Sold by: cloudimg
Deployed on AWS
Free Trial
AWS Free Tier
This product has charges associated with it for seller support. Keycloak, the open source identity and access management platform, preinstalled with a PostgreSQL backend and ready to use behind an nginx reverse proxy. A per instance bootstrap administrator password is generated on first boot. Backed by round-the-clock cloudimg support.
Overview
Image
Keycloak sign in page
Image
Master realm overview
Image
Clients list
Image
Users page
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
Overview Keycloak is the leading open source identity and access management platform. It provides single sign on, social login, identity brokering, user federation, fine grained authorization, OpenID Connect and SAML 2.0 for web, mobile and API workloads. This image delivers Keycloak fully installed and configured against a local PostgreSQL backend, so a complete identity provider is running within minutes of launch.
Identity Stack Keycloak 26.x running as a systemd service on OpenJDK 21 headless. The Keycloak server listens on 127.0.0.1:8080 behind an nginx reverse proxy on TCP port 80, with X-Forwarded headers, websocket upgrade for the admin console event stream and large request body support. The management interface for health and metrics listens on the loopback on port 9000 with the /health/ready endpoint enabled.
PostgreSQL Backend Keycloak persists realms, clients, users, role mappings, group hierarchies, federation links, event logs and online sessions to a dedicated PostgreSQL 16 database. The database lives on its own independently resizable data volume, separate from the operating system disk, so you can grow storage without touching the application tier.
Secure First Boot On the first boot of your instance a one shot service generates a fresh Keycloak bootstrap administrator password, unique to that instance, provisions the cloudimg administrator via the Keycloak bootstrap admin command, and stores the plain text value in a root only file. The legacy temporary administrator user is not created, so the image never carries shared or default credentials.
Ready To Use The Keycloak service, the nginx reverse proxy, the Java 21 runtime, the PostgreSQL backend and the administrator account are all prepared. Browse to your instance public address on port 80, follow the Administration Console link, and sign in as the cloudimg administrator. The Keycloak hostname is set from the resolved customer public address on first boot so issuer URIs and admin console URLs are correct from the start.
cloudimg Support 24/7 technical support by email and chat. Help with realm modelling, identity provider federation, OpenID Connect and SAML client configuration, theming, custom authenticators and upgrades.
Use Cases Single sign on across web and mobile applications. OpenID Connect and SAML 2.0 identity provider. Customer identity and access management. Workforce identity for internal applications. Identity brokering to social and enterprise identity providers. Fine grained authorization for APIs and microservices.
All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Highlights
- Keycloak preinstalled with a dedicated PostgreSQL backend, fronted by an nginx reverse proxy on port 80, OpenID Connect and SAML 2.0 ready
- Hardened first boot generates a fresh Keycloak administrator password for every instance and stores it in a file only the root user can read, no shared or default credentials
- Round-the-clock technical support from cloudimg, with expert assistance for realm modelling, identity federation, OIDC and SAML client configuration and upgrades
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 24.04
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 7 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Description | Cost/hour |
|---|---|---|
m5.large Recommended | m5.large | $0.08 |
t2.micro | t2.micro instance type | $0.04 |
t3.micro | t3.micro instance type | $0.04 |
c8i.metal-48xl | c8i.metal-48xl instance type | $0.24 |
r6idn.4xlarge | r6idn.4xlarge instance type | $0.24 |
c5a.4xlarge | c5a.4xlarge instance type | $0.24 |
c8in.12xlarge | c8in.12xlarge instance type | $0.24 |
r6id.metal | r6id.metal instance type | $0.24 |
r5n.large | r5n.large instance type | $0.08 |
m8i.16xlarge | m8i.16xlarge instance type | $0.24 |
Vendor refund policy
Refunds available on request.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release of Keycloak 26.x identity and access management platform.
Additional details
Usage instructions
Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). Keycloak is fronted by nginx on TCP port 80. Browse to http://<instance-public-ip>/ and follow the Administration Console link, then sign in as the 'cloudimg' user. Retrieve the generated administrator password with: sudo cat /root/keycloak-credentials.txt. Restrict port 80 to trusted networks until you have configured TLS (the user guide includes an nginx HTTPS section).
Resources
Vendor resources
Support
Vendor support
cloudimg provides 24/7 technical support for this product by email and live chat. Our engineers help with deployment, configuration, updates, performance tuning and troubleshooting; critical issues receive a one hour average response. Contact support@cloudimg.co.uk .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
This product has charges associated with it for seller support. Keycloak is an open-source identity and access management (IAM) solution designed to secure applications and services. Developed by Red Hat, Keycloak simplifies user authentication, authorization, and user management, offering a centralized platform for handling identity-related tasks. It supports various authentication methods, including social logins, single sign-on (SSO), and multi-factor authentication, making it a versatile solution for securing web applications, mobile apps, and APIs.
Up-to-date, secure, and ready to deploy on Kubernetes. Keycloak is a high performance Java-based identity and access management solution. It lets developers add an authentication layer to their applications with minimum effort.
This product has a fee associated with the provision and deployment of the application and AMI support. KeyCloak is an open source identity and access management solution which mainly aims at applications and services.
KeyCloak is an Identity and Access Management Solution. Add authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users.
This product includes charges for the installation of Keycloak
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.