diff --git a/changelogs/fragments/keycloak_realm_ssl_required.yml b/changelogs/fragments/keycloak_realm_ssl_required.yml new file mode 100644 index 0000000000..7476612e2f --- /dev/null +++ b/changelogs/fragments/keycloak_realm_ssl_required.yml @@ -0,0 +1,3 @@ +--- +bugfixes: + - keycloak_realm - ``ssl_required`` changed from a boolean type to accept the strings ``none``, ``external`` or ``all``. This is not a breaking change since the module always failed when a boolean was supplied (https://github.com/ansible-collections/community.general/pull/2693). diff --git a/plugins/modules/identity/keycloak/keycloak_realm.py b/plugins/modules/identity/keycloak/keycloak_realm.py index 7e80bd3d3d..cacbc11d2e 100644 --- a/plugins/modules/identity/keycloak/keycloak_realm.py +++ b/plugins/modules/identity/keycloak/keycloak_realm.py @@ -439,9 +439,10 @@ options: ssl_required: description: - The realm ssl required option. + choices: ['all', 'external', 'none'] aliases: - sslRequired - type: bool + type: str sso_session_idle_timeout: description: - The realm sso session idle timeout. @@ -657,7 +658,7 @@ def main(): reset_password_allowed=dict(type='bool', aliases=['resetPasswordAllowed']), revoke_refresh_token=dict(type='bool', aliases=['revokeRefreshToken']), smtp_server=dict(type='dict', aliases=['smtpServer']), - ssl_required=dict(type='bool', aliases=['sslRequired']), + ssl_required=dict(choices=["external", "all", "none"], aliases=['sslRequired']), sso_session_idle_timeout=dict(type='int', aliases=['ssoSessionIdleTimeout']), sso_session_idle_timeout_remember_me=dict(type='int', aliases=['ssoSessionIdleTimeoutRememberMe']), sso_session_max_lifespan=dict(type='int', aliases=['ssoSessionMaxLifespan']),