Support for managed cloud-provider Databases or other Databases in Red Hat build of Keycloak (e.g AWS RDS/Aurora PostgreSQL, etc.)

Solution Verified - Updated

Environment

  • Red Hat build of Keycloak (RHBK)
    • 24.0.x
    • 22.0.x
  • Cloud-Providers Managed Databases
    • e.g. Amazon RDS/Aurora
    • e.g. Azure SQL managed databases , Azure Database for PostgreSQL
  • Other Databases
    • e.g. IBM DB2
    • e.g. MongoDB

Issue

  • Does Red Hat build of Keycloak support running with databases from Content from aws.amazon.com is not included.Amazon RDS ?
  • Is Content from aws.amazon.com is not included.Amazon Aurora database supported in Red Hat build of Keycloak ?
  • AWS offers Amazon RDS (Amazon Relational Databases Services) with a different flavor of database engines (including Amazon Aurora with MySQL compatibility, Amazon Aurora with PostgreSQL compatibility, MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server). Is Red Hat build of Keycloak supported when running with any of these Databases from Amazon RDS ?
  • What other cloud-providers Databases are supported in Red Hat build of Keycloak?
  • What other on-premises Databases vendors are supported in Red Hat build of Keycloak?

Resolution

Red Hat build of Keycloak is supported with the databases (and their corresponding versions) as explicitly listed in the Red Hat build of Keycloak Supported Configurations. Those are the only databases that are tested and certified by QE, hence fully supported by Red Hat.

Red Hat cannot test and scale the Red Hat build of Keycloak databases support matrix to add a lot more Databases all the way. Supporting multiple databases in Red Hat build of Keycloak has a huge maintenance cost, while not really adding much values compared to a set of high-value core IAM features Red Hat may want to add into the product.

As an exception to the official list of supported databases, a commercially reasonable support is available to Red Hat build of Keycloak customers running with only the following databases:

  • AWS RDS PostgreSQL

The commercially reasonable support here means that a customer can run a production level deployment with any of the above databases list, though these are not officially tested, certified and supported in Red Hat build of Keycloak yet. Prior to a production deployment with using any of these databases, the customer must perform a full test coverage with the chosen database, including in-depth performance and stability testing. Red Hat also expects the customer to use an equivalent version number of the PostgreSQL engine as the one tested in the Red Hat build of Keycloak Supported Configurations.

Red Hat reserves the right to ask the customer to re-create an issue in a tested/certified environment, if the source of a problem cannot be positively isolated to the Red Hat build of Keycloak product or if the database used is likely suspected to be the source of the issue.


Notes: Red Hat may add support for more managed cloud-provider Databases in future releases of Red Hat build of Keycloak, but this is yet to be defined and confirmed. If this may happen, it would likely come with a reduction of the database support matrix (i.e. some of the on-premises databases will likely be dropped from the supported configurations in favor of adding more cloud-managed databases). Red Hat encourages customers to prioritize running Red Hat build of Keycloak with cloud-PostgreSQL flavor databases since they are the ones to be likely considered for additional official support (i.e AWS RDS PostgreSQL to start with).

Product(s)

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.