From 583ff920a984c7c6af366064197c549b0c9b909b Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 21:18:01 +0200 Subject: [PATCH] [PR #12087/7b01bcba backport][stable-13] keycloak_realm - add ``max_secondary_auth_failures`` parameter to configure brute force detection for secondary authentication mechanisms. (#12177) keycloak_realm - add ``max_secondary_auth_failures`` parameter to configure brute force detection for secondary authentication mechanisms. (#12087) * minor_changes: - keycloak_realm - add ``max_secondary_auth_failures`` parameter to configure brute force detection for secondary authentication mechanisms. * Update changelogs/fragments/12087-keycloak-realm-max-secondary-auth-failures.yml --------- (cherry picked from commit 7b01bcbadf829159b67240cb106f7237b18ffccf) Co-authored-by: amPrimeSign <146177975+amPrimeSign@users.noreply.github.com> Co-authored-by: Felix Fontein --- .../12087-keycloak-realm-max-secondary-auth-failures.yml | 2 ++ plugins/modules/keycloak_realm.py | 8 ++++++++ 2 files changed, 10 insertions(+) create mode 100644 changelogs/fragments/12087-keycloak-realm-max-secondary-auth-failures.yml diff --git a/changelogs/fragments/12087-keycloak-realm-max-secondary-auth-failures.yml b/changelogs/fragments/12087-keycloak-realm-max-secondary-auth-failures.yml new file mode 100644 index 0000000000..ff9eaadbfb --- /dev/null +++ b/changelogs/fragments/12087-keycloak-realm-max-secondary-auth-failures.yml @@ -0,0 +1,2 @@ +minor_changes: + - keycloak_realm - add ``max_secondary_auth_failures`` parameter to configure brute force detection for secondary authentication mechanisms (https://github.com/ansible-collections/community.general/pull/12087). diff --git a/plugins/modules/keycloak_realm.py b/plugins/modules/keycloak_realm.py index 478f28af2d..b95198fc25 100644 --- a/plugins/modules/keycloak_realm.py +++ b/plugins/modules/keycloak_realm.py @@ -329,6 +329,13 @@ options: aliases: - maxFailureWaitSeconds type: int + max_secondary_auth_failures: + description: + - The realm max secondary authentication failures (used with brute force detection for secondary auth mechanisms). + aliases: + - maxSecondaryAuthFailures + type: int + version_added: 13.1.0 max_temporary_lockouts: description: - The realm max temporary lockouts. @@ -937,6 +944,7 @@ def main(): login_with_email_allowed=dict(type="bool", aliases=["loginWithEmailAllowed"]), max_delta_time_seconds=dict(type="int", aliases=["maxDeltaTimeSeconds"]), max_failure_wait_seconds=dict(type="int", aliases=["maxFailureWaitSeconds"]), + max_secondary_auth_failures=dict(type="int", aliases=["maxSecondaryAuthFailures"]), max_temporary_lockouts=dict(type="int", aliases=["maxTemporaryLockouts"]), minimum_quick_login_wait_seconds=dict(type="int", aliases=["minimumQuickLoginWaitSeconds"]), not_before=dict(type="int", aliases=["notBefore"]),