doc style adjustments: modules [jk]* (#10420)

* doc style adjustments: modules j*

* doc style adjustments: modules k*

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_realm_key.py

---------

Co-authored-by: Felix Fontein <felix@fontein.de>

plugins/modules/java_cert.py

@@ -32,7 +32,7 @@ options:
   cert_port:
     description:
       - Port to connect to URL.
-      - This will be used to create server URL:PORT.
+      - This is used to create server URL:PORT.
     type: int
     default: 443
   cert_path:
@@ -98,8 +98,8 @@ options:
   state:
     description:
       - Defines action which can be either certificate import or removal.
-      - When state is present, the certificate will always idempotently be inserted into the keystore, even if there already
+      - When O(state=present), the certificate is always inserted into the keystore, even if there already exists a cert alias
-        exists a cert alias that is different.
+        that is different.
     type: str
     choices: [absent, present]
     default: present

plugins/modules/java_keystore.py

@@ -24,8 +24,8 @@ options:
   name:
     description:
       - Name of the certificate in the keystore.
-      - If the provided name does not exist in the keystore, the module will re-create the keystore. This behavior changed
+      - If the provided name does not exist in the keystore, the module re-creates the keystore. This behavior changed in
-        in community.general 3.0.0, before that the module would fail when the name did not match.
+        community.general 3.0.0, before that the module would fail when the name did not match.
     type: str
     required: true
   certificate:
@@ -62,7 +62,7 @@ options:
   password:
     description:
       - Password that should be used to secure the keystore.
-      - If the provided password fails to unlock the keystore, the module will re-create the keystore with the new passphrase.
+      - If the provided password fails to unlock the keystore, the module re-creates the keystore with the new passphrase.
         This behavior changed in community.general 3.0.0, before that the module would fail when the password did not match.
     type: str
     required: true
@@ -130,7 +130,7 @@ notes:
     or with the P(ansible.builtin.file#lookup) lookup), while O(certificate_path) and O(private_key_path) require that the
     files are available on the target host.
   - By design, any change of a value of options O(keystore_type), O(name) or O(password), as well as changes of key or certificate
-    materials will cause the existing O(dest) to be overwritten.
+    materials causes the existing O(dest) to be overwritten.
 """
 
 EXAMPLES = r"""

plugins/modules/jenkins_build_info.py

@@ -30,7 +30,7 @@ options:
   build_number:
     description:
       - An integer which specifies a build of a job.
-      - If not specified the last build information will be returned.
+      - If not specified the last build information is returned.
     type: int
   password:
     description:

plugins/modules/jenkins_credential.py

@@ -10,13 +10,13 @@ from __future__ import absolute_import, division, print_function
 __metaclass__ = type
 
 DOCUMENTATION = r"""
----
 module: jenkins_credential
-short_description: Manage Jenkins credentials and domains via API
+short_description: Manage Jenkins credentials and domains through API
 version_added: 11.1.0
 description:
-  - This module allows managing Jenkins credentials and domain scopes via the Jenkins HTTP API.
+  - This module allows managing Jenkins credentials and domain scopes through the Jenkins HTTP API.
-  - Create, update, and delete different credential types such as C(username/password), C(secret text), C(SSH key), C(certificates), C(GitHub App), and domains.
+  - Create, update, and delete different credential types such as C(username/password), C(secret text), C(SSH key), C(certificates),
+    C(GitHub App), and domains.
   - For scoped domains (O(type=scope)), it supports restrictions based on V(hostname), V(hostname:port), V(path), and V(scheme).
 requirements:
   - urllib3 >= 1.26.0
@@ -170,7 +170,7 @@ options:
   inc_path:
     description:
       - List of URL paths to include when matching credentials to domains.
-      - "B(Matching is hierarchical): subpaths of excluded paths are also excluded, even if explicitly included."
+      - 'B(Matching is hierarchical): subpaths of excluded paths are also excluded, even if explicitly included.'
     type: list
     elements: str
   exc_path:

plugins/modules/jenkins_job.py

@@ -76,8 +76,8 @@ options:
     type: bool
     default: true
     description:
-      - If set to V(false), the SSL certificates will not be validated. This should only set to V(false) used on personally
+      - If set to V(false), the SSL certificates are not validated. This should only set to V(false) used on personally controlled
-        controlled sites using self-signed certificates as it avoids verifying the source site.
+        sites using self-signed certificates as it avoids verifying the source site.
       - The C(python-jenkins) library only handles this by using the environment variable E(PYTHONHTTPSVERIFY).
     version_added: 2.3.0
 """

plugins/modules/jenkins_job_info.py

@@ -53,7 +53,7 @@ options:
       - User to authenticate with the Jenkins server.
   validate_certs:
     description:
-      - If set to V(false), the SSL certificates will not be validated.
+      - If set to V(false), the SSL certificates are not validated.
       - This should only set to V(false) used on personally controlled sites using self-signed certificates.
     default: true
     type: bool

plugins/modules/jenkins_node.py

@@ -65,9 +65,9 @@ options:
   offline_message:
     description:
       - Specifies the offline reason message to be set when configuring the Jenkins node state.
-      - If O(offline_message) is given and requested O(state) is not V(disabled), an error will be raised.
+      - If O(offline_message) is given and requested O(state) is not V(disabled), an error is raised.
       - Internally O(offline_message) is set using the V(toggleOffline) API, so updating the message when the node is already
-        offline (current state V(disabled)) is not possible. In this case, a warning will be issued.
+        offline (current state V(disabled)) is not possible. In this case, a warning is issued.
     type: str
     version_added: 10.0.0
 """

plugins/modules/jenkins_plugin.py

@@ -51,7 +51,7 @@ options:
     type: str
     description:
       - Desired plugin state.
-      - If set to V(latest), the check for new version will be performed every time. This is suitable to keep the plugin up-to-date.
+      - If set to V(latest), the check for new version is performed every time. This is suitable to keep the plugin up-to-date.
     choices: [absent, present, pinned, unpinned, enabled, disabled, latest]
     default: present
   timeout:
@@ -64,8 +64,8 @@ options:
     description:
       - Number of seconds after which a new copy of the C(update-center.json) file is downloaded. This is used to avoid the
         need to download the plugin to calculate its checksum when O(state=latest) is specified.
-      - Set it to V(0) if no cache file should be used. In that case, the plugin file will always be downloaded to calculate
+      - Set it to V(0) if no cache file should be used. In that case, the plugin file is always downloaded to calculate its
-        its checksum when O(state=latest) is specified.
+        checksum when O(state=latest) is specified.
     default: 86400
   updates_url:
     type: list

plugins/modules/jenkins_script.py

@@ -39,8 +39,8 @@ options:
     default: http://localhost:8080
   validate_certs:
     description:
-      - If set to V(false), the SSL certificates will not be validated. This should only set to V(false) used on personally
+      - If set to V(false), the SSL certificates are not validated. This should only set to V(false) used on personally controlled
-        controlled sites using self-signed certificates as it avoids verifying the source site.
+        sites using self-signed certificates as it avoids verifying the source site.
     type: bool
     default: true
   user:

plugins/modules/jira.py

@@ -117,14 +117,13 @@ options:
     suboptions:
       type:
         description:
-          - Use type to specify which of the JIRA visibility restriction types will be used.
+          - Use O(comment_visibility.type) to specify which of the JIRA visibility restriction types is used.
         type: str
         required: true
         choices: [group, role]
       value:
         description:
-          - Use value to specify value corresponding to the type of visibility restriction. For example name of the group
+          - Specify value corresponding to the type of visibility restriction. For example name of the group or role.
-            or role.
         type: str
         required: true
     version_added: '3.2.0'
@@ -165,12 +164,12 @@ options:
     type: str
     required: false
     description:
-      - Set issue from which link will be created.
+      - Set issue from which link is created.
   outwardissue:
     type: str
     required: false
     description:
-      - Set issue to which link will be created.
+      - Set issue to which link is created.
   fields:
     type: dict
     required: false
@@ -192,7 +191,7 @@ options:
   maxresults:
     required: false
     description:
-      - Limit the result of O(operation=search). If no value is specified, the default jira limit will be used.
+      - Limit the result of O(operation=search). If no value is specified, the default JIRA limit is used.
       - Used when O(operation=search) only, ignored otherwise.
     type: int
     version_added: '0.2.0'
@@ -226,12 +225,12 @@ options:
       content:
         type: str
         description:
-          - The Base64 encoded contents of the file to attach. If not specified, the contents of O(attachment.filename) will
+          - The Base64 encoded contents of the file to attach. If not specified, the contents of O(attachment.filename) is
-            be used instead.
+            used instead.
       mimetype:
         type: str
         description:
-          - The MIME type to supply for the upload. If not specified, best-effort detection will be done.
+          - The MIME type to supply for the upload. If not specified, best-effort detection is performed.
 notes:
   - Currently this only works with basic-auth, or tokens.
   - To use with JIRA Cloud, pass the login e-mail as the O(username) and the API token as O(password).

plugins/modules/kdeconfig.py

@@ -17,12 +17,12 @@ description:
 options:
   path:
     description:
-      - Path to the config file. If the file does not exist it will be created.
+      - Path to the config file. If the file does not exist it is created.
     type: path
     required: true
   kwriteconfig_path:
     description:
-      - Path to the kwriteconfig executable. If not specified, Ansible will try to discover it.
+      - Path to the kwriteconfig executable. If not specified, Ansible tries to discover it.
     type: path
   values:
     description:

plugins/modules/keycloak_authentication_required_actions.py

@@ -49,7 +49,7 @@ options:
         type: dict
       defaultAction:
         description:
-          - Indicates, if any new user will have the required action assigned to it.
+          - Indicates whether new users have the required action assigned to them.
         type: bool
       enabled:
         description:
@@ -149,7 +149,7 @@ end_state:
       type: dict
     defaultAction:
       description:
-        - Indicates, if any new user will have the required action assigned to it.
+        - Indicates whether new users have the required action assigned to them.
       sample: false
       type: bool
     enabled:

plugins/modules/keycloak_authz_authorization_scope.py

@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the authorization scope.
-      - On V(present), the authorization scope will be created (or updated if it exists already).
+      - On V(present), the authorization scope is created (or updated if it exists already).
-      - On V(absent), the authorization scope will be removed if it exists.
+      - On V(absent), the authorization scope is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_authz_custom_policy.py

@@ -38,8 +38,8 @@ options:
   state:
     description:
       - State of the custom policy.
-      - On V(present), the custom policy will be created (or updated if it exists already).
+      - On V(present), the custom policy is created (or updated if it exists already).
-      - On V(absent), the custom policy will be removed if it exists.
+      - On V(absent), the custom policy is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_authz_permission.py

@@ -43,8 +43,8 @@ options:
   state:
     description:
       - State of the authorization permission.
-      - On V(present), the authorization permission will be created (or updated if it exists already).
+      - On V(present), the authorization permission is created (or updated if it exists already).
-      - On V(absent), the authorization permission will be removed if it exists.
+      - On V(absent), the authorization permission is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_client.py

@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the client.
-      - On V(present), the client will be created (or updated if it exists already).
+      - On V(present), the client are created (or updated if it exists already).
-      - On V(absent), the client will be removed if it exists.
+      - On V(absent), the client are removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -116,8 +116,8 @@ options:
   secret:
     description:
       - When using O(client_authenticator_type=client-secret) (the default), you can specify a secret here (otherwise one
-        will be generated if it does not exit). If changing this secret, the module will not register a change currently (but
+        is generated if it does not exit). If changing this secret, the module does not register a change currently (but the
-        the changed secret will be saved).
+        changed secret is saved).
     type: str
 
   registration_access_token:
@@ -130,8 +130,8 @@ options:
 
   default_roles:
     description:
-      - List of default roles for this client. If the client roles referenced do not exist yet, they will be created. This
+      - List of default roles for this client. If the client roles referenced do not exist yet, they are created. This is
-        is C(defaultRoles) in the Keycloak REST API.
+        C(defaultRoles) in the Keycloak REST API.
     aliases:
       - defaultRoles
     type: list
@@ -232,7 +232,7 @@ options:
   protocol:
     description:
       - Type of client.
-      - At creation only, default value will be V(openid-connect) if O(protocol) is omitted.
+      - At creation only, default value is V(openid-connect) if O(protocol) is omitted.
       - The V(docker-v2) value was added in community.general 8.6.0.
     type: str
     choices: ['openid-connect', 'saml', 'docker-v2']
@@ -261,7 +261,7 @@ options:
 
   client_template:
     description:
-      - Client template to use for this client. If it does not exist this field will silently be dropped. This is C(clientTemplate)
+      - Client template to use for this client. If it does not exist this field is silently dropped. This is C(clientTemplate)
         in the Keycloak REST API.
     type: str
     aliases:
@@ -454,7 +454,7 @@ options:
       - A dict of further attributes for this client. This can contain various configuration settings; an example is given
         in the examples section. While an exhaustive list of permissible options is not available; possible options as of
         Keycloak 3.4 are listed below. The Keycloak API does not validate whether a given option is appropriate for the protocol
-        used; if specified anyway, Keycloak will simply not use it.
+        used; if specified anyway, Keycloak does not use it.
     type: dict
     suboptions:
       saml.authnstatement:
@@ -532,7 +532,7 @@ options:
           - For OpenID-Connect clients, client certificate for validating JWT issued by client and signed by its key, base64-encoded.
       x509.subjectdn:
         description:
-          - For OpenID-Connect clients, subject which will be used to authenticate the client.
+          - For OpenID-Connect clients, subject which is used to authenticate the client.
         type: str
         version_added: 9.5.0
 
@@ -704,19 +704,31 @@ proposed:
   description: Representation of proposed client.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description: Representation of existing client (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of client after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_client_rolemapping.py

@@ -22,9 +22,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a client_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API
     to translate the name into the role ID.
 attributes:
@@ -39,9 +39,9 @@ options:
   state:
     description:
       - State of the client_rolemapping.
-      - On V(present), the client_rolemapping will be created if it does not yet exist, or updated with the parameters you
+      - On V(present), the client_rolemapping is created if it does not yet exist, or updated with the parameters
-        provide.
+        you provide.
-      - On V(absent), the client_rolemapping will be removed if it exists.
+      - On V(absent), the client_rolemapping is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -87,8 +87,8 @@ options:
     type: str
     description:
       - ID of the group to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   client_id:
     type: str
     description:
@@ -98,8 +98,8 @@ options:
     type: str
     description:
       - ID of the client to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the group.
@@ -115,8 +115,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -209,7 +209,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -217,7 +217,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -225,7 +231,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import (

plugins/modules/keycloak_client_rolescope.py

@@ -22,9 +22,9 @@ description:
     In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with
     the scope tailored to your needs and a user having the expected roles.
   - Client O(client_id) must have O(community.general.keycloak_client#module:full_scope_allowed) set to V(false).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 attributes:
   check_mode:
     support: full
@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the role mapping.
-      - On V(present), all roles in O(role_names) will be mapped if not exists yet.
+      - On V(present), all roles in O(role_names) are mapped if not exist yet.
-      - On V(absent), all roles mapping in O(role_names) will be removed if it exists.
+      - On V(absent), all roles mapping in O(role_names) are removed if it exists.
     default: 'present'
     type: str
     choices:

plugins/modules/keycloak_clientscope.py

@@ -22,9 +22,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a client_scope, where possible provide the client_scope ID to the module. This removes a lookup to the API
     to translate the name into the client_scope ID.
 attributes:
@@ -39,8 +39,8 @@ options:
   state:
     description:
       - State of the client_scope.
-      - On V(present), the client_scope will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the client_scope is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the client_scope will be removed if it exists.
+      - On V(absent), the client_scope is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -62,8 +62,8 @@ options:
     type: str
     description:
       - The unique identifier for this client_scope.
-      - This parameter is not required for updating or deleting a client_scope but providing it will reduce the number of
+      - This parameter is not required for updating or deleting a client_scope but providing it reduces the number of API
-        API calls required.
+        calls required.
   description:
     type: str
     description:
@@ -263,19 +263,31 @@ proposed:
   description: Representation of proposed client scope.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description: Representation of existing client scope (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of client scope after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_clientscope_type.py

@@ -99,20 +99,43 @@ proposed:
   description: Representation of proposed client-scope types mapping.
   returned: always
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": []
+    }
 existing:
   description:
     - Representation of client scopes before module execution.
   returned: always
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: ["phone"]}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": [
+        "phone"
+      ]
+    }
 end_state:
   description:
     - Representation of client scopes after module execution.
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": []
+    }
 """
 
 from ansible.module_utils.basic import AnsibleModule

plugins/modules/keycloak_clientsecret_info.py

@@ -39,8 +39,8 @@ options:
   id:
     description:
       - The unique identifier for this client.
-      - This parameter is not required for getting or generating a client secret but providing it will reduce the number of
+      - This parameter is not required for getting or generating a client secret but providing it reduces the number of API
-        API calls required.
+        calls required.
     type: str
 
   client_id:

plugins/modules/keycloak_clientsecret_regenerate.py

@@ -43,8 +43,8 @@ options:
   id:
     description:
       - The unique identifier for this client.
-      - This parameter is not required for getting or generating a client secret but providing it will reduce the number of
+      - This parameter is not required for getting or generating a client secret but providing it reduces the number of API
-        API calls required.
+        calls required.
     type: str
 
   client_id:

plugins/modules/keycloak_clienttemplate.py

@@ -35,8 +35,8 @@ options:
   state:
     description:
       - State of the client template.
-      - On V(present), the client template will be created (or updated if it exists already).
+      - On V(present), the client template is created (or updated if it exists already).
-      - On V(absent), the client template will be removed if it exists.
+      - On V(absent), the client template is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -238,10 +238,7 @@ proposed:
   description: Representation of proposed client template.
   returned: always
   type: dict
-  sample:
+  sample: {"name": "test01"}
-    {
-      "name": "test01"
-    }
 
 existing:
   description: Representation of existing client template (sample is truncated).

plugins/modules/keycloak_component.py

@@ -35,8 +35,8 @@ options:
   state:
     description:
       - State of the Keycloak component.
-      - On V(present), the component will be created (or updated if it exists already).
+      - On V(present), the component is created (or updated if it exists already).
-      - On V(absent), the component will be removed if it exists.
+      - On V(absent), the component is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_group.py

@@ -20,9 +20,9 @@ description:
     scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/20.0.2/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a group, where possible provide the group ID to the module. This removes a lookup to the API to translate
     the name into the group ID.
 attributes:
@@ -37,9 +37,9 @@ options:
   state:
     description:
       - State of the group.
-      - On V(present), the group will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the group is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the group will be removed if it exists. Be aware that absenting a group with subgroups will automatically
+      - On V(absent), the group is removed if it exists. Be aware that absenting a group with subgroups automatically deletes
-        delete all its subgroups too.
+        all its subgroups too.
     default: 'present'
     type: str
     choices:
@@ -61,8 +61,7 @@ options:
     type: str
     description:
       - The unique identifier for this group.
-      - This parameter is not required for updating or deleting a group but providing it will reduce the number of API calls
+      - This parameter is not required for updating or deleting a group but providing it reduces the number of API calls required.
-        required.
   attributes:
     type: dict
     description:
@@ -282,8 +281,7 @@ end_state:
       returned: always
       sample: []
     subGroups:
-      description: A list of groups that are children of this group. These groups will have the same parameters as documented
+      description: A list of groups that are children of this group. These groups have the same parameters as documented here.
-        here.
       type: list
       returned: always
     clientRoles:

plugins/modules/keycloak_identity_provider.py

@@ -34,9 +34,8 @@ options:
   state:
     description:
       - State of the identity provider.
-      - On V(present), the identity provider will be created if it does not yet exist, or updated with the parameters you
+      - On V(present), the identity provider is created if it does not yet exist, or updated with the parameters you provide.
-        provide.
+      - On V(absent), the identity provider is removed if it exists.
-      - On V(absent), the identity provider will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -148,14 +147,14 @@ options:
 
       sync_mode:
         description:
-          - Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers.
+          - Default sync mode for all mappers. The sync mode determines when user data is synced using the mappers.
         aliases:
           - syncMode
         type: str
 
       issuer:
         description:
-          - The issuer identifier for the issuer of the response. If not provided, no validation will be performed.
+          - The issuer identifier for the issuer of the response. If not provided, no validation is performed.
         type: str
 
       authorizationUrl:
@@ -205,7 +204,7 @@ options:
 
       useJwksUrl:
         description:
-          - If the switch is on, identity provider public keys will be downloaded from given JWKS URL.
+          - If V(true), identity provider public keys are downloaded from given JWKS URL.
         type: bool
 
       jwksUrl:
@@ -215,7 +214,7 @@ options:
 
       entityId:
         description:
-          - The Entity ID that will be used to uniquely identify this SAML Service Provider.
+          - The Entity ID that is used to uniquely identify this SAML Service Provider.
         type: str
 
       singleSignOnServiceUrl:

plugins/modules/keycloak_realm.py

@@ -39,8 +39,8 @@ options:
   state:
     description:
       - State of the realm.
-      - On V(present), the realm will be created (or updated if it exists already).
+      - On V(present), the realm is created (or updated if it exists already).
-      - On V(absent), the realm will be removed if it exists.
+      - On V(absent), the realm is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -553,19 +553,31 @@ proposed:
   description: Representation of proposed realm.
   returned: always
   type: dict
-  sample: {realm: "test"}
+  sample: {"realm": "test"}
 
 existing:
   description: Representation of existing realm (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of realm after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_realm_info.py

@@ -19,9 +19,9 @@ description:
   - This module allows you to get Keycloak realm public information using the Keycloak REST API.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 extends_documentation_fragment:
   - community.general.attributes
   - community.general.attributes.info_module

plugins/modules/keycloak_realm_key.py

@@ -25,11 +25,9 @@ description:
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). Aliases are provided so camelCased versions can be used
     as well.
   - This module is unable to detect changes to the actual cryptographic key after importing it. However, if some other property
-    is changed alongside the cryptographic key, then the key will also get changed as a side-effect, as the JSON payload needs
+    is changed alongside the cryptographic key, then the key also changes as a side-effect, as the JSON payload needs to include
-    to include the private key. This can be considered either a bug or a feature, as the alternative would be to always update
+    the private key. This can be considered either a bug or a feature, as the alternative would be to always update the realm
-    the realm key whether it has changed or not.
+    key whether it has changed or not.
-  - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current
-    state of the certificate to the desired state (which may be empty) is not possible.
 attributes:
   check_mode:
     support: full
@@ -42,8 +40,8 @@ options:
   state:
     description:
       - State of the keycloak realm key.
-      - On V(present), the realm key will be created (or updated if it exists already).
+      - On V(present), the realm key is created (or updated if it exists already).
-      - On V(absent), the realm key will be removed if it exists.
+      - On V(absent), the realm key is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -119,10 +117,10 @@ options:
 notes:
   - Current value of the private key cannot be fetched from Keycloak. Therefore comparing its desired state to the current
     state is not possible.
-  - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current
+  - If O(config.certificate) is not explicitly provided it is dynamically created by Keycloak. Therefore comparing the current
     state of the certificate to the desired state (which may be empty) is not possible.
   - Due to the private key and certificate options the module is B(not fully idempotent). You can use O(force=true) to force
-    the module to always update if you know that the private key might have changed.
+    the module to ensure updating if you know that the private key might have changed.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -208,7 +206,21 @@ end_state:
       description: Realm key configuration.
       type: dict
       returned: when O(state=present)
-      sample: {"active": ["true"], "algorithm": ["RS256"], "enabled": ["true"], "priority": ["140"]}
+      sample:
+        {
+          "active": [
+            "true"
+          ],
+          "algorithm": [
+            "RS256"
+          ],
+          "enabled": [
+            "true"
+          ],
+          "priority": [
+            "140"
+          ]
+        }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_realm_rolemapping.py

@@ -22,9 +22,9 @@ description:
     definition with the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/18.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a group_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API
     to translate the name into the role ID.
 attributes:
@@ -39,9 +39,8 @@ options:
   state:
     description:
       - State of the realm_rolemapping.
-      - On C(present), the realm_rolemapping will be created if it does not yet exist, or updated with the parameters you
+      - On C(present), the realm_rolemapping is created if it does not yet exist, or updated with the parameters you provide.
-        provide.
+      - On C(absent), the realm_rolemapping is removed if it exists.
-      - On C(absent), the realm_rolemapping will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -86,8 +85,8 @@ options:
     type: str
     description:
       - ID of the group to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the group.
@@ -103,8 +102,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -195,7 +194,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -203,7 +202,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -211,7 +216,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import (

plugins/modules/keycloak_role.py

@@ -22,9 +22,9 @@ description:
     scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 attributes:
   check_mode:
     support: full
@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the role.
-      - On V(present), the role will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the role is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the role will be removed if it exists.
+      - On V(absent), the role is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -195,10 +195,7 @@ proposed:
   description: Representation of proposed role.
   returned: always
   type: dict
-  sample:
+  sample: {"description": "My updated test description"}
-    {
-      "description": "My updated test description"
-    }
 
 existing:
   description: Representation of existing role.

plugins/modules/keycloak_user.py

@@ -101,9 +101,9 @@ options:
   groups:
     description:
       - List of groups for the user.
-        Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering).
+      - Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering). The path syntax
-        The path syntax allows you to reference subgroups, which is not possible otherwise.
+        allows you to reference subgroups, which is not possible otherwise.
-        This is possible since community.general 10.6.0.
+      - Using the path is possible since community.general 10.6.0.
     type: list
     elements: dict
     default: []

plugins/modules/keycloak_user_federation.py

@@ -34,8 +34,8 @@ options:
   state:
     description:
       - State of the user federation.
-      - On V(present), the user federation will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the user federation is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the user federation will be removed if it exists.
+      - On V(absent), the user federation is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -50,7 +50,7 @@ options:
 
   id:
     description:
-      - The unique ID for this user federation. If left empty, the user federation will be searched by its O(name).
+      - The unique ID for this user federation. If left empty, the user federation is searched by its O(name).
     type: str
 
   name:
@@ -76,7 +76,7 @@ options:
 
   parent_id:
     description:
-      - Unique ID for the parent of this user federation. Realm ID will be automatically used if left blank.
+      - Unique ID for the parent of this user federation. Realm ID is automatically used if left blank.
     aliases:
       - parentId
     type: str
@@ -95,11 +95,11 @@ options:
         value with the desired value always evaluates to not equal. This means the before and desired states are never equal
         if the parameter is set.
       - Set to V(always) to include O(config.bindCredential) in the comparison of before and desired state. Because of the
-        redacted value returned by Keycloak the module will always detect a change and make an update if a O(config.bindCredential)
+        redacted value returned by Keycloak the module always detects a change and make an update if a O(config.bindCredential)
         value is set.
       - Set to V(only_indirect) to exclude O(config.bindCredential) when comparing the before state with the desired state.
-        The value of O(config.bindCredential) will only be updated if there are other changes to the user federation that
+        The value of O(config.bindCredential) is only updated if there are other changes to the user federation that require
-        require an update.
+        an update.
     type: str
     default: always
     choices:
@@ -129,14 +129,14 @@ options:
 
       importEnabled:
         description:
-          - If V(true), LDAP users will be imported into Keycloak DB and synced by the configured sync policies.
+          - If V(true), LDAP users are imported into Keycloak DB and synced by the configured sync policies.
         default: true
         type: bool
 
       editMode:
         description:
-          - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data will be synced back to LDAP on demand. V(UNSYNCED)
+          - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data is synced back to LDAP on demand. V(UNSYNCED) means
-            means user data will be imported, but not synced back to LDAP.
+            user data is imported, but not synced back to LDAP.
         type: str
         choices:
           - READ_ONLY
@@ -181,7 +181,7 @@ options:
       userObjectClasses:
         description:
           - All values of LDAP objectClass attribute for users in LDAP divided by comma. For example V(inetOrgPerson, organizationalPerson).
-            Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records
+            Newly created Keycloak users are written to LDAP with all those object classes and existing LDAP user records
             are found just if they contain all those object classes.
         type: str
 
@@ -222,7 +222,7 @@ options:
 
       bindDn:
         description:
-          - DN of LDAP user which will be used by Keycloak to access LDAP server.
+          - DN of LDAP user which is used by Keycloak to access LDAP server.
         type: str
 
       bindCredential:
@@ -232,7 +232,7 @@ options:
 
       startTls:
         description:
-          - Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling.
+          - Encrypts the connection to LDAP using STARTTLS, which disables connection pooling.
         default: false
         type: bool
 
@@ -258,11 +258,11 @@ options:
 
       useTruststoreSpi:
         description:
-          - Specifies whether LDAP connection will use the truststore SPI with the truststore configured in standalone.xml/domain.xml.
+          - Specifies whether LDAP connection uses the truststore SPI with the truststore configured in standalone.xml/domain.xml.
-            V(always) means that it will always use it. V(never) means that it will not use it. V(ldapsOnly) means that it
+            V(always) means that it always uses it. V(never) means that it does not use it. V(ldapsOnly) means that it uses
-            will use if your connection URL use ldaps.
+            if your connection URL use ldaps.
           - Note even if standalone.xml/domain.xml is not configured, the default Java cacerts or certificate specified by
-            C(javax.net.ssl.trustStore) property will be used.
+            C(javax.net.ssl.trustStore) property is used.
         default: ldapsOnly
         type: str
         choices:
@@ -335,8 +335,8 @@ options:
 
       allowKerberosAuthentication:
         description:
-          - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will
+          - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users is
-            be provisioned from this LDAP server.
+            provisioned from this LDAP server.
         default: false
         type: bool
 
@@ -348,9 +348,9 @@ options:
       krbPrincipalAttribute:
         description:
           - Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after
-            successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based
+            successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user is looked up based on
-            on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG),
+            LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG),
-            it will assume that LDAP username is V(john).
+            it assumes that LDAP username is V(john).
         type: str
         version_added: 8.1.0
 
@@ -419,17 +419,17 @@ options:
 
       evictionDay:
         description:
-          - Day of the week the entry will become invalid on.
+          - Day of the week the entry is set to become invalid on.
         type: str
 
       evictionHour:
         description:
-          - Hour of day the entry will become invalid on.
+          - Hour of day the entry is set to become invalid on.
         type: str
 
       evictionMinute:
         description:
-          - Minute of day the entry will become invalid on.
+          - Minute of day the entry is set to become invalid on.
         type: str
 
       maxLifespan:
@@ -461,12 +461,12 @@ options:
 
       name:
         description:
-          - Name of the mapper. If no ID is given, the mapper will be searched by name.
+          - Name of the mapper. If no ID is given, the mapper is searched by name.
         type: str
 
       parentId:
         description:
-          - Unique ID for the parent of this mapper. ID of the user federation will automatically be used if left blank.
+          - Unique ID for the parent of this mapper. ID of the user federation is automatically used if left blank.
         type: str
 
       providerId:

plugins/modules/keycloak_user_rolemapping.py

@@ -21,9 +21,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to
     translate the name into the role ID.
 attributes:
@@ -38,8 +38,8 @@ options:
   state:
     description:
       - State of the user_rolemapping.
-      - On V(present), the user_rolemapping will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the user_rolemapping is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the user_rolemapping will be removed if it exists.
+      - On V(absent), the user_rolemapping is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -61,14 +61,14 @@ options:
     type: str
     description:
       - ID of the user to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   service_account_user_client_id:
     type: str
     description:
       - Client ID of the service-account-user to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   client_id:
     type: str
     description:
@@ -79,8 +79,8 @@ options:
     type: str
     description:
       - ID of the client to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the user.
@@ -96,8 +96,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -190,7 +190,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -198,7 +198,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -206,7 +212,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, \

plugins/modules/keycloak_userprofile.py

@@ -33,9 +33,8 @@ options:
   state:
     description:
       - State of the User Profile provider.
-      - On V(present), the User Profile provider will be created if it does not yet exist, or updated with the parameters
+      - On V(present), the User Profile provider is created if it does not yet exist, or updated with the parameters you provide.
-        you provide.
+      - On V(absent), the User Profile provider is removed if it exists.
-      - On V(absent), the User Profile provider will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -171,7 +170,7 @@ options:
 
               group:
                 description:
-                  - Specifies the User Profile group where this attribute will be added.
+                  - Specifies the User Profile group where this attribute is added.
                 type: str
 
               permissions:
@@ -406,7 +405,6 @@ data:
   description: The data returned by the Keycloak API.
   returned: when state is present
   type: dict
-  sample: {'...': '...'}
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/kibana_plugin.py

@@ -59,11 +59,11 @@ options:
   version:
     description:
       - Version of the plugin to be installed.
-      - If plugin exists with previous version, plugin will B(not) be updated unless O(force) is set to V(true).
+      - If the plugin is installed with in a previous version, it is B(not) updated unless O(force=true).
     type: str
   force:
     description:
-      - Delete and re-install the plugin. Can be useful for plugins update.
+      - Delete and re-install the plugin. It can be useful for plugins update.
     type: bool
     default: false
   allow_root:

plugins/modules/krb_ticket.py

@@ -30,7 +30,7 @@ options:
   principal:
     description:
       - The principal name.
-      - If not set, the user running this module will be used.
+      - If not set, the user running this module is used.
     type: str
   state:
     description:
@@ -50,17 +50,17 @@ options:
       - Use O(cache_name) as the ticket cache name and location.
       - If this option is not used, the default cache name and location are used.
       - The default credentials cache may vary between systems.
-      - If not set the the value of E(KRB5CCNAME) environment variable will be used instead, its value is used to name the
+      - If not set the the value of E(KRB5CCNAME) environment variable is used instead, its value is used to name the default
-        default ticket cache.
+        ticket cache.
     type: str
   lifetime:
     description:
       - Requests a ticket with the lifetime, if the O(lifetime) is not specified, the default ticket lifetime is used.
-      - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) will not override the
+      - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) does not override the
         configured maximum ticket lifetime.
       - 'The value for O(lifetime) must be followed by one of the following suffixes: V(s) - seconds, V(m) - minutes, V(h)
         - hours, V(d) - days.'
-      - You cannot mix units; a value of V(3h30m) will result in an error.
+      - You cannot mix units; a value of V(3h30m) results in an error.
       - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference.
     type: str
   start_time:
@@ -78,7 +78,7 @@ options:
       - Requests renewable tickets, with a total lifetime equal to O(renewable).
       - 'The value for O(renewable) must be followed by one of the following delimiters: V(s) - seconds, V(m) - minutes, V(h)
         - hours, V(d) - days.'
-      - You cannot mix units; a value of V(3h30m) will result in an error.
+      - You cannot mix units; a value of V(3h30m) results in an error.
       - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference.
     type: str
   forwardable:
@@ -119,7 +119,7 @@ options:
   keytab:
     description:
       - Requests a ticket, obtained from a key in the local host's keytab.
-      - If O(keytab_path) is not specified will try to use default client keytab path (C(-i) option).
+      - If O(keytab_path) is not specified it tries to use default client keytab path (C(-i) option).
     type: bool
   keytab_path:
     description: