What does this Amazon Web Services Solution do?

This solution allows you to quickly deploy a Keycloak cluster on Amazon Web Services Cloud. Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. Providing a customizable user interface, Keycloak supports use cases such as Single Sign-On (SSO), user registration, user federation, etc. It strives to conform to standard protocols such as OpenID Connect, OAuth 2.0 and SAML 2.0. Customers can configure Keycloak to integrate with Active Directory and LDAP. You can also setup Keycloak to delegate authentication to third-party identity providers.

Amazon Web Services Solution overview

The following diagram shows the architecture diagram of this solution. You can use the deployment guide and the Amazon CloudFormation template for automated deployment.

Architecture of Serverless Image Handler

Keycloak on Amazon Web Services

  • A highly available architecture that spans two Availability Zones.
  • An Amazon Virtual Private Cloud (Amazon VPC) configured with public and private subnets, according to Amazon best practices, to provide you with your own virtual network on Amazon Web Services.
  • In the public subnets, managed Network Address Translation (NAT) gateways to allow outbound internet access for resources in the private subnets.
  • In the private subnets:
  • IAM role for the Amazon ECS service.
  • Secrets from Amazon Secrets Manager for Keycloak console login and database connection.
  • Amazon Certificate Manager (ACM), which uses your existing certificate for the custom domain name on the Application Load Balancer.
  • Amazon Route 53 alias record, which is required for the custom domain name.

Features

Standard protocols

Keycloak supports OpenID Connect, OAuth 2.0 and SAML 2.0 standard protocols.

Integration with different services

Customers can configure Keycloak to integrate with Active Directory and LDAP. Customers can also setup Keycloak to delegate authentication to third-party identity providers.

Automatic deployment

Customers can “1-click” launch Keycloak via CloudFormation template. Amazon CloudFormation will automatically setup Amazon Web Services resources required for this solution.
Standard Product Icons (Features) Squid Ink
Explore all Amazon Web Services Solutions

Browse our portfolio of Amazon Web Services -built solutions to common architectural problems.

Learn more 
Next-Steps-Icon_Find-a-Partner-B
Find a Partner

Find Amazon Web Services certified consulting and technology partners to help you get started.

Learn more 
Standard Product Icons (Start Building) Squid Ink
Start building in the console

Sign-up and start exploring our services.

Get started 
Online Live Chat

Chat With Cloud Computing Experts To Answer Your Questions

Online Live Chat

Chat With Cloud Computing Experts To Answer Your Questions

Contact Us by Hotline

1010 0766  Amazon Web Services China (Beijing) Region Operated By Sinnet
1010 0966  Amazon Web Services China (Ningxia) Region Operated By NWCD

Contact Us by Hotline

1010 0766  Amazon Web Services China (Beijing) Region Operated By Sinnet
1010 0966  Amazon Web Services China (Ningxia) Region Operated By NWCD

Contact Sales

Contact  Amazon Web Services experts to learn more about  Amazon Web Services

Contact Sales

Contact  Amazon Web Services experts to learn more about  Amazon Web Services