v1alpha1

package
v0.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 8, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=realm.keycloak.crossplane.io +versionName=v1alpha1

Index

Constants

View Source
const (
	CRDGroup   = "realm.keycloak.crossplane.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var (
	KeystoreRsa_Kind             = "KeystoreRsa"
	KeystoreRsa_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: KeystoreRsa_Kind}.String()
	KeystoreRsa_KindAPIVersion   = KeystoreRsa_Kind + "." + CRDGroupVersion.String()
	KeystoreRsa_GroupVersionKind = CRDGroupVersion.WithKind(KeystoreRsa_Kind)
)

Repository type metadata.

View Source
var (
	Realm_Kind             = "Realm"
	Realm_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Realm_Kind}.String()
	Realm_KindAPIVersion   = Realm_Kind + "." + CRDGroupVersion.String()
	Realm_GroupVersionKind = CRDGroupVersion.WithKind(Realm_Kind)
)

Repository type metadata.

View Source
var (
	RequiredAction_Kind             = "RequiredAction"
	RequiredAction_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: RequiredAction_Kind}.String()
	RequiredAction_KindAPIVersion   = RequiredAction_Kind + "." + CRDGroupVersion.String()
	RequiredAction_GroupVersionKind = CRDGroupVersion.WithKind(RequiredAction_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type AuthInitParameters added in v0.5.0

type AuthInitParameters struct {

	// The SMTP server password.
	PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"`

	// The SMTP server username.
	Username *string `json:"username,omitempty" tf:"username,omitempty"`
}

func (*AuthInitParameters) DeepCopy added in v0.5.0

func (in *AuthInitParameters) DeepCopy() *AuthInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthInitParameters.

func (*AuthInitParameters) DeepCopyInto added in v0.5.0

func (in *AuthInitParameters) DeepCopyInto(out *AuthInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthObservation

type AuthObservation struct {

	// The SMTP server username.
	Username *string `json:"username,omitempty" tf:"username,omitempty"`
}

func (*AuthObservation) DeepCopy

func (in *AuthObservation) DeepCopy() *AuthObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthObservation.

func (*AuthObservation) DeepCopyInto

func (in *AuthObservation) DeepCopyInto(out *AuthObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthParameters

type AuthParameters struct {

	// The SMTP server password.
	// +kubebuilder:validation:Optional
	PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"`

	// The SMTP server username.
	// +kubebuilder:validation:Optional
	Username *string `json:"username" tf:"username,omitempty"`
}

func (*AuthParameters) DeepCopy

func (in *AuthParameters) DeepCopy() *AuthParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthParameters.

func (*AuthParameters) DeepCopyInto

func (in *AuthParameters) DeepCopyInto(out *AuthParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BruteForceDetectionInitParameters added in v0.5.0

type BruteForceDetectionInitParameters struct {

	// When will failure count be reset?
	FailureResetTimeSeconds *float64 `json:"failureResetTimeSeconds,omitempty" tf:"failure_reset_time_seconds,omitempty"`

	MaxFailureWaitSeconds *float64 `json:"maxFailureWaitSeconds,omitempty" tf:"max_failure_wait_seconds,omitempty"`

	// How many failures before wait is triggered.
	MaxLoginFailures *float64 `json:"maxLoginFailures,omitempty" tf:"max_login_failures,omitempty"`

	// How long to wait after a quick login failure.
	MinimumQuickLoginWaitSeconds *float64 `json:"minimumQuickLoginWaitSeconds,omitempty" tf:"minimum_quick_login_wait_seconds,omitempty"`

	// When true, this will lock the user permanently when the user exceeds the maximum login failures.
	PermanentLockout *bool `json:"permanentLockout,omitempty" tf:"permanent_lockout,omitempty"`

	// Configures the amount of time, in milliseconds, for consecutive failures to lock a user out.
	QuickLoginCheckMilliSeconds *float64 `json:"quickLoginCheckMilliSeconds,omitempty" tf:"quick_login_check_milli_seconds,omitempty"`

	// This represents the amount of time a user should be locked out when the login failure threshold has been met.
	WaitIncrementSeconds *float64 `json:"waitIncrementSeconds,omitempty" tf:"wait_increment_seconds,omitempty"`
}

func (*BruteForceDetectionInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BruteForceDetectionInitParameters.

func (*BruteForceDetectionInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BruteForceDetectionObservation

type BruteForceDetectionObservation struct {

	// When will failure count be reset?
	FailureResetTimeSeconds *float64 `json:"failureResetTimeSeconds,omitempty" tf:"failure_reset_time_seconds,omitempty"`

	MaxFailureWaitSeconds *float64 `json:"maxFailureWaitSeconds,omitempty" tf:"max_failure_wait_seconds,omitempty"`

	// How many failures before wait is triggered.
	MaxLoginFailures *float64 `json:"maxLoginFailures,omitempty" tf:"max_login_failures,omitempty"`

	// How long to wait after a quick login failure.
	MinimumQuickLoginWaitSeconds *float64 `json:"minimumQuickLoginWaitSeconds,omitempty" tf:"minimum_quick_login_wait_seconds,omitempty"`

	// When true, this will lock the user permanently when the user exceeds the maximum login failures.
	PermanentLockout *bool `json:"permanentLockout,omitempty" tf:"permanent_lockout,omitempty"`

	// Configures the amount of time, in milliseconds, for consecutive failures to lock a user out.
	QuickLoginCheckMilliSeconds *float64 `json:"quickLoginCheckMilliSeconds,omitempty" tf:"quick_login_check_milli_seconds,omitempty"`

	// This represents the amount of time a user should be locked out when the login failure threshold has been met.
	WaitIncrementSeconds *float64 `json:"waitIncrementSeconds,omitempty" tf:"wait_increment_seconds,omitempty"`
}

func (*BruteForceDetectionObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BruteForceDetectionObservation.

func (*BruteForceDetectionObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BruteForceDetectionParameters

type BruteForceDetectionParameters struct {

	// When will failure count be reset?
	// +kubebuilder:validation:Optional
	FailureResetTimeSeconds *float64 `json:"failureResetTimeSeconds,omitempty" tf:"failure_reset_time_seconds,omitempty"`

	// +kubebuilder:validation:Optional
	MaxFailureWaitSeconds *float64 `json:"maxFailureWaitSeconds,omitempty" tf:"max_failure_wait_seconds,omitempty"`

	// How many failures before wait is triggered.
	// +kubebuilder:validation:Optional
	MaxLoginFailures *float64 `json:"maxLoginFailures,omitempty" tf:"max_login_failures,omitempty"`

	// How long to wait after a quick login failure.
	// +kubebuilder:validation:Optional
	MinimumQuickLoginWaitSeconds *float64 `json:"minimumQuickLoginWaitSeconds,omitempty" tf:"minimum_quick_login_wait_seconds,omitempty"`

	// When true, this will lock the user permanently when the user exceeds the maximum login failures.
	// +kubebuilder:validation:Optional
	PermanentLockout *bool `json:"permanentLockout,omitempty" tf:"permanent_lockout,omitempty"`

	// Configures the amount of time, in milliseconds, for consecutive failures to lock a user out.
	// +kubebuilder:validation:Optional
	QuickLoginCheckMilliSeconds *float64 `json:"quickLoginCheckMilliSeconds,omitempty" tf:"quick_login_check_milli_seconds,omitempty"`

	// This represents the amount of time a user should be locked out when the login failure threshold has been met.
	// +kubebuilder:validation:Optional
	WaitIncrementSeconds *float64 `json:"waitIncrementSeconds,omitempty" tf:"wait_increment_seconds,omitempty"`
}

func (*BruteForceDetectionParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BruteForceDetectionParameters.

func (*BruteForceDetectionParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HeadersInitParameters added in v0.5.0

type HeadersInitParameters struct {

	// Sets the Content Security Policy, which can be used for prevent pages from being included by non-origin iframes. More information can be found in the W3C-CSP Abstract.
	ContentSecurityPolicy *string `json:"contentSecurityPolicy,omitempty" tf:"content_security_policy,omitempty"`

	// Used for testing Content Security Policies.
	ContentSecurityPolicyReportOnly *string `json:"contentSecurityPolicyReportOnly,omitempty" tf:"content_security_policy_report_only,omitempty"`

	// The Referrer-Policy HTTP header controls how much referrer information (sent with the Referer header) should be included with requests.
	ReferrerPolicy *string `json:"referrerPolicy,omitempty" tf:"referrer_policy,omitempty"`

	// The Script-Transport-Security HTTP header tells browsers to always use HTTPS.
	StrictTransportSecurity *string `json:"strictTransportSecurity,omitempty" tf:"strict_transport_security,omitempty"`

	// Sets the X-Content-Type-Options, which can be used for prevent MIME-sniffing a response away from the declared content-type
	XContentTypeOptions *string `json:"xContentTypeOptions,omitempty" tf:"x_content_type_options,omitempty"`

	// Sets the x-frame-option, which can be used to prevent pages from being included by non-origin iframes. More information can be found in the RFC7034
	XFrameOptions *string `json:"xFrameOptions,omitempty" tf:"x_frame_options,omitempty"`

	// Prevent pages from appearing in search engines.
	XRobotsTag *string `json:"xRobotsTag,omitempty" tf:"x_robots_tag,omitempty"`

	// This header configures the Cross-site scripting (XSS) filter in your browser.
	XXSSProtection *string `json:"xXssProtection,omitempty" tf:"x_xss_protection,omitempty"`
}

func (*HeadersInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersInitParameters.

func (*HeadersInitParameters) DeepCopyInto added in v0.5.0

func (in *HeadersInitParameters) DeepCopyInto(out *HeadersInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HeadersObservation

type HeadersObservation struct {

	// Sets the Content Security Policy, which can be used for prevent pages from being included by non-origin iframes. More information can be found in the W3C-CSP Abstract.
	ContentSecurityPolicy *string `json:"contentSecurityPolicy,omitempty" tf:"content_security_policy,omitempty"`

	// Used for testing Content Security Policies.
	ContentSecurityPolicyReportOnly *string `json:"contentSecurityPolicyReportOnly,omitempty" tf:"content_security_policy_report_only,omitempty"`

	// The Referrer-Policy HTTP header controls how much referrer information (sent with the Referer header) should be included with requests.
	ReferrerPolicy *string `json:"referrerPolicy,omitempty" tf:"referrer_policy,omitempty"`

	// The Script-Transport-Security HTTP header tells browsers to always use HTTPS.
	StrictTransportSecurity *string `json:"strictTransportSecurity,omitempty" tf:"strict_transport_security,omitempty"`

	// Sets the X-Content-Type-Options, which can be used for prevent MIME-sniffing a response away from the declared content-type
	XContentTypeOptions *string `json:"xContentTypeOptions,omitempty" tf:"x_content_type_options,omitempty"`

	// Sets the x-frame-option, which can be used to prevent pages from being included by non-origin iframes. More information can be found in the RFC7034
	XFrameOptions *string `json:"xFrameOptions,omitempty" tf:"x_frame_options,omitempty"`

	// Prevent pages from appearing in search engines.
	XRobotsTag *string `json:"xRobotsTag,omitempty" tf:"x_robots_tag,omitempty"`

	// This header configures the Cross-site scripting (XSS) filter in your browser.
	XXSSProtection *string `json:"xXssProtection,omitempty" tf:"x_xss_protection,omitempty"`
}

func (*HeadersObservation) DeepCopy

func (in *HeadersObservation) DeepCopy() *HeadersObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersObservation.

func (*HeadersObservation) DeepCopyInto

func (in *HeadersObservation) DeepCopyInto(out *HeadersObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HeadersParameters

type HeadersParameters struct {

	// Sets the Content Security Policy, which can be used for prevent pages from being included by non-origin iframes. More information can be found in the W3C-CSP Abstract.
	// +kubebuilder:validation:Optional
	ContentSecurityPolicy *string `json:"contentSecurityPolicy,omitempty" tf:"content_security_policy,omitempty"`

	// Used for testing Content Security Policies.
	// +kubebuilder:validation:Optional
	ContentSecurityPolicyReportOnly *string `json:"contentSecurityPolicyReportOnly,omitempty" tf:"content_security_policy_report_only,omitempty"`

	// The Referrer-Policy HTTP header controls how much referrer information (sent with the Referer header) should be included with requests.
	// +kubebuilder:validation:Optional
	ReferrerPolicy *string `json:"referrerPolicy,omitempty" tf:"referrer_policy,omitempty"`

	// The Script-Transport-Security HTTP header tells browsers to always use HTTPS.
	// +kubebuilder:validation:Optional
	StrictTransportSecurity *string `json:"strictTransportSecurity,omitempty" tf:"strict_transport_security,omitempty"`

	// Sets the X-Content-Type-Options, which can be used for prevent MIME-sniffing a response away from the declared content-type
	// +kubebuilder:validation:Optional
	XContentTypeOptions *string `json:"xContentTypeOptions,omitempty" tf:"x_content_type_options,omitempty"`

	// Sets the x-frame-option, which can be used to prevent pages from being included by non-origin iframes. More information can be found in the RFC7034
	// +kubebuilder:validation:Optional
	XFrameOptions *string `json:"xFrameOptions,omitempty" tf:"x_frame_options,omitempty"`

	// Prevent pages from appearing in search engines.
	// +kubebuilder:validation:Optional
	XRobotsTag *string `json:"xRobotsTag,omitempty" tf:"x_robots_tag,omitempty"`

	// This header configures the Cross-site scripting (XSS) filter in your browser.
	// +kubebuilder:validation:Optional
	XXSSProtection *string `json:"xXssProtection,omitempty" tf:"x_xss_protection,omitempty"`
}

func (*HeadersParameters) DeepCopy

func (in *HeadersParameters) DeepCopy() *HeadersParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersParameters.

func (*HeadersParameters) DeepCopyInto

func (in *HeadersParameters) DeepCopyInto(out *HeadersParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InternationalizationInitParameters added in v0.5.0

type InternationalizationInitParameters struct {

	// The locale to use by default. This locale code must be present within the supported_locales list.
	DefaultLocale *string `json:"defaultLocale,omitempty" tf:"default_locale,omitempty"`

	// A list of ISO 639-1 locale codes that the realm should support.
	// +listType=set
	SupportedLocales []*string `json:"supportedLocales,omitempty" tf:"supported_locales,omitempty"`
}

func (*InternationalizationInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternationalizationInitParameters.

func (*InternationalizationInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InternationalizationObservation

type InternationalizationObservation struct {

	// The locale to use by default. This locale code must be present within the supported_locales list.
	DefaultLocale *string `json:"defaultLocale,omitempty" tf:"default_locale,omitempty"`

	// A list of ISO 639-1 locale codes that the realm should support.
	// +listType=set
	SupportedLocales []*string `json:"supportedLocales,omitempty" tf:"supported_locales,omitempty"`
}

func (*InternationalizationObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternationalizationObservation.

func (*InternationalizationObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InternationalizationParameters

type InternationalizationParameters struct {

	// The locale to use by default. This locale code must be present within the supported_locales list.
	// +kubebuilder:validation:Optional
	DefaultLocale *string `json:"defaultLocale" tf:"default_locale,omitempty"`

	// A list of ISO 639-1 locale codes that the realm should support.
	// +kubebuilder:validation:Optional
	// +listType=set
	SupportedLocales []*string `json:"supportedLocales" tf:"supported_locales,omitempty"`
}

func (*InternationalizationParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternationalizationParameters.

func (*InternationalizationParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeystoreRsa added in v0.12.0

type KeystoreRsa struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.certificateSecretRef)",message="spec.forProvider.certificateSecretRef is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.privateKeySecretRef)",message="spec.forProvider.privateKeySecretRef is a required parameter"
	Spec   KeystoreRsaSpec   `json:"spec"`
	Status KeystoreRsaStatus `json:"status,omitempty"`
}

KeystoreRsa is the Schema for the KeystoreRsas API. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*KeystoreRsa) DeepCopy added in v0.12.0

func (in *KeystoreRsa) DeepCopy() *KeystoreRsa

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsa.

func (*KeystoreRsa) DeepCopyInto added in v0.12.0

func (in *KeystoreRsa) DeepCopyInto(out *KeystoreRsa)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeystoreRsa) DeepCopyObject added in v0.12.0

func (in *KeystoreRsa) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeystoreRsa) GetCondition added in v0.12.0

func (mg *KeystoreRsa) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this KeystoreRsa.

func (*KeystoreRsa) GetConnectionDetailsMapping added in v0.12.0

func (tr *KeystoreRsa) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this KeystoreRsa

func (*KeystoreRsa) GetDeletionPolicy added in v0.12.0

func (mg *KeystoreRsa) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this KeystoreRsa.

func (*KeystoreRsa) GetID added in v0.12.0

func (tr *KeystoreRsa) GetID() string

GetID returns ID of underlying Terraform resource of this KeystoreRsa

func (*KeystoreRsa) GetInitParameters added in v0.12.0

func (tr *KeystoreRsa) GetInitParameters() (map[string]any, error)

GetInitParameters of this KeystoreRsa

func (*KeystoreRsa) GetManagementPolicies added in v0.12.0

func (mg *KeystoreRsa) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this KeystoreRsa.

func (*KeystoreRsa) GetMergedParameters added in v0.12.0

func (tr *KeystoreRsa) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this KeystoreRsa

func (*KeystoreRsa) GetObservation added in v0.12.0

func (tr *KeystoreRsa) GetObservation() (map[string]any, error)

GetObservation of this KeystoreRsa

func (*KeystoreRsa) GetParameters added in v0.12.0

func (tr *KeystoreRsa) GetParameters() (map[string]any, error)

GetParameters of this KeystoreRsa

func (*KeystoreRsa) GetProviderConfigReference added in v0.12.0

func (mg *KeystoreRsa) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this KeystoreRsa.

func (*KeystoreRsa) GetPublishConnectionDetailsTo added in v0.12.0

func (mg *KeystoreRsa) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this KeystoreRsa.

func (*KeystoreRsa) GetTerraformResourceType added in v0.12.0

func (mg *KeystoreRsa) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this KeystoreRsa

func (*KeystoreRsa) GetTerraformSchemaVersion added in v0.12.0

func (tr *KeystoreRsa) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*KeystoreRsa) GetWriteConnectionSecretToReference added in v0.12.0

func (mg *KeystoreRsa) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this KeystoreRsa.

func (*KeystoreRsa) Hub added in v0.12.0

func (tr *KeystoreRsa) Hub()

Hub marks this type as a conversion hub.

func (*KeystoreRsa) LateInitialize added in v0.12.0

func (tr *KeystoreRsa) LateInitialize(attrs []byte) (bool, error)

LateInitialize this KeystoreRsa using its observed tfState. returns True if there are any spec changes for the resource.

func (*KeystoreRsa) ResolveReferences added in v0.12.0

func (mg *KeystoreRsa) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this KeystoreRsa.

func (*KeystoreRsa) SetConditions added in v0.12.0

func (mg *KeystoreRsa) SetConditions(c ...xpv1.Condition)

SetConditions of this KeystoreRsa.

func (*KeystoreRsa) SetDeletionPolicy added in v0.12.0

func (mg *KeystoreRsa) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this KeystoreRsa.

func (*KeystoreRsa) SetManagementPolicies added in v0.12.0

func (mg *KeystoreRsa) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this KeystoreRsa.

func (*KeystoreRsa) SetObservation added in v0.12.0

func (tr *KeystoreRsa) SetObservation(obs map[string]any) error

SetObservation for this KeystoreRsa

func (*KeystoreRsa) SetParameters added in v0.12.0

func (tr *KeystoreRsa) SetParameters(params map[string]any) error

SetParameters for this KeystoreRsa

func (*KeystoreRsa) SetProviderConfigReference added in v0.12.0

func (mg *KeystoreRsa) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this KeystoreRsa.

func (*KeystoreRsa) SetPublishConnectionDetailsTo added in v0.12.0

func (mg *KeystoreRsa) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this KeystoreRsa.

func (*KeystoreRsa) SetWriteConnectionSecretToReference added in v0.12.0

func (mg *KeystoreRsa) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this KeystoreRsa.

type KeystoreRsaInitParameters added in v0.12.0

type KeystoreRsaInitParameters struct {

	// When false, key in not used for signing. Defaults to true.
	// Set if the keys can be used for signing
	Active *bool `json:"active,omitempty" tf:"active,omitempty"`

	// Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
	// Intended algorithm for the key
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// X509 Certificate encoded in PEM format.
	// X509 Certificate encoded in PEM format
	CertificateSecretRef v1.SecretKeySelector `json:"certificateSecretRef" tf:"-"`

	// When false, key is not accessible in this realm. Defaults to true.
	// Set if the keys are enabled
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Display name of provider when linked in admin console.
	// Display name of provider when linked in admin console.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Priority for the provider. Defaults to 0
	// Priority for the provider
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// Private RSA Key encoded in PEM format.
	// Private RSA Key encoded in PEM format
	PrivateKeySecretRef v1.SecretKeySelector `json:"privateKeySecretRef" tf:"-"`

	// Use rsa for signing keys, rsa-enc for encryption keys
	// RSA key provider id
	ProviderID *string `json:"providerId,omitempty" tf:"provider_id,omitempty"`

	// The realm this keystore exists in.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*KeystoreRsaInitParameters) DeepCopy added in v0.12.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaInitParameters.

func (*KeystoreRsaInitParameters) DeepCopyInto added in v0.12.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeystoreRsaList added in v0.12.0

type KeystoreRsaList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []KeystoreRsa `json:"items"`
}

KeystoreRsaList contains a list of KeystoreRsas

func (*KeystoreRsaList) DeepCopy added in v0.12.0

func (in *KeystoreRsaList) DeepCopy() *KeystoreRsaList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaList.

func (*KeystoreRsaList) DeepCopyInto added in v0.12.0

func (in *KeystoreRsaList) DeepCopyInto(out *KeystoreRsaList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeystoreRsaList) DeepCopyObject added in v0.12.0

func (in *KeystoreRsaList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeystoreRsaList) GetItems added in v0.12.0

func (l *KeystoreRsaList) GetItems() []resource.Managed

GetItems of this KeystoreRsaList.

type KeystoreRsaObservation added in v0.12.0

type KeystoreRsaObservation struct {

	// When false, key in not used for signing. Defaults to true.
	// Set if the keys can be used for signing
	Active *bool `json:"active,omitempty" tf:"active,omitempty"`

	// Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
	// Intended algorithm for the key
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// When false, key is not accessible in this realm. Defaults to true.
	// Set if the keys are enabled
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Display name of provider when linked in admin console.
	// Display name of provider when linked in admin console.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Priority for the provider. Defaults to 0
	// Priority for the provider
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// Use rsa for signing keys, rsa-enc for encryption keys
	// RSA key provider id
	ProviderID *string `json:"providerId,omitempty" tf:"provider_id,omitempty"`

	// The realm this keystore exists in.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*KeystoreRsaObservation) DeepCopy added in v0.12.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaObservation.

func (*KeystoreRsaObservation) DeepCopyInto added in v0.12.0

func (in *KeystoreRsaObservation) DeepCopyInto(out *KeystoreRsaObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeystoreRsaParameters added in v0.12.0

type KeystoreRsaParameters struct {

	// When false, key in not used for signing. Defaults to true.
	// Set if the keys can be used for signing
	// +kubebuilder:validation:Optional
	Active *bool `json:"active,omitempty" tf:"active,omitempty"`

	// Intended algorithm for the key. Defaults to RS256. Use RSA-OAEP for encryption keys
	// Intended algorithm for the key
	// +kubebuilder:validation:Optional
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// X509 Certificate encoded in PEM format.
	// X509 Certificate encoded in PEM format
	// +kubebuilder:validation:Optional
	CertificateSecretRef v1.SecretKeySelector `json:"certificateSecretRef" tf:"-"`

	// When false, key is not accessible in this realm. Defaults to true.
	// Set if the keys are enabled
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Display name of provider when linked in admin console.
	// Display name of provider when linked in admin console.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Priority for the provider. Defaults to 0
	// Priority for the provider
	// +kubebuilder:validation:Optional
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// Private RSA Key encoded in PEM format.
	// Private RSA Key encoded in PEM format
	// +kubebuilder:validation:Optional
	PrivateKeySecretRef v1.SecretKeySelector `json:"privateKeySecretRef" tf:"-"`

	// Use rsa for signing keys, rsa-enc for encryption keys
	// RSA key provider id
	// +kubebuilder:validation:Optional
	ProviderID *string `json:"providerId,omitempty" tf:"provider_id,omitempty"`

	// The realm this keystore exists in.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*KeystoreRsaParameters) DeepCopy added in v0.12.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaParameters.

func (*KeystoreRsaParameters) DeepCopyInto added in v0.12.0

func (in *KeystoreRsaParameters) DeepCopyInto(out *KeystoreRsaParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeystoreRsaSpec added in v0.12.0

type KeystoreRsaSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     KeystoreRsaParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider KeystoreRsaInitParameters `json:"initProvider,omitempty"`
}

KeystoreRsaSpec defines the desired state of KeystoreRsa

func (*KeystoreRsaSpec) DeepCopy added in v0.12.0

func (in *KeystoreRsaSpec) DeepCopy() *KeystoreRsaSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaSpec.

func (*KeystoreRsaSpec) DeepCopyInto added in v0.12.0

func (in *KeystoreRsaSpec) DeepCopyInto(out *KeystoreRsaSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeystoreRsaStatus added in v0.12.0

type KeystoreRsaStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        KeystoreRsaObservation `json:"atProvider,omitempty"`
}

KeystoreRsaStatus defines the observed state of KeystoreRsa.

func (*KeystoreRsaStatus) DeepCopy added in v0.12.0

func (in *KeystoreRsaStatus) DeepCopy() *KeystoreRsaStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoreRsaStatus.

func (*KeystoreRsaStatus) DeepCopyInto added in v0.12.0

func (in *KeystoreRsaStatus) DeepCopyInto(out *KeystoreRsaStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OtpPolicyInitParameters added in v0.5.0

type OtpPolicyInitParameters struct {

	// What hashing algorithm should be used to generate the OTP, Valid options are HmacSHA1,HmacSHA256 and HmacSHA512. Defaults to HmacSHA1.
	// What hashing algorithm should be used to generate the OTP.
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// How many digits the OTP have. Defaults to 6.
	Digits *float64 `json:"digits,omitempty" tf:"digits,omitempty"`

	// What should the initial counter value be. Defaults to 2.
	InitialCounter *float64 `json:"initialCounter,omitempty" tf:"initial_counter,omitempty"`

	// How far ahead should the server look just in case the token generator and server are out of time sync or counter sync. Defaults to 1.
	LookAheadWindow *float64 `json:"lookAheadWindow,omitempty" tf:"look_ahead_window,omitempty"`

	// How many seconds should an OTP token be valid. Defaults to 30.
	Period *float64 `json:"period,omitempty" tf:"period,omitempty"`

	// One Time Password Type, supported Values are totp for Time-Based One Time Password and hotp for Counter Based. Defaults to totp.
	// OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*OtpPolicyInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OtpPolicyInitParameters.

func (*OtpPolicyInitParameters) DeepCopyInto added in v0.5.0

func (in *OtpPolicyInitParameters) DeepCopyInto(out *OtpPolicyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OtpPolicyObservation

type OtpPolicyObservation struct {

	// What hashing algorithm should be used to generate the OTP, Valid options are HmacSHA1,HmacSHA256 and HmacSHA512. Defaults to HmacSHA1.
	// What hashing algorithm should be used to generate the OTP.
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// How many digits the OTP have. Defaults to 6.
	Digits *float64 `json:"digits,omitempty" tf:"digits,omitempty"`

	// What should the initial counter value be. Defaults to 2.
	InitialCounter *float64 `json:"initialCounter,omitempty" tf:"initial_counter,omitempty"`

	// How far ahead should the server look just in case the token generator and server are out of time sync or counter sync. Defaults to 1.
	LookAheadWindow *float64 `json:"lookAheadWindow,omitempty" tf:"look_ahead_window,omitempty"`

	// How many seconds should an OTP token be valid. Defaults to 30.
	Period *float64 `json:"period,omitempty" tf:"period,omitempty"`

	// One Time Password Type, supported Values are totp for Time-Based One Time Password and hotp for Counter Based. Defaults to totp.
	// OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*OtpPolicyObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OtpPolicyObservation.

func (*OtpPolicyObservation) DeepCopyInto

func (in *OtpPolicyObservation) DeepCopyInto(out *OtpPolicyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OtpPolicyParameters

type OtpPolicyParameters struct {

	// What hashing algorithm should be used to generate the OTP, Valid options are HmacSHA1,HmacSHA256 and HmacSHA512. Defaults to HmacSHA1.
	// What hashing algorithm should be used to generate the OTP.
	// +kubebuilder:validation:Optional
	Algorithm *string `json:"algorithm,omitempty" tf:"algorithm,omitempty"`

	// How many digits the OTP have. Defaults to 6.
	// +kubebuilder:validation:Optional
	Digits *float64 `json:"digits,omitempty" tf:"digits,omitempty"`

	// What should the initial counter value be. Defaults to 2.
	// +kubebuilder:validation:Optional
	InitialCounter *float64 `json:"initialCounter,omitempty" tf:"initial_counter,omitempty"`

	// How far ahead should the server look just in case the token generator and server are out of time sync or counter sync. Defaults to 1.
	// +kubebuilder:validation:Optional
	LookAheadWindow *float64 `json:"lookAheadWindow,omitempty" tf:"look_ahead_window,omitempty"`

	// How many seconds should an OTP token be valid. Defaults to 30.
	// +kubebuilder:validation:Optional
	Period *float64 `json:"period,omitempty" tf:"period,omitempty"`

	// One Time Password Type, supported Values are totp for Time-Based One Time Password and hotp for Counter Based. Defaults to totp.
	// OTP Type, totp for Time-Based One Time Password or hotp for counter base one time password
	// +kubebuilder:validation:Optional
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*OtpPolicyParameters) DeepCopy

func (in *OtpPolicyParameters) DeepCopy() *OtpPolicyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OtpPolicyParameters.

func (*OtpPolicyParameters) DeepCopyInto

func (in *OtpPolicyParameters) DeepCopyInto(out *OtpPolicyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Realm

type Realm struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.realm) || (has(self.initProvider) && has(self.initProvider.realm))",message="spec.forProvider.realm is a required parameter"
	Spec   RealmSpec   `json:"spec"`
	Status RealmStatus `json:"status,omitempty"`
}

Realm is the Schema for the Realms API. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*Realm) DeepCopy

func (in *Realm) DeepCopy() *Realm

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Realm.

func (*Realm) DeepCopyInto

func (in *Realm) DeepCopyInto(out *Realm)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Realm) DeepCopyObject

func (in *Realm) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Realm) GetCondition

func (mg *Realm) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Realm.

func (*Realm) GetConnectionDetailsMapping

func (tr *Realm) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Realm

func (*Realm) GetDeletionPolicy

func (mg *Realm) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Realm.

func (*Realm) GetID

func (tr *Realm) GetID() string

GetID returns ID of underlying Terraform resource of this Realm

func (*Realm) GetInitParameters added in v0.5.0

func (tr *Realm) GetInitParameters() (map[string]any, error)

GetInitParameters of this Realm

func (*Realm) GetManagementPolicies

func (mg *Realm) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Realm.

func (*Realm) GetMergedParameters added in v0.6.0

func (tr *Realm) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Realm

func (*Realm) GetObservation

func (tr *Realm) GetObservation() (map[string]any, error)

GetObservation of this Realm

func (*Realm) GetParameters

func (tr *Realm) GetParameters() (map[string]any, error)

GetParameters of this Realm

func (*Realm) GetProviderConfigReference

func (mg *Realm) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Realm.

func (*Realm) GetPublishConnectionDetailsTo

func (mg *Realm) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Realm.

func (*Realm) GetTerraformResourceType

func (mg *Realm) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Realm

func (*Realm) GetTerraformSchemaVersion

func (tr *Realm) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Realm) GetWriteConnectionSecretToReference

func (mg *Realm) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Realm.

func (*Realm) Hub added in v0.11.0

func (tr *Realm) Hub()

Hub marks this type as a conversion hub.

func (*Realm) LateInitialize

func (tr *Realm) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Realm using its observed tfState. returns True if there are any spec changes for the resource.

func (*Realm) SetConditions

func (mg *Realm) SetConditions(c ...xpv1.Condition)

SetConditions of this Realm.

func (*Realm) SetDeletionPolicy

func (mg *Realm) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Realm.

func (*Realm) SetManagementPolicies

func (mg *Realm) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Realm.

func (*Realm) SetObservation

func (tr *Realm) SetObservation(obs map[string]any) error

SetObservation for this Realm

func (*Realm) SetParameters

func (tr *Realm) SetParameters(params map[string]any) error

SetParameters for this Realm

func (*Realm) SetProviderConfigReference

func (mg *Realm) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Realm.

func (*Realm) SetPublishConnectionDetailsTo

func (mg *Realm) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Realm.

func (*Realm) SetWriteConnectionSecretToReference

func (mg *Realm) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Realm.

type RealmInitParameters added in v0.5.0

type RealmInitParameters struct {

	// The maximum amount of time a client has to finish the authorization code flow.
	AccessCodeLifespan *string `json:"accessCodeLifespan,omitempty" tf:"access_code_lifespan,omitempty"`

	// The maximum amount of time a user is permitted to stay on the login page before the authentication process must be restarted.
	AccessCodeLifespanLogin *string `json:"accessCodeLifespanLogin,omitempty" tf:"access_code_lifespan_login,omitempty"`

	// The maximum amount of time a user has to complete login related actions, such as updating a password.
	AccessCodeLifespanUserAction *string `json:"accessCodeLifespanUserAction,omitempty" tf:"access_code_lifespan_user_action,omitempty"`

	// The amount of time an access token can be used before it expires.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires.
	AccessTokenLifespanForImplicitFlow *string `json:"accessTokenLifespanForImplicitFlow,omitempty" tf:"access_token_lifespan_for_implicit_flow,omitempty"`

	// Used for account management pages.
	AccountTheme *string `json:"accountTheme,omitempty" tf:"account_theme,omitempty"`

	// The maximum time a user has to use an admin-generated permit before it expires.
	ActionTokenGeneratedByAdminLifespan *string `json:"actionTokenGeneratedByAdminLifespan,omitempty" tf:"action_token_generated_by_admin_lifespan,omitempty"`

	// The maximum time a user has to use a user-generated permit before it expires.
	ActionTokenGeneratedByUserLifespan *string `json:"actionTokenGeneratedByUserLifespan,omitempty" tf:"action_token_generated_by_user_lifespan,omitempty"`

	// Used for the admin console.
	AdminTheme *string `json:"adminTheme,omitempty" tf:"admin_theme,omitempty"`

	// A map of custom attributes to add to the realm.
	// +mapType=granular
	Attributes map[string]*string `json:"attributes,omitempty" tf:"attributes,omitempty"`

	// The desired flow for browser authentication. Defaults to browser.
	// Which flow should be used for BrowserFlow
	BrowserFlow *string `json:"browserFlow,omitempty" tf:"browser_flow,omitempty"`

	// The desired flow for client authentication. Defaults to clients.
	// Which flow should be used for ClientAuthenticationFlow
	ClientAuthenticationFlow *string `json:"clientAuthenticationFlow,omitempty" tf:"client_authentication_flow,omitempty"`

	// The amount of time a session can be idle before it expires. Users can override it for individual clients.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// The maximum amount of time before a session expires regardless of activity. Users can override it for individual clients.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// A list of default default client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default default client-scopes.
	// +listType=set
	DefaultDefaultClientScopes []*string `json:"defaultDefaultClientScopes,omitempty" tf:"default_default_client_scopes,omitempty"`

	// A list of default optional client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default optional client-scopes.
	// +listType=set
	DefaultOptionalClientScopes []*string `json:"defaultOptionalClientScopes,omitempty" tf:"default_optional_client_scopes,omitempty"`

	// Default algorithm used to sign tokens for the realm.
	DefaultSignatureAlgorithm *string `json:"defaultSignatureAlgorithm,omitempty" tf:"default_signature_algorithm,omitempty"`

	// The desired flow for direct access authentication. Defaults to direct grant.
	// Which flow should be used for DirectGrantFlow
	DirectGrantFlow *string `json:"directGrantFlow,omitempty" tf:"direct_grant_flow,omitempty"`

	// The display name for the realm that is shown when logging in to the admin console.
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// The display name for the realm that is rendered as HTML on the screen when logging in to the admin console.
	DisplayNameHTML *string `json:"displayNameHtml,omitempty" tf:"display_name_html,omitempty"`

	// The desired flow for Docker authentication. Defaults to docker auth.
	// Which flow should be used for DockerAuthenticationFlow
	DockerAuthenticationFlow *string `json:"dockerAuthenticationFlow,omitempty" tf:"docker_authentication_flow,omitempty"`

	// When true, multiple users will be allowed to have the same email address. This argument must be set to false if login_with_email_allowed is set to true.
	DuplicateEmailsAllowed *bool `json:"duplicateEmailsAllowed,omitempty" tf:"duplicate_emails_allowed,omitempty"`

	// When true, the username field is editable.
	EditUsernameAllowed *bool `json:"editUsernameAllowed,omitempty" tf:"edit_username_allowed,omitempty"`

	// Used for emails that are sent by Keycloak.
	EmailTheme *string `json:"emailTheme,omitempty" tf:"email_theme,omitempty"`

	// When false, users and clients will not be able to access this realm. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When specified, this will be used as the realm's internal ID within Keycloak. When not specified, the realm's internal ID will be set to the realm's name.
	InternalID *string `json:"internalId,omitempty" tf:"internal_id,omitempty"`

	Internationalization []InternationalizationInitParameters `json:"internationalization,omitempty" tf:"internationalization,omitempty"`

	// Used for the login, forgot password, and registration pages.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// When true, users may log in with their email address.
	LoginWithEmailAllowed *bool `json:"loginWithEmailAllowed,omitempty" tf:"login_with_email_allowed,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *float64 `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The amount of time an offline session can be idle before it expires.
	OfflineSessionIdleTimeout *string `json:"offlineSessionIdleTimeout,omitempty" tf:"offline_session_idle_timeout,omitempty"`

	// The maximum amount of time before an offline session expires regardless of activity.
	OfflineSessionMaxLifespan *string `json:"offlineSessionMaxLifespan,omitempty" tf:"offline_session_max_lifespan,omitempty"`

	// Enable offline_session_max_lifespan.
	OfflineSessionMaxLifespanEnabled *bool `json:"offlineSessionMaxLifespanEnabled,omitempty" tf:"offline_session_max_lifespan_enabled,omitempty"`

	OtpPolicy []OtpPolicyInitParameters `json:"otpPolicy,omitempty" tf:"otp_policy,omitempty"`

	// The password policy for users within the realm.
	// String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
	PasswordPolicy *string `json:"passwordPolicy,omitempty" tf:"password_policy,omitempty"`

	// The name of the realm. This is unique across Keycloak. This will also be used as the realm's internal ID within Keycloak.
	Realm *string `json:"realm,omitempty" tf:"realm,omitempty"`

	// Maximum number of times a refresh token can be reused before they are revoked. If unspecified and 'revoke_refresh_token' is enabled the default value is 0 and refresh tokens can not be reused.
	RefreshTokenMaxReuse *float64 `json:"refreshTokenMaxReuse,omitempty" tf:"refresh_token_max_reuse,omitempty"`

	// When true, user registration will be enabled, and a link for registration will be displayed on the login page.
	RegistrationAllowed *bool `json:"registrationAllowed,omitempty" tf:"registration_allowed,omitempty"`

	// When true, the user's email will be used as their username during registration.
	RegistrationEmailAsUsername *bool `json:"registrationEmailAsUsername,omitempty" tf:"registration_email_as_username,omitempty"`

	// The desired flow for user registration. Defaults to registration.
	// Which flow should be used for RegistrationFlow
	RegistrationFlow *string `json:"registrationFlow,omitempty" tf:"registration_flow,omitempty"`

	// When true, a "remember me" checkbox will be displayed on the login page, and the user's session will not expire between browser restarts.
	RememberMe *bool `json:"rememberMe,omitempty" tf:"remember_me,omitempty"`

	// The desired flow to use when a user attempts to reset their credentials. Defaults to reset credentials.
	// Which flow should be used for ResetCredentialsFlow
	ResetCredentialsFlow *string `json:"resetCredentialsFlow,omitempty" tf:"reset_credentials_flow,omitempty"`

	// When true, a "forgot password" link will be displayed on the login page.
	ResetPasswordAllowed *bool `json:"resetPasswordAllowed,omitempty" tf:"reset_password_allowed,omitempty"`

	// If enabled a refresh token can only be used number of times specified in 'refresh_token_max_reuse' before they are revoked. If unspecified, refresh tokens can be reused.
	RevokeRefreshToken *bool `json:"revokeRefreshToken,omitempty" tf:"revoke_refresh_token,omitempty"`

	SMTPServer []SMTPServerInitParameters `json:"smtpServer,omitempty" tf:"smtp_server,omitempty"`

	// Can be one of following values: 'none, 'external' or 'all'
	// SSL Required: Values can be 'none', 'external' or 'all'.
	SSLRequired *string `json:"sslRequired,omitempty" tf:"ssl_required,omitempty"`

	SecurityDefenses []SecurityDefensesInitParameters `json:"securityDefenses,omitempty" tf:"security_defenses,omitempty"`

	// The amount of time a session can be idle before it expires.
	SsoSessionIdleTimeout *string `json:"ssoSessionIdleTimeout,omitempty" tf:"sso_session_idle_timeout,omitempty"`

	// Similar to sso_session_idle_timeout, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_idle_timeout.
	SsoSessionIdleTimeoutRememberMe *string `json:"ssoSessionIdleTimeoutRememberMe,omitempty" tf:"sso_session_idle_timeout_remember_me,omitempty"`

	// The maximum amount of time before a session expires regardless of activity.
	SsoSessionMaxLifespan *string `json:"ssoSessionMaxLifespan,omitempty" tf:"sso_session_max_lifespan,omitempty"`

	// Similar to sso_session_max_lifespan, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_max_lifespan.
	SsoSessionMaxLifespanRememberMe *string `json:"ssoSessionMaxLifespanRememberMe,omitempty" tf:"sso_session_max_lifespan_remember_me,omitempty"`

	// When true, users are allowed to manage their own resources. Defaults to false.
	UserManagedAccess *bool `json:"userManagedAccess,omitempty" tf:"user_managed_access,omitempty"`

	// When true, users are required to verify their email address after registration and after email address changes.
	VerifyEmail *bool `json:"verifyEmail,omitempty" tf:"verify_email,omitempty"`

	// Configuration for WebAuthn Passwordless Policy authentication.
	WebAuthnPasswordlessPolicy []WebAuthnPasswordlessPolicyInitParameters `json:"webAuthnPasswordlessPolicy,omitempty" tf:"web_authn_passwordless_policy,omitempty"`

	// Configuration for WebAuthn Policy authentication.
	WebAuthnPolicy []WebAuthnPolicyInitParameters `json:"webAuthnPolicy,omitempty" tf:"web_authn_policy,omitempty"`
}

func (*RealmInitParameters) DeepCopy added in v0.5.0

func (in *RealmInitParameters) DeepCopy() *RealmInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmInitParameters.

func (*RealmInitParameters) DeepCopyInto added in v0.5.0

func (in *RealmInitParameters) DeepCopyInto(out *RealmInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RealmList

type RealmList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Realm `json:"items"`
}

RealmList contains a list of Realms

func (*RealmList) DeepCopy

func (in *RealmList) DeepCopy() *RealmList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmList.

func (*RealmList) DeepCopyInto

func (in *RealmList) DeepCopyInto(out *RealmList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RealmList) DeepCopyObject

func (in *RealmList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RealmList) GetItems

func (l *RealmList) GetItems() []resource.Managed

GetItems of this RealmList.

type RealmObservation

type RealmObservation struct {

	// The maximum amount of time a client has to finish the authorization code flow.
	AccessCodeLifespan *string `json:"accessCodeLifespan,omitempty" tf:"access_code_lifespan,omitempty"`

	// The maximum amount of time a user is permitted to stay on the login page before the authentication process must be restarted.
	AccessCodeLifespanLogin *string `json:"accessCodeLifespanLogin,omitempty" tf:"access_code_lifespan_login,omitempty"`

	// The maximum amount of time a user has to complete login related actions, such as updating a password.
	AccessCodeLifespanUserAction *string `json:"accessCodeLifespanUserAction,omitempty" tf:"access_code_lifespan_user_action,omitempty"`

	// The amount of time an access token can be used before it expires.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires.
	AccessTokenLifespanForImplicitFlow *string `json:"accessTokenLifespanForImplicitFlow,omitempty" tf:"access_token_lifespan_for_implicit_flow,omitempty"`

	// Used for account management pages.
	AccountTheme *string `json:"accountTheme,omitempty" tf:"account_theme,omitempty"`

	// The maximum time a user has to use an admin-generated permit before it expires.
	ActionTokenGeneratedByAdminLifespan *string `json:"actionTokenGeneratedByAdminLifespan,omitempty" tf:"action_token_generated_by_admin_lifespan,omitempty"`

	// The maximum time a user has to use a user-generated permit before it expires.
	ActionTokenGeneratedByUserLifespan *string `json:"actionTokenGeneratedByUserLifespan,omitempty" tf:"action_token_generated_by_user_lifespan,omitempty"`

	// Used for the admin console.
	AdminTheme *string `json:"adminTheme,omitempty" tf:"admin_theme,omitempty"`

	// A map of custom attributes to add to the realm.
	// +mapType=granular
	Attributes map[string]*string `json:"attributes,omitempty" tf:"attributes,omitempty"`

	// The desired flow for browser authentication. Defaults to browser.
	// Which flow should be used for BrowserFlow
	BrowserFlow *string `json:"browserFlow,omitempty" tf:"browser_flow,omitempty"`

	// The desired flow for client authentication. Defaults to clients.
	// Which flow should be used for ClientAuthenticationFlow
	ClientAuthenticationFlow *string `json:"clientAuthenticationFlow,omitempty" tf:"client_authentication_flow,omitempty"`

	// The amount of time a session can be idle before it expires. Users can override it for individual clients.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// The maximum amount of time before a session expires regardless of activity. Users can override it for individual clients.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// A list of default default client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default default client-scopes.
	// +listType=set
	DefaultDefaultClientScopes []*string `json:"defaultDefaultClientScopes,omitempty" tf:"default_default_client_scopes,omitempty"`

	// A list of default optional client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default optional client-scopes.
	// +listType=set
	DefaultOptionalClientScopes []*string `json:"defaultOptionalClientScopes,omitempty" tf:"default_optional_client_scopes,omitempty"`

	// Default algorithm used to sign tokens for the realm.
	DefaultSignatureAlgorithm *string `json:"defaultSignatureAlgorithm,omitempty" tf:"default_signature_algorithm,omitempty"`

	// The desired flow for direct access authentication. Defaults to direct grant.
	// Which flow should be used for DirectGrantFlow
	DirectGrantFlow *string `json:"directGrantFlow,omitempty" tf:"direct_grant_flow,omitempty"`

	// The display name for the realm that is shown when logging in to the admin console.
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// The display name for the realm that is rendered as HTML on the screen when logging in to the admin console.
	DisplayNameHTML *string `json:"displayNameHtml,omitempty" tf:"display_name_html,omitempty"`

	// The desired flow for Docker authentication. Defaults to docker auth.
	// Which flow should be used for DockerAuthenticationFlow
	DockerAuthenticationFlow *string `json:"dockerAuthenticationFlow,omitempty" tf:"docker_authentication_flow,omitempty"`

	// When true, multiple users will be allowed to have the same email address. This argument must be set to false if login_with_email_allowed is set to true.
	DuplicateEmailsAllowed *bool `json:"duplicateEmailsAllowed,omitempty" tf:"duplicate_emails_allowed,omitempty"`

	// When true, the username field is editable.
	EditUsernameAllowed *bool `json:"editUsernameAllowed,omitempty" tf:"edit_username_allowed,omitempty"`

	// Used for emails that are sent by Keycloak.
	EmailTheme *string `json:"emailTheme,omitempty" tf:"email_theme,omitempty"`

	// When false, users and clients will not be able to access this realm. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When specified, this will be used as the realm's internal ID within Keycloak. When not specified, the realm's internal ID will be set to the realm's name.
	InternalID *string `json:"internalId,omitempty" tf:"internal_id,omitempty"`

	Internationalization []InternationalizationObservation `json:"internationalization,omitempty" tf:"internationalization,omitempty"`

	// Used for the login, forgot password, and registration pages.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// When true, users may log in with their email address.
	LoginWithEmailAllowed *bool `json:"loginWithEmailAllowed,omitempty" tf:"login_with_email_allowed,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *float64 `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The amount of time an offline session can be idle before it expires.
	OfflineSessionIdleTimeout *string `json:"offlineSessionIdleTimeout,omitempty" tf:"offline_session_idle_timeout,omitempty"`

	// The maximum amount of time before an offline session expires regardless of activity.
	OfflineSessionMaxLifespan *string `json:"offlineSessionMaxLifespan,omitempty" tf:"offline_session_max_lifespan,omitempty"`

	// Enable offline_session_max_lifespan.
	OfflineSessionMaxLifespanEnabled *bool `json:"offlineSessionMaxLifespanEnabled,omitempty" tf:"offline_session_max_lifespan_enabled,omitempty"`

	OtpPolicy []OtpPolicyObservation `json:"otpPolicy,omitempty" tf:"otp_policy,omitempty"`

	// The password policy for users within the realm.
	// String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
	PasswordPolicy *string `json:"passwordPolicy,omitempty" tf:"password_policy,omitempty"`

	// The name of the realm. This is unique across Keycloak. This will also be used as the realm's internal ID within Keycloak.
	Realm *string `json:"realm,omitempty" tf:"realm,omitempty"`

	// Maximum number of times a refresh token can be reused before they are revoked. If unspecified and 'revoke_refresh_token' is enabled the default value is 0 and refresh tokens can not be reused.
	RefreshTokenMaxReuse *float64 `json:"refreshTokenMaxReuse,omitempty" tf:"refresh_token_max_reuse,omitempty"`

	// When true, user registration will be enabled, and a link for registration will be displayed on the login page.
	RegistrationAllowed *bool `json:"registrationAllowed,omitempty" tf:"registration_allowed,omitempty"`

	// When true, the user's email will be used as their username during registration.
	RegistrationEmailAsUsername *bool `json:"registrationEmailAsUsername,omitempty" tf:"registration_email_as_username,omitempty"`

	// The desired flow for user registration. Defaults to registration.
	// Which flow should be used for RegistrationFlow
	RegistrationFlow *string `json:"registrationFlow,omitempty" tf:"registration_flow,omitempty"`

	// When true, a "remember me" checkbox will be displayed on the login page, and the user's session will not expire between browser restarts.
	RememberMe *bool `json:"rememberMe,omitempty" tf:"remember_me,omitempty"`

	// The desired flow to use when a user attempts to reset their credentials. Defaults to reset credentials.
	// Which flow should be used for ResetCredentialsFlow
	ResetCredentialsFlow *string `json:"resetCredentialsFlow,omitempty" tf:"reset_credentials_flow,omitempty"`

	// When true, a "forgot password" link will be displayed on the login page.
	ResetPasswordAllowed *bool `json:"resetPasswordAllowed,omitempty" tf:"reset_password_allowed,omitempty"`

	// If enabled a refresh token can only be used number of times specified in 'refresh_token_max_reuse' before they are revoked. If unspecified, refresh tokens can be reused.
	RevokeRefreshToken *bool `json:"revokeRefreshToken,omitempty" tf:"revoke_refresh_token,omitempty"`

	SMTPServer []SMTPServerObservation `json:"smtpServer,omitempty" tf:"smtp_server,omitempty"`

	// Can be one of following values: 'none, 'external' or 'all'
	// SSL Required: Values can be 'none', 'external' or 'all'.
	SSLRequired *string `json:"sslRequired,omitempty" tf:"ssl_required,omitempty"`

	SecurityDefenses []SecurityDefensesObservation `json:"securityDefenses,omitempty" tf:"security_defenses,omitempty"`

	// The amount of time a session can be idle before it expires.
	SsoSessionIdleTimeout *string `json:"ssoSessionIdleTimeout,omitempty" tf:"sso_session_idle_timeout,omitempty"`

	// Similar to sso_session_idle_timeout, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_idle_timeout.
	SsoSessionIdleTimeoutRememberMe *string `json:"ssoSessionIdleTimeoutRememberMe,omitempty" tf:"sso_session_idle_timeout_remember_me,omitempty"`

	// The maximum amount of time before a session expires regardless of activity.
	SsoSessionMaxLifespan *string `json:"ssoSessionMaxLifespan,omitempty" tf:"sso_session_max_lifespan,omitempty"`

	// Similar to sso_session_max_lifespan, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_max_lifespan.
	SsoSessionMaxLifespanRememberMe *string `json:"ssoSessionMaxLifespanRememberMe,omitempty" tf:"sso_session_max_lifespan_remember_me,omitempty"`

	// When true, users are allowed to manage their own resources. Defaults to false.
	UserManagedAccess *bool `json:"userManagedAccess,omitempty" tf:"user_managed_access,omitempty"`

	// When true, users are required to verify their email address after registration and after email address changes.
	VerifyEmail *bool `json:"verifyEmail,omitempty" tf:"verify_email,omitempty"`

	// Configuration for WebAuthn Passwordless Policy authentication.
	WebAuthnPasswordlessPolicy []WebAuthnPasswordlessPolicyObservation `json:"webAuthnPasswordlessPolicy,omitempty" tf:"web_authn_passwordless_policy,omitempty"`

	// Configuration for WebAuthn Policy authentication.
	WebAuthnPolicy []WebAuthnPolicyObservation `json:"webAuthnPolicy,omitempty" tf:"web_authn_policy,omitempty"`
}

func (*RealmObservation) DeepCopy

func (in *RealmObservation) DeepCopy() *RealmObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmObservation.

func (*RealmObservation) DeepCopyInto

func (in *RealmObservation) DeepCopyInto(out *RealmObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RealmParameters

type RealmParameters struct {

	// The maximum amount of time a client has to finish the authorization code flow.
	// +kubebuilder:validation:Optional
	AccessCodeLifespan *string `json:"accessCodeLifespan,omitempty" tf:"access_code_lifespan,omitempty"`

	// The maximum amount of time a user is permitted to stay on the login page before the authentication process must be restarted.
	// +kubebuilder:validation:Optional
	AccessCodeLifespanLogin *string `json:"accessCodeLifespanLogin,omitempty" tf:"access_code_lifespan_login,omitempty"`

	// The maximum amount of time a user has to complete login related actions, such as updating a password.
	// +kubebuilder:validation:Optional
	AccessCodeLifespanUserAction *string `json:"accessCodeLifespanUserAction,omitempty" tf:"access_code_lifespan_user_action,omitempty"`

	// The amount of time an access token can be used before it expires.
	// +kubebuilder:validation:Optional
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// The amount of time an access token issued with the OpenID Connect Implicit Flow can be used before it expires.
	// +kubebuilder:validation:Optional
	AccessTokenLifespanForImplicitFlow *string `json:"accessTokenLifespanForImplicitFlow,omitempty" tf:"access_token_lifespan_for_implicit_flow,omitempty"`

	// Used for account management pages.
	// +kubebuilder:validation:Optional
	AccountTheme *string `json:"accountTheme,omitempty" tf:"account_theme,omitempty"`

	// The maximum time a user has to use an admin-generated permit before it expires.
	// +kubebuilder:validation:Optional
	ActionTokenGeneratedByAdminLifespan *string `json:"actionTokenGeneratedByAdminLifespan,omitempty" tf:"action_token_generated_by_admin_lifespan,omitempty"`

	// The maximum time a user has to use a user-generated permit before it expires.
	// +kubebuilder:validation:Optional
	ActionTokenGeneratedByUserLifespan *string `json:"actionTokenGeneratedByUserLifespan,omitempty" tf:"action_token_generated_by_user_lifespan,omitempty"`

	// Used for the admin console.
	// +kubebuilder:validation:Optional
	AdminTheme *string `json:"adminTheme,omitempty" tf:"admin_theme,omitempty"`

	// A map of custom attributes to add to the realm.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Attributes map[string]*string `json:"attributes,omitempty" tf:"attributes,omitempty"`

	// The desired flow for browser authentication. Defaults to browser.
	// Which flow should be used for BrowserFlow
	// +kubebuilder:validation:Optional
	BrowserFlow *string `json:"browserFlow,omitempty" tf:"browser_flow,omitempty"`

	// The desired flow for client authentication. Defaults to clients.
	// Which flow should be used for ClientAuthenticationFlow
	// +kubebuilder:validation:Optional
	ClientAuthenticationFlow *string `json:"clientAuthenticationFlow,omitempty" tf:"client_authentication_flow,omitempty"`

	// The amount of time a session can be idle before it expires. Users can override it for individual clients.
	// +kubebuilder:validation:Optional
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// The maximum amount of time before a session expires regardless of activity. Users can override it for individual clients.
	// +kubebuilder:validation:Optional
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// A list of default default client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default default client-scopes.
	// +kubebuilder:validation:Optional
	// +listType=set
	DefaultDefaultClientScopes []*string `json:"defaultDefaultClientScopes,omitempty" tf:"default_default_client_scopes,omitempty"`

	// A list of default optional client scopes to be used for client definitions. Defaults to [] or keycloak's built-in default optional client-scopes.
	// +kubebuilder:validation:Optional
	// +listType=set
	DefaultOptionalClientScopes []*string `json:"defaultOptionalClientScopes,omitempty" tf:"default_optional_client_scopes,omitempty"`

	// Default algorithm used to sign tokens for the realm.
	// +kubebuilder:validation:Optional
	DefaultSignatureAlgorithm *string `json:"defaultSignatureAlgorithm,omitempty" tf:"default_signature_algorithm,omitempty"`

	// The desired flow for direct access authentication. Defaults to direct grant.
	// Which flow should be used for DirectGrantFlow
	// +kubebuilder:validation:Optional
	DirectGrantFlow *string `json:"directGrantFlow,omitempty" tf:"direct_grant_flow,omitempty"`

	// The display name for the realm that is shown when logging in to the admin console.
	// +kubebuilder:validation:Optional
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// The display name for the realm that is rendered as HTML on the screen when logging in to the admin console.
	// +kubebuilder:validation:Optional
	DisplayNameHTML *string `json:"displayNameHtml,omitempty" tf:"display_name_html,omitempty"`

	// The desired flow for Docker authentication. Defaults to docker auth.
	// Which flow should be used for DockerAuthenticationFlow
	// +kubebuilder:validation:Optional
	DockerAuthenticationFlow *string `json:"dockerAuthenticationFlow,omitempty" tf:"docker_authentication_flow,omitempty"`

	// When true, multiple users will be allowed to have the same email address. This argument must be set to false if login_with_email_allowed is set to true.
	// +kubebuilder:validation:Optional
	DuplicateEmailsAllowed *bool `json:"duplicateEmailsAllowed,omitempty" tf:"duplicate_emails_allowed,omitempty"`

	// When true, the username field is editable.
	// +kubebuilder:validation:Optional
	EditUsernameAllowed *bool `json:"editUsernameAllowed,omitempty" tf:"edit_username_allowed,omitempty"`

	// Used for emails that are sent by Keycloak.
	// +kubebuilder:validation:Optional
	EmailTheme *string `json:"emailTheme,omitempty" tf:"email_theme,omitempty"`

	// When false, users and clients will not be able to access this realm. Defaults to true.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When specified, this will be used as the realm's internal ID within Keycloak. When not specified, the realm's internal ID will be set to the realm's name.
	// +kubebuilder:validation:Optional
	InternalID *string `json:"internalId,omitempty" tf:"internal_id,omitempty"`

	// +kubebuilder:validation:Optional
	Internationalization []InternationalizationParameters `json:"internationalization,omitempty" tf:"internationalization,omitempty"`

	// Used for the login, forgot password, and registration pages.
	// +kubebuilder:validation:Optional
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// When true, users may log in with their email address.
	// +kubebuilder:validation:Optional
	LoginWithEmailAllowed *bool `json:"loginWithEmailAllowed,omitempty" tf:"login_with_email_allowed,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	// +kubebuilder:validation:Optional
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	// +kubebuilder:validation:Optional
	Oauth2DevicePollingInterval *float64 `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The amount of time an offline session can be idle before it expires.
	// +kubebuilder:validation:Optional
	OfflineSessionIdleTimeout *string `json:"offlineSessionIdleTimeout,omitempty" tf:"offline_session_idle_timeout,omitempty"`

	// The maximum amount of time before an offline session expires regardless of activity.
	// +kubebuilder:validation:Optional
	OfflineSessionMaxLifespan *string `json:"offlineSessionMaxLifespan,omitempty" tf:"offline_session_max_lifespan,omitempty"`

	// Enable offline_session_max_lifespan.
	// +kubebuilder:validation:Optional
	OfflineSessionMaxLifespanEnabled *bool `json:"offlineSessionMaxLifespanEnabled,omitempty" tf:"offline_session_max_lifespan_enabled,omitempty"`

	// +kubebuilder:validation:Optional
	OtpPolicy []OtpPolicyParameters `json:"otpPolicy,omitempty" tf:"otp_policy,omitempty"`

	// The password policy for users within the realm.
	// String that represents the passwordPolicies that are in place. Each policy is separated with " and ". Supported policies can be found in the server-info providers page. example: "upperCase(1) and length(8) and forceExpiredPasswordChange(365) and notUsername(undefined)"
	// +kubebuilder:validation:Optional
	PasswordPolicy *string `json:"passwordPolicy,omitempty" tf:"password_policy,omitempty"`

	// The name of the realm. This is unique across Keycloak. This will also be used as the realm's internal ID within Keycloak.
	// +kubebuilder:validation:Optional
	Realm *string `json:"realm,omitempty" tf:"realm,omitempty"`

	// Maximum number of times a refresh token can be reused before they are revoked. If unspecified and 'revoke_refresh_token' is enabled the default value is 0 and refresh tokens can not be reused.
	// +kubebuilder:validation:Optional
	RefreshTokenMaxReuse *float64 `json:"refreshTokenMaxReuse,omitempty" tf:"refresh_token_max_reuse,omitempty"`

	// When true, user registration will be enabled, and a link for registration will be displayed on the login page.
	// +kubebuilder:validation:Optional
	RegistrationAllowed *bool `json:"registrationAllowed,omitempty" tf:"registration_allowed,omitempty"`

	// When true, the user's email will be used as their username during registration.
	// +kubebuilder:validation:Optional
	RegistrationEmailAsUsername *bool `json:"registrationEmailAsUsername,omitempty" tf:"registration_email_as_username,omitempty"`

	// The desired flow for user registration. Defaults to registration.
	// Which flow should be used for RegistrationFlow
	// +kubebuilder:validation:Optional
	RegistrationFlow *string `json:"registrationFlow,omitempty" tf:"registration_flow,omitempty"`

	// When true, a "remember me" checkbox will be displayed on the login page, and the user's session will not expire between browser restarts.
	// +kubebuilder:validation:Optional
	RememberMe *bool `json:"rememberMe,omitempty" tf:"remember_me,omitempty"`

	// The desired flow to use when a user attempts to reset their credentials. Defaults to reset credentials.
	// Which flow should be used for ResetCredentialsFlow
	// +kubebuilder:validation:Optional
	ResetCredentialsFlow *string `json:"resetCredentialsFlow,omitempty" tf:"reset_credentials_flow,omitempty"`

	// When true, a "forgot password" link will be displayed on the login page.
	// +kubebuilder:validation:Optional
	ResetPasswordAllowed *bool `json:"resetPasswordAllowed,omitempty" tf:"reset_password_allowed,omitempty"`

	// If enabled a refresh token can only be used number of times specified in 'refresh_token_max_reuse' before they are revoked. If unspecified, refresh tokens can be reused.
	// +kubebuilder:validation:Optional
	RevokeRefreshToken *bool `json:"revokeRefreshToken,omitempty" tf:"revoke_refresh_token,omitempty"`

	// +kubebuilder:validation:Optional
	SMTPServer []SMTPServerParameters `json:"smtpServer,omitempty" tf:"smtp_server,omitempty"`

	// Can be one of following values: 'none, 'external' or 'all'
	// SSL Required: Values can be 'none', 'external' or 'all'.
	// +kubebuilder:validation:Optional
	SSLRequired *string `json:"sslRequired,omitempty" tf:"ssl_required,omitempty"`

	// +kubebuilder:validation:Optional
	SecurityDefenses []SecurityDefensesParameters `json:"securityDefenses,omitempty" tf:"security_defenses,omitempty"`

	// The amount of time a session can be idle before it expires.
	// +kubebuilder:validation:Optional
	SsoSessionIdleTimeout *string `json:"ssoSessionIdleTimeout,omitempty" tf:"sso_session_idle_timeout,omitempty"`

	// Similar to sso_session_idle_timeout, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_idle_timeout.
	// +kubebuilder:validation:Optional
	SsoSessionIdleTimeoutRememberMe *string `json:"ssoSessionIdleTimeoutRememberMe,omitempty" tf:"sso_session_idle_timeout_remember_me,omitempty"`

	// The maximum amount of time before a session expires regardless of activity.
	// +kubebuilder:validation:Optional
	SsoSessionMaxLifespan *string `json:"ssoSessionMaxLifespan,omitempty" tf:"sso_session_max_lifespan,omitempty"`

	// Similar to sso_session_max_lifespan, but used when a user clicks "Remember Me". If not set, Keycloak will default to the value of sso_session_max_lifespan.
	// +kubebuilder:validation:Optional
	SsoSessionMaxLifespanRememberMe *string `json:"ssoSessionMaxLifespanRememberMe,omitempty" tf:"sso_session_max_lifespan_remember_me,omitempty"`

	// When true, users are allowed to manage their own resources. Defaults to false.
	// +kubebuilder:validation:Optional
	UserManagedAccess *bool `json:"userManagedAccess,omitempty" tf:"user_managed_access,omitempty"`

	// When true, users are required to verify their email address after registration and after email address changes.
	// +kubebuilder:validation:Optional
	VerifyEmail *bool `json:"verifyEmail,omitempty" tf:"verify_email,omitempty"`

	// Configuration for WebAuthn Passwordless Policy authentication.
	// +kubebuilder:validation:Optional
	WebAuthnPasswordlessPolicy []WebAuthnPasswordlessPolicyParameters `json:"webAuthnPasswordlessPolicy,omitempty" tf:"web_authn_passwordless_policy,omitempty"`

	// Configuration for WebAuthn Policy authentication.
	// +kubebuilder:validation:Optional
	WebAuthnPolicy []WebAuthnPolicyParameters `json:"webAuthnPolicy,omitempty" tf:"web_authn_policy,omitempty"`
}

func (*RealmParameters) DeepCopy

func (in *RealmParameters) DeepCopy() *RealmParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmParameters.

func (*RealmParameters) DeepCopyInto

func (in *RealmParameters) DeepCopyInto(out *RealmParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RealmSpec

type RealmSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     RealmParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider RealmInitParameters `json:"initProvider,omitempty"`
}

RealmSpec defines the desired state of Realm

func (*RealmSpec) DeepCopy

func (in *RealmSpec) DeepCopy() *RealmSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmSpec.

func (*RealmSpec) DeepCopyInto

func (in *RealmSpec) DeepCopyInto(out *RealmSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RealmStatus

type RealmStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        RealmObservation `json:"atProvider,omitempty"`
}

RealmStatus defines the observed state of Realm.

func (*RealmStatus) DeepCopy

func (in *RealmStatus) DeepCopy() *RealmStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RealmStatus.

func (*RealmStatus) DeepCopyInto

func (in *RealmStatus) DeepCopyInto(out *RealmStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequiredAction added in v0.3.0

type RequiredAction struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.alias) || (has(self.initProvider) && has(self.initProvider.alias))",message="spec.forProvider.alias is a required parameter"
	Spec   RequiredActionSpec   `json:"spec"`
	Status RequiredActionStatus `json:"status,omitempty"`
}

RequiredAction is the Schema for the RequiredActions API. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*RequiredAction) DeepCopy added in v0.3.0

func (in *RequiredAction) DeepCopy() *RequiredAction

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredAction.

func (*RequiredAction) DeepCopyInto added in v0.3.0

func (in *RequiredAction) DeepCopyInto(out *RequiredAction)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RequiredAction) DeepCopyObject added in v0.3.0

func (in *RequiredAction) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RequiredAction) GetCondition added in v0.3.0

func (mg *RequiredAction) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this RequiredAction.

func (*RequiredAction) GetConnectionDetailsMapping added in v0.3.0

func (tr *RequiredAction) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this RequiredAction

func (*RequiredAction) GetDeletionPolicy added in v0.3.0

func (mg *RequiredAction) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this RequiredAction.

func (*RequiredAction) GetID added in v0.3.0

func (tr *RequiredAction) GetID() string

GetID returns ID of underlying Terraform resource of this RequiredAction

func (*RequiredAction) GetInitParameters added in v0.5.0

func (tr *RequiredAction) GetInitParameters() (map[string]any, error)

GetInitParameters of this RequiredAction

func (*RequiredAction) GetManagementPolicies added in v0.3.0

func (mg *RequiredAction) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this RequiredAction.

func (*RequiredAction) GetMergedParameters added in v0.6.0

func (tr *RequiredAction) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this RequiredAction

func (*RequiredAction) GetObservation added in v0.3.0

func (tr *RequiredAction) GetObservation() (map[string]any, error)

GetObservation of this RequiredAction

func (*RequiredAction) GetParameters added in v0.3.0

func (tr *RequiredAction) GetParameters() (map[string]any, error)

GetParameters of this RequiredAction

func (*RequiredAction) GetProviderConfigReference added in v0.3.0

func (mg *RequiredAction) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this RequiredAction.

func (*RequiredAction) GetPublishConnectionDetailsTo added in v0.3.0

func (mg *RequiredAction) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this RequiredAction.

func (*RequiredAction) GetTerraformResourceType added in v0.3.0

func (mg *RequiredAction) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this RequiredAction

func (*RequiredAction) GetTerraformSchemaVersion added in v0.3.0

func (tr *RequiredAction) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*RequiredAction) GetWriteConnectionSecretToReference added in v0.3.0

func (mg *RequiredAction) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this RequiredAction.

func (*RequiredAction) Hub added in v0.11.0

func (tr *RequiredAction) Hub()

Hub marks this type as a conversion hub.

func (*RequiredAction) LateInitialize added in v0.3.0

func (tr *RequiredAction) LateInitialize(attrs []byte) (bool, error)

LateInitialize this RequiredAction using its observed tfState. returns True if there are any spec changes for the resource.

func (*RequiredAction) ResolveReferences added in v0.3.0

func (mg *RequiredAction) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this RequiredAction.

func (*RequiredAction) SetConditions added in v0.3.0

func (mg *RequiredAction) SetConditions(c ...xpv1.Condition)

SetConditions of this RequiredAction.

func (*RequiredAction) SetDeletionPolicy added in v0.3.0

func (mg *RequiredAction) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this RequiredAction.

func (*RequiredAction) SetManagementPolicies added in v0.3.0

func (mg *RequiredAction) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this RequiredAction.

func (*RequiredAction) SetObservation added in v0.3.0

func (tr *RequiredAction) SetObservation(obs map[string]any) error

SetObservation for this RequiredAction

func (*RequiredAction) SetParameters added in v0.3.0

func (tr *RequiredAction) SetParameters(params map[string]any) error

SetParameters for this RequiredAction

func (*RequiredAction) SetProviderConfigReference added in v0.3.0

func (mg *RequiredAction) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this RequiredAction.

func (*RequiredAction) SetPublishConnectionDetailsTo added in v0.3.0

func (mg *RequiredAction) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this RequiredAction.

func (*RequiredAction) SetWriteConnectionSecretToReference added in v0.3.0

func (mg *RequiredAction) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this RequiredAction.

type RequiredActionInitParameters added in v0.5.0

type RequiredActionInitParameters struct {

	// The alias of the action to attach as a required action.
	Alias *string `json:"alias,omitempty" tf:"alias,omitempty"`

	// When true, the required action is set as the default action for new users. Defaults to false.
	DefaultAction *bool `json:"defaultAction,omitempty" tf:"default_action,omitempty"`

	// When false, the required action is not enabled for new users. Defaults to false.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The name of the required action.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority of the required action.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The realm the required action exists in.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*RequiredActionInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionInitParameters.

func (*RequiredActionInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequiredActionList added in v0.3.0

type RequiredActionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []RequiredAction `json:"items"`
}

RequiredActionList contains a list of RequiredActions

func (*RequiredActionList) DeepCopy added in v0.3.0

func (in *RequiredActionList) DeepCopy() *RequiredActionList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionList.

func (*RequiredActionList) DeepCopyInto added in v0.3.0

func (in *RequiredActionList) DeepCopyInto(out *RequiredActionList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RequiredActionList) DeepCopyObject added in v0.3.0

func (in *RequiredActionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RequiredActionList) GetItems added in v0.3.0

func (l *RequiredActionList) GetItems() []resource.Managed

GetItems of this RequiredActionList.

type RequiredActionObservation added in v0.3.0

type RequiredActionObservation struct {

	// The alias of the action to attach as a required action.
	Alias *string `json:"alias,omitempty" tf:"alias,omitempty"`

	// When true, the required action is set as the default action for new users. Defaults to false.
	DefaultAction *bool `json:"defaultAction,omitempty" tf:"default_action,omitempty"`

	// When false, the required action is not enabled for new users. Defaults to false.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The name of the required action.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority of the required action.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The realm the required action exists in.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*RequiredActionObservation) DeepCopy added in v0.3.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionObservation.

func (*RequiredActionObservation) DeepCopyInto added in v0.3.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequiredActionParameters added in v0.3.0

type RequiredActionParameters struct {

	// The alias of the action to attach as a required action.
	// +kubebuilder:validation:Optional
	Alias *string `json:"alias,omitempty" tf:"alias,omitempty"`

	// When true, the required action is set as the default action for new users. Defaults to false.
	// +kubebuilder:validation:Optional
	DefaultAction *bool `json:"defaultAction,omitempty" tf:"default_action,omitempty"`

	// When false, the required action is not enabled for new users. Defaults to false.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The name of the required action.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority of the required action.
	// +kubebuilder:validation:Optional
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The realm the required action exists in.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*RequiredActionParameters) DeepCopy added in v0.3.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionParameters.

func (*RequiredActionParameters) DeepCopyInto added in v0.3.0

func (in *RequiredActionParameters) DeepCopyInto(out *RequiredActionParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequiredActionSpec added in v0.3.0

type RequiredActionSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     RequiredActionParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider RequiredActionInitParameters `json:"initProvider,omitempty"`
}

RequiredActionSpec defines the desired state of RequiredAction

func (*RequiredActionSpec) DeepCopy added in v0.3.0

func (in *RequiredActionSpec) DeepCopy() *RequiredActionSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionSpec.

func (*RequiredActionSpec) DeepCopyInto added in v0.3.0

func (in *RequiredActionSpec) DeepCopyInto(out *RequiredActionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequiredActionStatus added in v0.3.0

type RequiredActionStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        RequiredActionObservation `json:"atProvider,omitempty"`
}

RequiredActionStatus defines the observed state of RequiredAction.

func (*RequiredActionStatus) DeepCopy added in v0.3.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredActionStatus.

func (*RequiredActionStatus) DeepCopyInto added in v0.3.0

func (in *RequiredActionStatus) DeepCopyInto(out *RequiredActionStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SMTPServerInitParameters added in v0.5.0

type SMTPServerInitParameters struct {

	// Enables authentication to the SMTP server.  This block supports the following arguments:
	Auth []AuthInitParameters `json:"auth,omitempty" tf:"auth,omitempty"`

	// The email address uses for bounces.
	EnvelopeFrom *string `json:"envelopeFrom,omitempty" tf:"envelope_from,omitempty"`

	// The email address for the sender.
	From *string `json:"from,omitempty" tf:"from,omitempty"`

	// The display name of the sender email address.
	FromDisplayName *string `json:"fromDisplayName,omitempty" tf:"from_display_name,omitempty"`

	// The host of the SMTP server.
	Host *string `json:"host,omitempty" tf:"host,omitempty"`

	// The port of the SMTP server (defaults to 25).
	Port *string `json:"port,omitempty" tf:"port,omitempty"`

	// The "reply to" email address.
	ReplyTo *string `json:"replyTo,omitempty" tf:"reply_to,omitempty"`

	// The display name of the "reply to" email address.
	ReplyToDisplayName *string `json:"replyToDisplayName,omitempty" tf:"reply_to_display_name,omitempty"`

	// When true, enables SSL. Defaults to false.
	SSL *bool `json:"ssl,omitempty" tf:"ssl,omitempty"`

	// When true, enables StartTLS. Defaults to false.
	Starttls *bool `json:"starttls,omitempty" tf:"starttls,omitempty"`
}

func (*SMTPServerInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMTPServerInitParameters.

func (*SMTPServerInitParameters) DeepCopyInto added in v0.5.0

func (in *SMTPServerInitParameters) DeepCopyInto(out *SMTPServerInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SMTPServerObservation

type SMTPServerObservation struct {

	// Enables authentication to the SMTP server.  This block supports the following arguments:
	Auth []AuthObservation `json:"auth,omitempty" tf:"auth,omitempty"`

	// The email address uses for bounces.
	EnvelopeFrom *string `json:"envelopeFrom,omitempty" tf:"envelope_from,omitempty"`

	// The email address for the sender.
	From *string `json:"from,omitempty" tf:"from,omitempty"`

	// The display name of the sender email address.
	FromDisplayName *string `json:"fromDisplayName,omitempty" tf:"from_display_name,omitempty"`

	// The host of the SMTP server.
	Host *string `json:"host,omitempty" tf:"host,omitempty"`

	// The port of the SMTP server (defaults to 25).
	Port *string `json:"port,omitempty" tf:"port,omitempty"`

	// The "reply to" email address.
	ReplyTo *string `json:"replyTo,omitempty" tf:"reply_to,omitempty"`

	// The display name of the "reply to" email address.
	ReplyToDisplayName *string `json:"replyToDisplayName,omitempty" tf:"reply_to_display_name,omitempty"`

	// When true, enables SSL. Defaults to false.
	SSL *bool `json:"ssl,omitempty" tf:"ssl,omitempty"`

	// When true, enables StartTLS. Defaults to false.
	Starttls *bool `json:"starttls,omitempty" tf:"starttls,omitempty"`
}

func (*SMTPServerObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMTPServerObservation.

func (*SMTPServerObservation) DeepCopyInto

func (in *SMTPServerObservation) DeepCopyInto(out *SMTPServerObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SMTPServerParameters

type SMTPServerParameters struct {

	// Enables authentication to the SMTP server.  This block supports the following arguments:
	// +kubebuilder:validation:Optional
	Auth []AuthParameters `json:"auth,omitempty" tf:"auth,omitempty"`

	// The email address uses for bounces.
	// +kubebuilder:validation:Optional
	EnvelopeFrom *string `json:"envelopeFrom,omitempty" tf:"envelope_from,omitempty"`

	// The email address for the sender.
	// +kubebuilder:validation:Optional
	From *string `json:"from" tf:"from,omitempty"`

	// The display name of the sender email address.
	// +kubebuilder:validation:Optional
	FromDisplayName *string `json:"fromDisplayName,omitempty" tf:"from_display_name,omitempty"`

	// The host of the SMTP server.
	// +kubebuilder:validation:Optional
	Host *string `json:"host" tf:"host,omitempty"`

	// The port of the SMTP server (defaults to 25).
	// +kubebuilder:validation:Optional
	Port *string `json:"port,omitempty" tf:"port,omitempty"`

	// The "reply to" email address.
	// +kubebuilder:validation:Optional
	ReplyTo *string `json:"replyTo,omitempty" tf:"reply_to,omitempty"`

	// The display name of the "reply to" email address.
	// +kubebuilder:validation:Optional
	ReplyToDisplayName *string `json:"replyToDisplayName,omitempty" tf:"reply_to_display_name,omitempty"`

	// When true, enables SSL. Defaults to false.
	// +kubebuilder:validation:Optional
	SSL *bool `json:"ssl,omitempty" tf:"ssl,omitempty"`

	// When true, enables StartTLS. Defaults to false.
	// +kubebuilder:validation:Optional
	Starttls *bool `json:"starttls,omitempty" tf:"starttls,omitempty"`
}

func (*SMTPServerParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMTPServerParameters.

func (*SMTPServerParameters) DeepCopyInto

func (in *SMTPServerParameters) DeepCopyInto(out *SMTPServerParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityDefensesInitParameters added in v0.5.0

type SecurityDefensesInitParameters struct {
	BruteForceDetection []BruteForceDetectionInitParameters `json:"bruteForceDetection,omitempty" tf:"brute_force_detection,omitempty"`

	Headers []HeadersInitParameters `json:"headers,omitempty" tf:"headers,omitempty"`
}

func (*SecurityDefensesInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityDefensesInitParameters.

func (*SecurityDefensesInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityDefensesObservation

type SecurityDefensesObservation struct {
	BruteForceDetection []BruteForceDetectionObservation `json:"bruteForceDetection,omitempty" tf:"brute_force_detection,omitempty"`

	Headers []HeadersObservation `json:"headers,omitempty" tf:"headers,omitempty"`
}

func (*SecurityDefensesObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityDefensesObservation.

func (*SecurityDefensesObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityDefensesParameters

type SecurityDefensesParameters struct {

	// +kubebuilder:validation:Optional
	BruteForceDetection []BruteForceDetectionParameters `json:"bruteForceDetection,omitempty" tf:"brute_force_detection,omitempty"`

	// +kubebuilder:validation:Optional
	Headers []HeadersParameters `json:"headers,omitempty" tf:"headers,omitempty"`
}

func (*SecurityDefensesParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityDefensesParameters.

func (*SecurityDefensesParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPasswordlessPolicyInitParameters added in v0.5.0

type WebAuthnPasswordlessPolicyInitParameters struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPasswordlessPolicyInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPasswordlessPolicyInitParameters.

func (*WebAuthnPasswordlessPolicyInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPasswordlessPolicyObservation

type WebAuthnPasswordlessPolicyObservation struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPasswordlessPolicyObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPasswordlessPolicyObservation.

func (*WebAuthnPasswordlessPolicyObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPasswordlessPolicyParameters

type WebAuthnPasswordlessPolicyParameters struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +kubebuilder:validation:Optional
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	// +kubebuilder:validation:Optional
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	// +kubebuilder:validation:Optional
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	// +kubebuilder:validation:Optional
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	// +kubebuilder:validation:Optional
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	// +kubebuilder:validation:Optional
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	// +kubebuilder:validation:Optional
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	// +kubebuilder:validation:Optional
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +kubebuilder:validation:Optional
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	// +kubebuilder:validation:Optional
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPasswordlessPolicyParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPasswordlessPolicyParameters.

func (*WebAuthnPasswordlessPolicyParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPolicyInitParameters added in v0.5.0

type WebAuthnPolicyInitParameters struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPolicyInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPolicyInitParameters.

func (*WebAuthnPolicyInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPolicyObservation

type WebAuthnPolicyObservation struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPolicyObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPolicyObservation.

func (*WebAuthnPolicyObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebAuthnPolicyParameters

type WebAuthnPolicyParameters struct {

	// A set of AAGUIDs for which an authenticator can be registered.
	// +kubebuilder:validation:Optional
	// +listType=set
	AcceptableAaguids []*string `json:"acceptableAaguids,omitempty" tf:"acceptable_aaguids,omitempty"`

	// The preference of how to generate a WebAuthn attestation statement. Valid options are not specified, none, indirect, direct, or enterprise. Defaults to not specified.
	// Either none, indirect or direct
	// +kubebuilder:validation:Optional
	AttestationConveyancePreference *string `json:"attestationConveyancePreference,omitempty" tf:"attestation_conveyance_preference,omitempty"`

	// The acceptable attachment pattern for the WebAuthn authenticator. Valid options are not specified, platform, or cross-platform. Defaults to not specified.
	// Either platform or cross-platform
	// +kubebuilder:validation:Optional
	AuthenticatorAttachment *string `json:"authenticatorAttachment,omitempty" tf:"authenticator_attachment,omitempty"`

	// When true, Keycloak will avoid registering the authenticator for WebAuthn if it has already been registered. Defaults to false.
	// +kubebuilder:validation:Optional
	AvoidSameAuthenticatorRegister *bool `json:"avoidSameAuthenticatorRegister,omitempty" tf:"avoid_same_authenticator_register,omitempty"`

	// The timeout value for creating a user's public key credential in seconds. When set to 0, this timeout option is not adapted. Defaults to 0.
	// +kubebuilder:validation:Optional
	CreateTimeout *float64 `json:"createTimeout,omitempty" tf:"create_timeout,omitempty"`

	// A human readable server name for the WebAuthn Relying Party. Defaults to keycloak.
	// +kubebuilder:validation:Optional
	RelyingPartyEntityName *string `json:"relyingPartyEntityName,omitempty" tf:"relying_party_entity_name,omitempty"`

	// The WebAuthn relying party ID.
	// +kubebuilder:validation:Optional
	RelyingPartyID *string `json:"relyingPartyId,omitempty" tf:"relying_party_id,omitempty"`

	// Specifies whether or not a public key should be created to represent the resident key. Valid options are not specified, Yes, or No. Defaults to not specified.
	// Either Yes or No
	// +kubebuilder:validation:Optional
	RequireResidentKey *string `json:"requireResidentKey,omitempty" tf:"require_resident_key,omitempty"`

	// A set of signature algorithms that should be used for the authentication assertion. Valid options at the time these docs were written are ES256, ES384, ES512, RS256, RS384, RS512, and RS1.
	// Keycloak lists ES256, ES384, ES512, RS256, RS384, RS512, RS1 at the time of writing
	// +kubebuilder:validation:Optional
	// +listType=set
	SignatureAlgorithms []*string `json:"signatureAlgorithms,omitempty" tf:"signature_algorithms,omitempty"`

	// Specifies the policy for verifying a user logging in via WebAuthn. Valid options are not specified, required, preferred, or discouraged. Defaults to not specified.
	// Either required, preferred or discouraged
	// +kubebuilder:validation:Optional
	UserVerificationRequirement *string `json:"userVerificationRequirement,omitempty" tf:"user_verification_requirement,omitempty"`
}

func (*WebAuthnPolicyParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebAuthnPolicyParameters.

func (*WebAuthnPolicyParameters) DeepCopyInto

func (in *WebAuthnPolicyParameters) DeepCopyInto(out *WebAuthnPolicyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL