm drop-down. -
Click on
Roles
in the left-hand menu then click on theAdd Role
button. -
Enter the Role Name:
<role name>
and clickSave
. -
Turn Composite Roles
ON
. -
Associate it with the desired roles.