diff --git a/src/main/cljc/dda/c4k_keycloak/core.cljc b/src/main/cljc/dda/c4k_keycloak/core.cljc
index bed2602..2005f86 100644
--- a/src/main/cljc/dda/c4k_keycloak/core.cljc
+++ b/src/main/cljc/dda/c4k_keycloak/core.cljc
@@ -38,7 +38,8 @@
         (cm/concat-vec
          (ns/generate config)
          (postgres/generate-config config)
-         [(kc/generate-service config)
+         [(kc/generate-configmap config)
+          (kc/generate-service config)
           (kc/generate-deployment config)]
          (kc/generate-ratelimit-ingress config)
          (when (contains? config :mon-cfg)
diff --git a/src/main/cljc/dda/c4k_keycloak/keycloak.cljc b/src/main/cljc/dda/c4k_keycloak/keycloak.cljc
index 89e3355..15f35f7 100644
--- a/src/main/cljc/dda/c4k_keycloak/keycloak.cljc
+++ b/src/main/cljc/dda/c4k_keycloak/keycloak.cljc
@@ -51,6 +51,15 @@
      (cm/replace-all-matching "ADMIN_USER" (b64/encode keycloak-admin-user))
      (cm/replace-all-matching "ADMIN_PASS" (b64/encode keycloak-admin-password)))))
 
+(defn-spec generate-configmap cp/map-or-seq?
+  [config config?]
+  (let [{:keys [namespace fqdn]} config]
+    (->
+     (yaml/load-as-edn "keycloak/configmap.yaml")
+     (cm/replace-all-matching "NAMESPACE" namespace)
+     (cm/replace-all-matching "FQDN" fqdn)
+     (cm/replace-all-matching "ADMIN_FQDN" (str "control." fqdn))))) ; TODO Document this
+
 (defn-spec generate-service cp/map-or-seq? 
   [config config?]
   (let [{:keys [namespace]} config]
diff --git a/src/main/resources/keycloak/configmap.yaml b/src/main/resources/keycloak/configmap.yaml
index 2bafea9..f7a3a03 100644
--- a/src/main/resources/keycloak/configmap.yaml
+++ b/src/main/resources/keycloak/configmap.yaml
@@ -1,4 +1,3 @@
-# TODO: Make generate-configmap function
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -10,10 +9,9 @@ data:
   KC_HOSTNAME: FQDN
   KC_HOSTNAME_ADMIN: ADMIN_FQDN
   KC_PROXY: edge         
-  DB_VENDOR: POSTGRES
-  DB_ADDR: postgresql-service
-  DB_SCHEMA: public
-  DB_DATABASE: postgres
+  KC_DB: postgres
+  KC_DB_URL_HOST: postgresql-service
+  KC_DB_URL_PORT: 5432
   # TODO Do we need to enable http, as we are behind ingress?
   # KC_HTTP_ENABLED: true
   # TODO Maybe also enable load shedding
diff --git a/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc b/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc
index 1ca53e3..ab19808 100644
--- a/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc
+++ b/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc
@@ -22,6 +22,21 @@
                                :postgres-db-user "keycloak"
                                :postgres-db-password "db-password"}))))
 
+(deftest should-generate-configmap
+  (is (= {:apiVersion "v1",
+          :kind "ConfigMap",
+          :metadata {:name "keycloak-env", :namespace "keycloak"},
+          :data
+          {:KC_HTTPS_CERTIFICATE_FILE "/etc/certs/tls.crt",
+           :KC_HTTPS_CERTIFICATE_KEY_FILE "/etc/certs/tls.key",
+           :KC_HOSTNAME "test.de" ,
+           :KC_HOSTNAME_ADMIN "control.test.de",
+           :KC_PROXY "edge",
+           :KC_DB "postgres",
+           :KC_DB_URL_HOST "postgresql-service",
+           :KC_DB_URL_PORT 5432}}
+         (cut/generate-configmap {:namespace "keycloak" :fqdn "test.de"}))))
+
 (deftest should-generate-deployment
   (is (= {:name "keycloak", :namespace "keycloak", :labels {:app "keycloak"}}
          (:metadata (cut/generate-deployment {:fqdn "example.com" :namespace "keycloak"})))))