Resource Type: keycloak_flow_execution

Defined in:
lib/puppet/type/keycloak_flow_execution.rb
Providers:
kcadm

Overview

Manage a Keycloak flow Autorequires * keycloak_realm defined for realm parameter * keycloak_flow of value defined for flow_alias * keycloak_flow if they share same flow_alias value and the other resource index is lower * keycloak_flow_execution if flow_alias is the same and other index is lower

Examples:

Add an execution to a flow

keycloak_flow_execution { 'auth-cookie under browser-with-duo on test':
  ensure       => 'present',
  configurable => false,
  display_name => 'Cookie',
  index        => 0,
  requirement  => 'ALTERNATIVE',
}

Add an execution to a execution flow that is one level deeper than top level

keycloak_flow_execution { 'auth-username-password-form under form-browser-with-duo on test':
  ensure       => 'present',
  configurable => false,
  display_name => 'Username Password Form',
  index        => 0,
  requirement  => 'REQUIRED',
}

Add an execution with a configuration

keycloak_flow_execution { 'duo-mfa-authenticator under form-browser-with-duo on test':
  ensure       => 'present',
  configurable => true,
  display_name => 'Duo MFA',
  alias        => 'Duo',
  config       => {
    "duomfa.akey"    => "foo-akey",
    "duomfa.apihost" => "api-foo.duosecurity.com",
    "duomfa.skey"    => "secret",
    "duomfa.ikey"    => "foo-ikey",
    "duomfa.groups"  => "duo"
  },
  requirement  => 'REQUIRED',
  index        => 1,
}

Properties

  • config

    execution config

  • configurable

    configurable

    Supported values:
    • true
    • false
  • ensure (defaults to: present)

    The basic property that the resource should be in.

    Supported values:
    • present
    • absent
  • index

    execution index

  • requirement (defaults to: DISABLED)

    requirement

    Supported values:
    • DISABLED
    • ALTERNATIVE
    • REQUIRED
    • CONDITIONAL
    • disabled
    • alternative
    • required
    • conditional

Parameters

  • alias

    alias

  • config_id

    read-only config ID

  • display_name

    displayName

  • flow_alias

    flowAlias

  • id

    read-only Id

  • name (namevar)

    The flow execution name

  • provider

    The specific backend to use for this keycloak_flow_execution resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.

  • provider_id

    provider

  • realm

    realm