[PR #10415/f50b52b4 backport][stable-11] keycloak_realm: Add missing brute force attributes (#10635)

keycloak_realm: Add missing brute force attributes (#10415) * Add brute_force_strategy * Add max_temporary_lockouts * Add changelog * Update changelogs/fragments/10415-keycloak-realm-brute-force-attributes.yml * Update plugins/modules/keycloak_realm.py * Update plugins/modules/keycloak_realm.py --------- (cherry picked from commit f50b52b462) Co-authored-by: maxblome <53860633+maxblome@users.noreply.github.com> Co-authored-by: Felix Fontein <felix@fontein.de>
2025-08-11 08:34:21 -07:00 · 2025-08-10 13:52:06 +02:00 · 2025-08-10 13:52:06 +02:00 · bdfa91b3df
commit bdfa91b3df
parent 0123222ba8
2 changed files with 19 additions and 0 deletions
--- a/changelogs/fragments/10415-keycloak-realm-brute-force-attributes.yml
+++ b/changelogs/fragments/10415-keycloak-realm-brute-force-attributes.yml
@ -0,0 +1,2 @@
+minor_changes:
+  - keycloak_realm - add support for ``brute_force_strategy`` and ``max_temporary_lockouts`` (https://github.com/ansible-collections/community.general/issues/10412, https://github.com/ansible-collections/community.general/pull/10415).
--- a/plugins/modules/keycloak_realm.py
+++ b/plugins/modules/keycloak_realm.py
@ -141,6 +141,14 @@ options:
    aliases:
      - bruteForceProtected
    type: bool
+  brute_force_strategy:
+    description:
+      - The realm brute force strategy.
+    aliases:
+      - bruteForceStrategy
+    choices: ['LINEAR', 'MULTIPLE']
+    type: str
+    version_added: 11.2.0
  client_authentication_flow:
    description:
      - The realm client authentication flow.
@ -302,6 +310,13 @@ options:
    aliases:
      - maxFailureWaitSeconds
    type: int
+  max_temporary_lockouts:
+    description:
+      - The realm max temporary lockouts.
+    aliases:
+      - maxTemporaryLockouts
+    type: int
+    version_added: 11.2.0
  minimum_quick_login_wait_seconds:
    description:
      - The realm minimum quick login wait in seconds.
@ -692,6 +707,7 @@ def main():
        browser_flow=dict(type='str', aliases=['browserFlow']),
        browser_security_headers=dict(type='dict', aliases=['browserSecurityHeaders']),
        brute_force_protected=dict(type='bool', aliases=['bruteForceProtected']),
+        brute_force_strategy=dict(type='str', choices=['LINEAR', 'MULTIPLE'], aliases=['bruteForceStrategy']),
        client_authentication_flow=dict(type='str', aliases=['clientAuthenticationFlow']),
        client_scope_mappings=dict(type='dict', aliases=['clientScopeMappings']),
        default_default_client_scopes=dict(type='list', elements='str', aliases=['defaultDefaultClientScopes']),
@ -718,6 +734,7 @@ def main():
        login_with_email_allowed=dict(type='bool', aliases=['loginWithEmailAllowed']),
        max_delta_time_seconds=dict(type='int', aliases=['maxDeltaTimeSeconds']),
        max_failure_wait_seconds=dict(type='int', aliases=['maxFailureWaitSeconds']),
+        max_temporary_lockouts=dict(type='int', aliases=['maxTemporaryLockouts']),
        minimum_quick_login_wait_seconds=dict(type='int', aliases=['minimumQuickLoginWaitSeconds']),
        not_before=dict(type='int', aliases=['notBefore']),
        offline_session_idle_timeout=dict(type='int', aliases=['offlineSessionIdleTimeout']),