doc style adjustments: modules k*

plugins/modules/kdeconfig.py

@@ -17,12 +17,12 @@ description:
 options:
   path:
     description:
-      - Path to the config file. If the file does not exist it will be created.
+      - Path to the config file. If the file does not exist it is created.
     type: path
     required: true
   kwriteconfig_path:
     description:
-      - Path to the kwriteconfig executable. If not specified, Ansible will try to discover it.
+      - Path to the kwriteconfig executable. If not specified, Ansible tries to discover it.
     type: path
   values:
     description:

plugins/modules/keycloak_authentication_required_actions.py

@@ -49,7 +49,7 @@ options:
         type: dict
       defaultAction:
         description:
-          - Indicates, if any new user will have the required action assigned to it.
+          - Indicates whether new users have the required action assigned to them.
         type: bool
       enabled:
         description:
@@ -149,7 +149,7 @@ end_state:
       type: dict
     defaultAction:
       description:
-        - Indicates, if any new user will have the required action assigned to it.
+        - Indicates whether new users have the required action assigned to them.
       sample: false
       type: bool
     enabled:

plugins/modules/keycloak_authz_authorization_scope.py

@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the authorization scope.
-      - On V(present), the authorization scope will be created (or updated if it exists already).
+      - On V(present), the authorization scope is created (or updated if it exists already).
-      - On V(absent), the authorization scope will be removed if it exists.
+      - On V(absent), the authorization scope is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_authz_custom_policy.py

@@ -38,8 +38,8 @@ options:
   state:
     description:
       - State of the custom policy.
-      - On V(present), the custom policy will be created (or updated if it exists already).
+      - On V(present), the custom policy is created (or updated if it exists already).
-      - On V(absent), the custom policy will be removed if it exists.
+      - On V(absent), the custom policy is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_authz_permission.py

@@ -43,8 +43,8 @@ options:
   state:
     description:
       - State of the authorization permission.
-      - On V(present), the authorization permission will be created (or updated if it exists already).
+      - On V(present), the authorization permission is created (or updated if it exists already).
-      - On V(absent), the authorization permission will be removed if it exists.
+      - On V(absent), the authorization permission is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_client.py

@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the client.
-      - On V(present), the client will be created (or updated if it exists already).
+      - On V(present), the client are created (or updated if it exists already).
-      - On V(absent), the client will be removed if it exists.
+      - On V(absent), the client are removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -116,8 +116,8 @@ options:
   secret:
     description:
       - When using O(client_authenticator_type=client-secret) (the default), you can specify a secret here (otherwise one
-        will be generated if it does not exit). If changing this secret, the module will not register a change currently (but
+        is generated if it does not exit). If changing this secret, the module does not register a change currently (but the
-        the changed secret will be saved).
+        changed secret is saved).
     type: str
 
   registration_access_token:
@@ -130,8 +130,8 @@ options:
 
   default_roles:
     description:
-      - List of default roles for this client. If the client roles referenced do not exist yet, they will be created. This
+      - List of default roles for this client. If the client roles referenced do not exist yet, they are created. This is
-        is C(defaultRoles) in the Keycloak REST API.
+        C(defaultRoles) in the Keycloak REST API.
     aliases:
       - defaultRoles
     type: list
@@ -232,7 +232,7 @@ options:
   protocol:
     description:
       - Type of client.
-      - At creation only, default value will be V(openid-connect) if O(protocol) is omitted.
+      - At creation only, default value is V(openid-connect) if O(protocol) is omitted.
       - The V(docker-v2) value was added in community.general 8.6.0.
     type: str
     choices: ['openid-connect', 'saml', 'docker-v2']
@@ -261,7 +261,7 @@ options:
 
   client_template:
     description:
-      - Client template to use for this client. If it does not exist this field will silently be dropped. This is C(clientTemplate)
+      - Client template to use for this client. If it does not exist this field is silently dropped. This is C(clientTemplate)
         in the Keycloak REST API.
     type: str
     aliases:
@@ -454,7 +454,7 @@ options:
       - A dict of further attributes for this client. This can contain various configuration settings; an example is given
         in the examples section. While an exhaustive list of permissible options is not available; possible options as of
         Keycloak 3.4 are listed below. The Keycloak API does not validate whether a given option is appropriate for the protocol
-        used; if specified anyway, Keycloak will simply not use it.
+        used; if specified anyway, Keycloak does not use it.
     type: dict
     suboptions:
       saml.authnstatement:
@@ -532,7 +532,7 @@ options:
           - For OpenID-Connect clients, client certificate for validating JWT issued by client and signed by its key, base64-encoded.
       x509.subjectdn:
         description:
-          - For OpenID-Connect clients, subject which will be used to authenticate the client.
+          - For OpenID-Connect clients, subject which is used to authenticate the client.
         type: str
         version_added: 9.5.0
 
@@ -704,19 +704,31 @@ proposed:
   description: Representation of proposed client.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description: Representation of existing client (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of client after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_client_rolemapping.py

@@ -22,9 +22,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a client_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API
     to translate the name into the role ID.
 attributes:
@@ -39,9 +39,9 @@ options:
   state:
     description:
       - State of the client_rolemapping.
-      - On V(present), the client_rolemapping will be created if it does not yet exist, or updated with the parameters you
+      - On V(present), the client_rolemapping __FIXME__(will) be created if it does not yet exist, or updated with the parameters
-        provide.
+        you provide.
-      - On V(absent), the client_rolemapping will be removed if it exists.
+      - On V(absent), the client_rolemapping __FIXME__(will) be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -87,8 +87,8 @@ options:
     type: str
     description:
       - ID of the group to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   client_id:
     type: str
     description:
@@ -98,8 +98,8 @@ options:
     type: str
     description:
       - ID of the client to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the group.
@@ -115,8 +115,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -209,7 +209,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -217,7 +217,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -225,7 +231,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import (

plugins/modules/keycloak_client_rolescope.py

@@ -22,9 +22,9 @@ description:
     In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with
     the scope tailored to your needs and a user having the expected roles.
   - Client O(client_id) must have O(community.general.keycloak_client#module:full_scope_allowed) set to V(false).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 attributes:
   check_mode:
     support: full
@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the role mapping.
-      - On V(present), all roles in O(role_names) will be mapped if not exists yet.
+      - On V(present), all roles in O(role_names) are mapped if not exist yet.
-      - On V(absent), all roles mapping in O(role_names) will be removed if it exists.
+      - On V(absent), all roles mapping in O(role_names) are removed if it exists.
     default: 'present'
     type: str
     choices:

plugins/modules/keycloak_clientscope.py

@@ -22,9 +22,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a client_scope, where possible provide the client_scope ID to the module. This removes a lookup to the API
     to translate the name into the client_scope ID.
 attributes:
@@ -39,8 +39,8 @@ options:
   state:
     description:
       - State of the client_scope.
-      - On V(present), the client_scope will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the client_scope is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the client_scope will be removed if it exists.
+      - On V(absent), the client_scope is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -62,8 +62,8 @@ options:
     type: str
     description:
       - The unique identifier for this client_scope.
-      - This parameter is not required for updating or deleting a client_scope but providing it will reduce the number of
+      - This parameter is not required for updating or deleting a client_scope but providing it reduces the number of API
-        API calls required.
+        calls required.
   description:
     type: str
     description:
@@ -263,19 +263,31 @@ proposed:
   description: Representation of proposed client scope.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description: Representation of existing client scope (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of client scope after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_clientscope_type.py

@@ -99,20 +99,43 @@ proposed:
   description: Representation of proposed client-scope types mapping.
   returned: always
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": []
+    }
 existing:
   description:
     - Representation of client scopes before module execution.
   returned: always
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: ["phone"]}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": [
+        "phone"
+      ]
+    }
 end_state:
   description:
     - Representation of client scopes after module execution.
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []}
+  sample:
+    {
+      "default_clientscopes": [
+        "profile",
+        "role"
+      ],
+      "optional_clientscopes": []
+    }
 """
 
 from ansible.module_utils.basic import AnsibleModule

plugins/modules/keycloak_clientsecret_info.py

@@ -39,8 +39,8 @@ options:
   id:
     description:
       - The unique identifier for this client.
-      - This parameter is not required for getting or generating a client secret but providing it will reduce the number of
+      - This parameter is not required for getting or generating a client secret but providing it reduces the number of API
-        API calls required.
+        calls required.
     type: str
 
   client_id:

plugins/modules/keycloak_clientsecret_regenerate.py

@@ -43,8 +43,8 @@ options:
   id:
     description:
       - The unique identifier for this client.
-      - This parameter is not required for getting or generating a client secret but providing it will reduce the number of
+      - This parameter is not required for getting or generating a client secret but providing it reduces the number of API
-        API calls required.
+        calls required.
     type: str
 
   client_id:

plugins/modules/keycloak_clienttemplate.py

@@ -35,8 +35,8 @@ options:
   state:
     description:
       - State of the client template.
-      - On V(present), the client template will be created (or updated if it exists already).
+      - On V(present), the client template is created (or updated if it exists already).
-      - On V(absent), the client template will be removed if it exists.
+      - On V(absent), the client template is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -238,10 +238,7 @@ proposed:
   description: Representation of proposed client template.
   returned: always
   type: dict
-  sample:
+  sample: {"name": "test01"}
-    {
-      "name": "test01"
-    }
 
 existing:
   description: Representation of existing client template (sample is truncated).

plugins/modules/keycloak_component.py

@@ -35,8 +35,8 @@ options:
   state:
     description:
       - State of the Keycloak component.
-      - On V(present), the component will be created (or updated if it exists already).
+      - On V(present), the component is created (or updated if it exists already).
-      - On V(absent), the component will be removed if it exists.
+      - On V(absent), the component is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str

plugins/modules/keycloak_group.py

@@ -20,9 +20,9 @@ description:
     scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/20.0.2/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a group, where possible provide the group ID to the module. This removes a lookup to the API to translate
     the name into the group ID.
 attributes:
@@ -37,9 +37,9 @@ options:
   state:
     description:
       - State of the group.
-      - On V(present), the group will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the group is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the group will be removed if it exists. Be aware that absenting a group with subgroups will automatically
+      - On V(absent), the group is removed if it exists. Be aware that absenting a group with subgroups automatically deletes
-        delete all its subgroups too.
+        all its subgroups too.
     default: 'present'
     type: str
     choices:
@@ -61,8 +61,7 @@ options:
     type: str
     description:
       - The unique identifier for this group.
-      - This parameter is not required for updating or deleting a group but providing it will reduce the number of API calls
+      - This parameter is not required for updating or deleting a group but providing it reduces the number of API calls required.
-        required.
   attributes:
     type: dict
     description:
@@ -282,8 +281,7 @@ end_state:
       returned: always
       sample: []
     subGroups:
-      description: A list of groups that are children of this group. These groups will have the same parameters as documented
+      description: A list of groups that are children of this group. These groups have the same parameters as documented here.
-        here.
       type: list
       returned: always
     clientRoles:

plugins/modules/keycloak_identity_provider.py

@@ -34,9 +34,8 @@ options:
   state:
     description:
       - State of the identity provider.
-      - On V(present), the identity provider will be created if it does not yet exist, or updated with the parameters you
+      - On V(present), the identity provider is created if it does not yet exist, or updated with the parameters you provide.
-        provide.
+      - On V(absent), the identity provider is removed if it exists.
-      - On V(absent), the identity provider will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -148,14 +147,14 @@ options:
 
       sync_mode:
         description:
-          - Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers.
+          - Default sync mode for all mappers. The sync mode determines when user data is synced using the mappers.
         aliases:
           - syncMode
         type: str
 
       issuer:
         description:
-          - The issuer identifier for the issuer of the response. If not provided, no validation will be performed.
+          - The issuer identifier for the issuer of the response. If not provided, no validation is performed.
         type: str
 
       authorizationUrl:
@@ -205,7 +204,7 @@ options:
 
       useJwksUrl:
         description:
-          - If the switch is on, identity provider public keys will be downloaded from given JWKS URL.
+          - If V(true), identity provider public keys are downloaded from given JWKS URL.
         type: bool
 
       jwksUrl:
@@ -215,7 +214,7 @@ options:
 
       entityId:
         description:
-          - The Entity ID that will be used to uniquely identify this SAML Service Provider.
+          - The Entity ID that is used to uniquely identify this SAML Service Provider.
         type: str
 
       singleSignOnServiceUrl:

plugins/modules/keycloak_realm.py

@@ -39,8 +39,8 @@ options:
   state:
     description:
       - State of the realm.
-      - On V(present), the realm will be created (or updated if it exists already).
+      - On V(present), the realm is created (or updated if it exists already).
-      - On V(absent), the realm will be removed if it exists.
+      - On V(absent), the realm is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -553,19 +553,31 @@ proposed:
   description: Representation of proposed realm.
   returned: always
   type: dict
-  sample: {realm: "test"}
+  sample: {"realm": "test"}
 
 existing:
   description: Representation of existing realm (sample is truncated).
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description: Representation of realm after module execution (sample is truncated).
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_realm_info.py

@@ -19,9 +19,9 @@ description:
   - This module allows you to get Keycloak realm public information using the Keycloak REST API.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 extends_documentation_fragment:
   - community.general.attributes
   - community.general.attributes.info_module

plugins/modules/keycloak_realm_key.py

@@ -25,11 +25,9 @@ description:
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). Aliases are provided so camelCased versions can be used
     as well.
   - This module is unable to detect changes to the actual cryptographic key after importing it. However, if some other property
-    is changed alongside the cryptographic key, then the key will also get changed as a side-effect, as the JSON payload needs
+    is changed alongside the cryptographic key, then the key also changes as a side-effect, as the JSON payload needs to include
-    to include the private key. This can be considered either a bug or a feature, as the alternative would be to always update
+    the private key. This can be considered either a bug or a feature, as the alternative would be to always update the realm
-    the realm key whether it has changed or not.
+    key whether it has changed or not.
-  - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current
-    state of the certificate to the desired state (which may be empty) is not possible.
 attributes:
   check_mode:
     support: full
@@ -42,8 +40,8 @@ options:
   state:
     description:
       - State of the keycloak realm key.
-      - On V(present), the realm key will be created (or updated if it exists already).
+      - On V(present), the realm key is created (or updated if it exists already).
-      - On V(absent), the realm key will be removed if it exists.
+      - On V(absent), the realm key is removed if it exists.
     choices: ['present', 'absent']
     default: 'present'
     type: str
@@ -119,10 +117,10 @@ options:
 notes:
   - Current value of the private key cannot be fetched from Keycloak. Therefore comparing its desired state to the current
     state is not possible.
-  - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current
+  - If O(config.certificate) is not explicitly provided it is dynamically created by Keycloak. Therefore comparing the current
     state of the certificate to the desired state (which may be empty) is not possible.
   - Due to the private key and certificate options the module is B(not fully idempotent). You can use O(force=true) to force
-    the module to always update if you know that the private key might have changed.
+    the module to ensure update if you know that the private key might have changed.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -208,7 +206,21 @@ end_state:
       description: Realm key configuration.
       type: dict
       returned: when O(state=present)
-      sample: {"active": ["true"], "algorithm": ["RS256"], "enabled": ["true"], "priority": ["140"]}
+      sample:
+        {
+          "active": [
+            "true"
+          ],
+          "algorithm": [
+            "RS256"
+          ],
+          "enabled": [
+            "true"
+          ],
+          "priority": [
+            "140"
+          ]
+        }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/keycloak_realm_rolemapping.py

@@ -22,9 +22,9 @@ description:
     definition with the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/18.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a group_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API
     to translate the name into the role ID.
 attributes:
@@ -39,9 +39,8 @@ options:
   state:
     description:
       - State of the realm_rolemapping.
-      - On C(present), the realm_rolemapping will be created if it does not yet exist, or updated with the parameters you
+      - On C(present), the realm_rolemapping is created if it does not yet exist, or updated with the parameters you provide.
-        provide.
+      - On C(absent), the realm_rolemapping is removed if it exists.
-      - On C(absent), the realm_rolemapping will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -86,8 +85,8 @@ options:
     type: str
     description:
       - ID of the group to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the group.
@@ -103,8 +102,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -195,7 +194,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -203,7 +202,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -211,7 +216,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import (

plugins/modules/keycloak_role.py

@@ -22,9 +22,9 @@ description:
     scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
 attributes:
   check_mode:
     support: full
@@ -37,8 +37,8 @@ options:
   state:
     description:
       - State of the role.
-      - On V(present), the role will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the role is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the role will be removed if it exists.
+      - On V(absent), the role is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -195,10 +195,7 @@ proposed:
   description: Representation of proposed role.
   returned: always
   type: dict
-  sample:
+  sample: {"description": "My updated test description"}
-    {
-      "description": "My updated test description"
-    }
 
 existing:
   description: Representation of existing role.

plugins/modules/keycloak_user.py

@@ -101,9 +101,9 @@ options:
   groups:
     description:
       - List of groups for the user.
-        Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering).
+      - Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering). The path syntax
-        The path syntax allows you to reference subgroups, which is not possible otherwise.
+        allows you to reference subgroups, which is not possible otherwise.
-        This is possible since community.general 10.6.0.
+      - This is possible since community.general 10.6.0.
     type: list
     elements: dict
     default: []

plugins/modules/keycloak_user_federation.py

@@ -34,8 +34,8 @@ options:
   state:
     description:
       - State of the user federation.
-      - On V(present), the user federation will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the user federation is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the user federation will be removed if it exists.
+      - On V(absent), the user federation is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -50,7 +50,7 @@ options:
 
   id:
     description:
-      - The unique ID for this user federation. If left empty, the user federation will be searched by its O(name).
+      - The unique ID for this user federation. If left empty, the user federation is searched by its O(name).
     type: str
 
   name:
@@ -76,7 +76,7 @@ options:
 
   parent_id:
     description:
-      - Unique ID for the parent of this user federation. Realm ID will be automatically used if left blank.
+      - Unique ID for the parent of this user federation. Realm ID is automatically used if left blank.
     aliases:
       - parentId
     type: str
@@ -95,11 +95,11 @@ options:
         value with the desired value always evaluates to not equal. This means the before and desired states are never equal
         if the parameter is set.
       - Set to V(always) to include O(config.bindCredential) in the comparison of before and desired state. Because of the
-        redacted value returned by Keycloak the module will always detect a change and make an update if a O(config.bindCredential)
+        redacted value returned by Keycloak the module always detects a change and make an update if a O(config.bindCredential)
         value is set.
       - Set to V(only_indirect) to exclude O(config.bindCredential) when comparing the before state with the desired state.
-        The value of O(config.bindCredential) will only be updated if there are other changes to the user federation that
+        The value of O(config.bindCredential) is only updated if there are other changes to the user federation that require
-        require an update.
+        an update.
     type: str
     default: always
     choices:
@@ -129,14 +129,14 @@ options:
 
       importEnabled:
         description:
-          - If V(true), LDAP users will be imported into Keycloak DB and synced by the configured sync policies.
+          - If V(true), LDAP users are imported into Keycloak DB and synced by the configured sync policies.
         default: true
         type: bool
 
       editMode:
         description:
-          - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data will be synced back to LDAP on demand. V(UNSYNCED)
+          - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data is synced back to LDAP on demand. V(UNSYNCED) means
-            means user data will be imported, but not synced back to LDAP.
+            user data is imported, but not synced back to LDAP.
         type: str
         choices:
           - READ_ONLY
@@ -181,7 +181,7 @@ options:
       userObjectClasses:
         description:
           - All values of LDAP objectClass attribute for users in LDAP divided by comma. For example V(inetOrgPerson, organizationalPerson).
-            Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records
+            Newly created Keycloak users are written to LDAP with all those object classes and existing LDAP user records
             are found just if they contain all those object classes.
         type: str
 
@@ -222,7 +222,7 @@ options:
 
       bindDn:
         description:
-          - DN of LDAP user which will be used by Keycloak to access LDAP server.
+          - DN of LDAP user which is used by Keycloak to access LDAP server.
         type: str
 
       bindCredential:
@@ -232,7 +232,7 @@ options:
 
       startTls:
         description:
-          - Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling.
+          - Encrypts the connection to LDAP using STARTTLS, which disables connection pooling.
         default: false
         type: bool
 
@@ -258,11 +258,11 @@ options:
 
       useTruststoreSpi:
         description:
-          - Specifies whether LDAP connection will use the truststore SPI with the truststore configured in standalone.xml/domain.xml.
+          - Specifies whether LDAP connection uses the truststore SPI with the truststore configured in standalone.xml/domain.xml.
-            V(always) means that it will always use it. V(never) means that it will not use it. V(ldapsOnly) means that it
+            V(always) means that it always uses it. V(never) means that it does not use it. V(ldapsOnly) means that it uses
-            will use if your connection URL use ldaps.
+            if your connection URL use ldaps.
           - Note even if standalone.xml/domain.xml is not configured, the default Java cacerts or certificate specified by
-            C(javax.net.ssl.trustStore) property will be used.
+            C(javax.net.ssl.trustStore) property is used.
         default: ldapsOnly
         type: str
         choices:
@@ -335,8 +335,8 @@ options:
 
       allowKerberosAuthentication:
         description:
-          - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will
+          - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users is
-            be provisioned from this LDAP server.
+            provisioned from this LDAP server.
         default: false
         type: bool
 
@@ -348,9 +348,9 @@ options:
       krbPrincipalAttribute:
         description:
           - Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after
-            successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based
+            successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user is looked up based on
-            on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG),
+            LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG),
-            it will assume that LDAP username is V(john).
+            it assumes that LDAP username is V(john).
         type: str
         version_added: 8.1.0
 
@@ -419,17 +419,17 @@ options:
 
       evictionDay:
         description:
-          - Day of the week the entry will become invalid on.
+          - Day of the week the entry is set to become invalid on.
         type: str
 
       evictionHour:
         description:
-          - Hour of day the entry will become invalid on.
+          - Hour of day the entry is set to become invalid on.
         type: str
 
       evictionMinute:
         description:
-          - Minute of day the entry will become invalid on.
+          - Minute of day the entry is set to become invalid on.
         type: str
 
       maxLifespan:
@@ -461,12 +461,12 @@ options:
 
       name:
         description:
-          - Name of the mapper. If no ID is given, the mapper will be searched by name.
+          - Name of the mapper. If no ID is given, the mapper is searched by name.
         type: str
 
       parentId:
         description:
-          - Unique ID for the parent of this mapper. ID of the user federation will automatically be used if left blank.
+          - Unique ID for the parent of this mapper. ID of the user federation is automatically used if left blank.
         type: str
 
       providerId:

plugins/modules/keycloak_user_rolemapping.py

@@ -21,9 +21,9 @@ description:
     the scope tailored to your needs and a user having the expected roles.
   - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation
     at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
-  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that
+  - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way
-    way by this module. You may pass single values for attributes when calling the module, and this will be translated into
+    by this module. You may pass single values for attributes when calling the module, and this is translated into a list
-    a list suitable for the API.
+    suitable for the API.
   - When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to
     translate the name into the role ID.
 attributes:
@@ -38,8 +38,8 @@ options:
   state:
     description:
       - State of the user_rolemapping.
-      - On V(present), the user_rolemapping will be created if it does not yet exist, or updated with the parameters you provide.
+      - On V(present), the user_rolemapping is created if it does not yet exist, or updated with the parameters you provide.
-      - On V(absent), the user_rolemapping will be removed if it exists.
+      - On V(absent), the user_rolemapping is removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -61,14 +61,14 @@ options:
     type: str
     description:
       - ID of the user to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   service_account_user_client_id:
     type: str
     description:
       - Client ID of the service-account-user to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   client_id:
     type: str
     description:
@@ -79,8 +79,8 @@ options:
     type: str
     description:
       - ID of the client to be mapped.
-      - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of
+      - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
-        API calls required.
+        calls required.
   roles:
     description:
       - Roles to be mapped to the user.
@@ -96,8 +96,8 @@ options:
         type: str
         description:
           - The unique identifier for this role_representation.
-          - This parameter is not required for updating or deleting a role_representation but providing it will reduce the
+          - This parameter is not required for updating or deleting a role_representation but providing it reduces the number
-            number of API calls required.
+            of API calls required.
 extends_documentation_fragment:
   - community.general.keycloak
   - community.general.keycloak.actiongroup_keycloak
@@ -190,7 +190,7 @@ proposed:
   description: Representation of proposed client role mapping.
   returned: always
   type: dict
-  sample: {clientId: "test"}
+  sample: {"clientId": "test"}
 
 existing:
   description:
@@ -198,7 +198,13 @@ existing:
     - The sample is truncated.
   returned: always
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 
 end_state:
   description:
@@ -206,7 +212,13 @@ end_state:
     - The sample is truncated.
   returned: on success
   type: dict
-  sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
+  sample:
+    {
+      "adminUrl": "http://www.example.com/admin_url",
+      "attributes": {
+        "request.object.signature.alg": "RS256"
+      }
+    }
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, \

plugins/modules/keycloak_userprofile.py

@@ -33,9 +33,8 @@ options:
   state:
     description:
       - State of the User Profile provider.
-      - On V(present), the User Profile provider will be created if it does not yet exist, or updated with the parameters
+      - On V(present), the User Profile provider is created if it does not yet exist, or updated with the parameters you provide.
-        you provide.
+      - On V(absent), the User Profile provider is removed if it exists.
-      - On V(absent), the User Profile provider will be removed if it exists.
     default: 'present'
     type: str
     choices:
@@ -171,7 +170,7 @@ options:
 
               group:
                 description:
-                  - Specifies the User Profile group where this attribute will be added.
+                  - Specifies the User Profile group where this attribute is added.
                 type: str
 
               permissions:
@@ -406,7 +405,7 @@ data:
   description: The data returned by the Keycloak API.
   returned: when state is present
   type: dict
-  sample: {'...': '...'}
+  sample: {"...": "..."}
 """
 
 from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \

plugins/modules/kibana_plugin.py

@@ -59,11 +59,11 @@ options:
   version:
     description:
       - Version of the plugin to be installed.
-      - If plugin exists with previous version, plugin will B(not) be updated unless O(force) is set to V(true).
+      - If the plugin is installed with in a previous version, it is B(not) updated unless O(force=true).
     type: str
   force:
     description:
-      - Delete and re-install the plugin. Can be useful for plugins update.
+      - Delete and re-install the plugin. It can be useful for plugins update.
     type: bool
     default: false
   allow_root:

plugins/modules/krb_ticket.py

@@ -30,7 +30,7 @@ options:
   principal:
     description:
       - The principal name.
-      - If not set, the user running this module will be used.
+      - If not set, the user running this module is used.
     type: str
   state:
     description:
@@ -50,17 +50,17 @@ options:
       - Use O(cache_name) as the ticket cache name and location.
       - If this option is not used, the default cache name and location are used.
       - The default credentials cache may vary between systems.
-      - If not set the the value of E(KRB5CCNAME) environment variable will be used instead, its value is used to name the
+      - If not set the the value of E(KRB5CCNAME) environment variable is used instead, its value is used to name the default
-        default ticket cache.
+        ticket cache.
     type: str
   lifetime:
     description:
       - Requests a ticket with the lifetime, if the O(lifetime) is not specified, the default ticket lifetime is used.
-      - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) will not override the
+      - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) does not override the
         configured maximum ticket lifetime.
       - 'The value for O(lifetime) must be followed by one of the following suffixes: V(s) - seconds, V(m) - minutes, V(h)
         - hours, V(d) - days.'
-      - You cannot mix units; a value of V(3h30m) will result in an error.
+      - You cannot mix units; a value of V(3h30m) results in an error.
       - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference.
     type: str
   start_time:
@@ -78,7 +78,7 @@ options:
       - Requests renewable tickets, with a total lifetime equal to O(renewable).
       - 'The value for O(renewable) must be followed by one of the following delimiters: V(s) - seconds, V(m) - minutes, V(h)
         - hours, V(d) - days.'
-      - You cannot mix units; a value of V(3h30m) will result in an error.
+      - You cannot mix units; a value of V(3h30m) results in an error.
       - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference.
     type: str
   forwardable:
@@ -119,7 +119,7 @@ options:
   keytab:
     description:
       - Requests a ticket, obtained from a key in the local host's keytab.
-      - If O(keytab_path) is not specified will try to use default client keytab path (C(-i) option).
+      - If O(keytab_path) is not specified it tries to use default client keytab path (C(-i) option).
     type: bool
   keytab_path:
     description: