@pulumi/keycloak 5.3.0 → 5.3.1

package/ldap/fullNameMapper.d.ts

@@ -1,48 +1,62 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Allows for creating and managing full name mappers for Keycloak users federated via LDAP.
+ * ## # keycloak.ldap.FullNameMapper
  *
- * The LDAP full name mapper can map a user's full name from an LDAP attribute to the first and last name attributes of a
- * Keycloak user.
+ * Allows for creating and managing full name mappers for Keycloak users federated
+ * via LDAP.
  *
- * ## Example Usage
+ * The LDAP full name mapper can map a user's full name from an LDAP attribute
+ * to the first and last name attributes of a Keycloak user.
  *
+ * ### Example Usage
+ *
+ * <!--Start PulumiCodeChooser -->
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as keycloak from "@pulumi/keycloak";
  *
  * const realm = new keycloak.Realm("realm", {
- *     realm: "my-realm",
  *     enabled: true,
+ *     realm: "test",
  * });
  * const ldapUserFederation = new keycloak.ldap.UserFederation("ldapUserFederation", {
- *     realmId: realm.id,
- *     usernameLdapAttribute: "cn",
+ *     bindCredential: "admin",
+ *     bindDn: "cn=admin,dc=example,dc=org",
+ *     connectionUrl: "ldap://openldap",
  *     rdnLdapAttribute: "cn",
- *     uuidLdapAttribute: "entryDN",
+ *     realmId: realm.id,
  *     userObjectClasses: [
  *         "simpleSecurityObject",
  *         "organizationalRole",
  *     ],
- *     connectionUrl: "ldap://openldap",
+ *     usernameLdapAttribute: "cn",
  *     usersDn: "dc=example,dc=org",
- *     bindDn: "cn=admin,dc=example,dc=org",
- *     bindCredential: "admin",
+ *     uuidLdapAttribute: "entryDN",
  * });
  * const ldapFullNameMapper = new keycloak.ldap.FullNameMapper("ldapFullNameMapper", {
- *     realmId: realm.id,
- *     ldapUserFederationId: ldapUserFederation.id,
  *     ldapFullNameAttribute: "cn",
+ *     ldapUserFederationId: ldapUserFederation.id,
+ *     realmId: realm.id,
  * });
  * ```
+ * <!--End PulumiCodeChooser -->
  *
- * ## Import
+ * ### Argument Reference
  *
- * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
+ * The following arguments are supported:
  *
- * ```sh
- *  $ pulumi import keycloak:ldap/fullNameMapper:FullNameMapper ldap_full_name_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
- * ```
+ * - `realmId` - (Required) The realm that this LDAP mapper will exist in.
+ * - `ldapUserFederationId` - (Required) The ID of the LDAP user federation provider to attach this mapper to.
+ * - `name` - (Required) Display name of this mapper when displayed in the console.
+ * - `ldapFullNameAttribute` - (Required) The name of the LDAP attribute containing the user's full name.
+ * - `readOnly` - (Optional) When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
+ * - `writeOnly` - (Optional) When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
+ *
+ * ### Import
+ *
+ * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`.
+ * The ID of the LDAP user federation provider and the mapper can be found within
+ * the Keycloak GUI, and they are typically GUIDs:
  */
 export declare class FullNameMapper extends pulumi.CustomResource {
     /**
@@ -60,29 +74,20 @@ export declare class FullNameMapper extends pulumi.CustomResource {
      * when multiple copies of the Pulumi SDK have been loaded into the same process.
      */
     static isInstance(obj: any): obj is FullNameMapper;
-    /**
-     * The name of the LDAP attribute containing the user's full name.
-     */
     readonly ldapFullNameAttribute: pulumi.Output<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     readonly ldapUserFederationId: pulumi.Output<string>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     readonly name: pulumi.Output<string>;
-    /**
-     * When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
-     */
     readonly readOnly: pulumi.Output<boolean | undefined>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     readonly realmId: pulumi.Output<string>;
-    /**
-     * When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
-     */
     readonly writeOnly: pulumi.Output<boolean | undefined>;
     /**
      * Create a FullNameMapper resource with the given unique name, arguments, and options.
@@ -97,57 +102,39 @@ export declare class FullNameMapper extends pulumi.CustomResource {
  * Input properties used for looking up and filtering FullNameMapper resources.
  */
 export interface FullNameMapperState {
-    /**
-     * The name of the LDAP attribute containing the user's full name.
-     */
     ldapFullNameAttribute?: pulumi.Input<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     ldapUserFederationId?: pulumi.Input<string>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     name?: pulumi.Input<string>;
-    /**
-     * When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
-     */
     readOnly?: pulumi.Input<boolean>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     realmId?: pulumi.Input<string>;
-    /**
-     * When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
-     */
     writeOnly?: pulumi.Input<boolean>;
 }
 /**
  * The set of arguments for constructing a FullNameMapper resource.
  */
 export interface FullNameMapperArgs {
-    /**
-     * The name of the LDAP attribute containing the user's full name.
-     */
     ldapFullNameAttribute: pulumi.Input<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     ldapUserFederationId: pulumi.Input<string>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     name?: pulumi.Input<string>;
-    /**
-     * When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
-     */
     readOnly?: pulumi.Input<boolean>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     realmId: pulumi.Input<string>;
-    /**
-     * When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
-     */
     writeOnly?: pulumi.Input<boolean>;
 }

package/ldap/fullNameMapper.js

@@ -6,49 +6,63 @@ exports.FullNameMapper = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("../utilities");
 /**
- * Allows for creating and managing full name mappers for Keycloak users federated via LDAP.
+ * ## # keycloak.ldap.FullNameMapper
  *
- * The LDAP full name mapper can map a user's full name from an LDAP attribute to the first and last name attributes of a
- * Keycloak user.
+ * Allows for creating and managing full name mappers for Keycloak users federated
+ * via LDAP.
  *
- * ## Example Usage
+ * The LDAP full name mapper can map a user's full name from an LDAP attribute
+ * to the first and last name attributes of a Keycloak user.
  *
+ * ### Example Usage
+ *
+ * <!--Start PulumiCodeChooser -->
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as keycloak from "@pulumi/keycloak";
  *
  * const realm = new keycloak.Realm("realm", {
- *     realm: "my-realm",
  *     enabled: true,
+ *     realm: "test",
  * });
  * const ldapUserFederation = new keycloak.ldap.UserFederation("ldapUserFederation", {
- *     realmId: realm.id,
- *     usernameLdapAttribute: "cn",
+ *     bindCredential: "admin",
+ *     bindDn: "cn=admin,dc=example,dc=org",
+ *     connectionUrl: "ldap://openldap",
  *     rdnLdapAttribute: "cn",
- *     uuidLdapAttribute: "entryDN",
+ *     realmId: realm.id,
  *     userObjectClasses: [
  *         "simpleSecurityObject",
  *         "organizationalRole",
  *     ],
- *     connectionUrl: "ldap://openldap",
+ *     usernameLdapAttribute: "cn",
  *     usersDn: "dc=example,dc=org",
- *     bindDn: "cn=admin,dc=example,dc=org",
- *     bindCredential: "admin",
+ *     uuidLdapAttribute: "entryDN",
  * });
  * const ldapFullNameMapper = new keycloak.ldap.FullNameMapper("ldapFullNameMapper", {
- *     realmId: realm.id,
- *     ldapUserFederationId: ldapUserFederation.id,
  *     ldapFullNameAttribute: "cn",
+ *     ldapUserFederationId: ldapUserFederation.id,
+ *     realmId: realm.id,
  * });
  * ```
+ * <!--End PulumiCodeChooser -->
  *
- * ## Import
+ * ### Argument Reference
  *
- * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
+ * The following arguments are supported:
  *
- * ```sh
- *  $ pulumi import keycloak:ldap/fullNameMapper:FullNameMapper ldap_full_name_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
- * ```
+ * - `realmId` - (Required) The realm that this LDAP mapper will exist in.
+ * - `ldapUserFederationId` - (Required) The ID of the LDAP user federation provider to attach this mapper to.
+ * - `name` - (Required) Display name of this mapper when displayed in the console.
+ * - `ldapFullNameAttribute` - (Required) The name of the LDAP attribute containing the user's full name.
+ * - `readOnly` - (Optional) When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
+ * - `writeOnly` - (Optional) When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
+ *
+ * ### Import
+ *
+ * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`.
+ * The ID of the LDAP user federation provider and the mapper can be found within
+ * the Keycloak GUI, and they are typically GUIDs:
  */
 class FullNameMapper extends pulumi.CustomResource {
     /**

package/ldap/fullNameMapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"fullNameMapper.js","sourceRoot":"","sources":["../../ldap/fullNameMapper.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IACrD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;IAmCD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClE,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;aACxE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;;AA5FL,wCA6FC;AA/EG,gBAAgB;AACO,2BAAY,GAAG,6CAA6C,CAAC"}
+{"version":3,"file":"fullNameMapper.js","sourceRoot":"","sources":["../../ldap/fullNameMapper.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0DG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IACrD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;IA0BD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClE,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;aACxE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;SACnE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;;AAnFL,wCAoFC;AAtEG,gBAAgB;AACO,2BAAY,GAAG,6CAA6C,CAAC"}

package/ldap/groupMapper.d.ts

@@ -1,54 +1,80 @@
 import * as pulumi from "@pulumi/pulumi";
 /**
- * Allows for creating and managing group mappers for Keycloak users federated via LDAP.
+ * ## # keycloak.ldap.GroupMapper
  *
- * The LDAP group mapper can be used to map an LDAP user's groups from some DN to Keycloak groups. This group mapper will also
- * create the groups within Keycloak if they do not already exist.
+ * Allows for creating and managing group mappers for Keycloak users federated
+ * via LDAP.
  *
- * ## Example Usage
+ * The LDAP group mapper can be used to map an LDAP user's groups from some DN
+ * to Keycloak groups. This group mapper will also create the groups within Keycloak
+ * if they do not already exist.
  *
+ * ### Example Usage
+ *
+ * <!--Start PulumiCodeChooser -->
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as keycloak from "@pulumi/keycloak";
  *
  * const realm = new keycloak.Realm("realm", {
- *     realm: "my-realm",
  *     enabled: true,
+ *     realm: "test",
  * });
  * const ldapUserFederation = new keycloak.ldap.UserFederation("ldapUserFederation", {
- *     realmId: realm.id,
- *     usernameLdapAttribute: "cn",
+ *     bindCredential: "admin",
+ *     bindDn: "cn=admin,dc=example,dc=org",
+ *     connectionUrl: "ldap://openldap",
  *     rdnLdapAttribute: "cn",
- *     uuidLdapAttribute: "entryDN",
+ *     realmId: realm.id,
  *     userObjectClasses: [
  *         "simpleSecurityObject",
  *         "organizationalRole",
  *     ],
- *     connectionUrl: "ldap://openldap",
+ *     usernameLdapAttribute: "cn",
  *     usersDn: "dc=example,dc=org",
- *     bindDn: "cn=admin,dc=example,dc=org",
- *     bindCredential: "admin",
+ *     uuidLdapAttribute: "entryDN",
  * });
  * const ldapGroupMapper = new keycloak.ldap.GroupMapper("ldapGroupMapper", {
- *     realmId: realm.id,
- *     ldapUserFederationId: ldapUserFederation.id,
- *     ldapGroupsDn: "dc=example,dc=org",
  *     groupNameLdapAttribute: "cn",
  *     groupObjectClasses: ["groupOfNames"],
+ *     ldapGroupsDn: "dc=example,dc=org",
+ *     ldapUserFederationId: ldapUserFederation.id,
+ *     memberofLdapAttribute: "memberOf",
  *     membershipAttributeType: "DN",
  *     membershipLdapAttribute: "member",
  *     membershipUserLdapAttribute: "cn",
- *     memberofLdapAttribute: "memberOf",
+ *     realmId: realm.id,
  * });
  * ```
+ * <!--End PulumiCodeChooser -->
  *
- * ## Import
+ * ### Argument Reference
  *
- * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
+ * The following arguments are supported:
  *
- * ```sh
- *  $ pulumi import keycloak:ldap/groupMapper:GroupMapper ldap_group_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
- * ```
+ * - `realmId` - (Required) The realm that this LDAP mapper will exist in.
+ * - `ldapUserFederationId` - (Required) The ID of the LDAP user federation provider to attach this mapper to.
+ * - `name` - (Required) Display name of this mapper when displayed in the console.
+ * - `ldapGroupsDn` - (Required) The LDAP DN where groups can be found.
+ * - `groupNameLdapAttribute` - (Required) The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
+ * - `groupObjectClasses` - (Required) Array of strings representing the object classes for the group. Must contain at least one.
+ * - `preserveGroupInheritance` - (Optional) When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
+ * - `ignoreMissingGroups` - (Optional) When `true`, missing groups in the hierarchy will be ignored.
+ * - `membershipLdapAttribute` - (Required) The name of the LDAP attribute that is used for membership mappings.
+ * - `membershipAttributeType` - (Optional) Can be one of `DN` or `UID`. Defaults to `DN`.
+ * - `membershipUserLdapAttribute` - (Required) The name of the LDAP attribute on a user that is used for membership mappings.
+ * - `groupsLdapFilter` - (Optional) When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
+ * - `mode` - (Optional) Can be one of `READ_ONLY` or `LDAP_ONLY`. Defaults to `READ_ONLY`.
+ * - `userRolesRetrieveStrategy` - (Optional) Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
+ * - `memberofLdapAttribute` - (Optional) Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
+ * - `mappedGroupAttributes` - (Optional) Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
+ * - `dropNonExistingGroupsDuringSync` - (Optional) When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
+ *
+ * ### Import
+ *
+ * LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`.
+ * The ID of the LDAP user federation provider and the mapper can be found within
+ * the Keycloak GUI, and they are typically GUIDs:
  */
 export declare class GroupMapper extends pulumi.CustomResource {
     /**
@@ -66,77 +92,32 @@ export declare class GroupMapper extends pulumi.CustomResource {
      * when multiple copies of the Pulumi SDK have been loaded into the same process.
      */
     static isInstance(obj: any): obj is GroupMapper;
-    /**
-     * When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
-     */
     readonly dropNonExistingGroupsDuringSync: pulumi.Output<boolean | undefined>;
-    /**
-     * The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
-     */
     readonly groupNameLdapAttribute: pulumi.Output<string>;
-    /**
-     * List of strings representing the object classes for the group. Must contain at least one.
-     */
     readonly groupObjectClasses: pulumi.Output<string[]>;
-    /**
-     * When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
-     */
     readonly groupsLdapFilter: pulumi.Output<string | undefined>;
-    /**
-     * Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
-     */
     readonly groupsPath: pulumi.Output<string>;
-    /**
-     * When `true`, missing groups in the hierarchy will be ignored.
-     */
     readonly ignoreMissingGroups: pulumi.Output<boolean | undefined>;
-    /**
-     * The LDAP DN where groups can be found.
-     */
     readonly ldapGroupsDn: pulumi.Output<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     readonly ldapUserFederationId: pulumi.Output<string>;
-    /**
-     * Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
-     */
     readonly mappedGroupAttributes: pulumi.Output<string[] | undefined>;
-    /**
-     * Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
-     */
     readonly memberofLdapAttribute: pulumi.Output<string | undefined>;
-    /**
-     * Can be one of `DN` or `UID`. Defaults to `DN`.
-     */
     readonly membershipAttributeType: pulumi.Output<string | undefined>;
-    /**
-     * The name of the LDAP attribute that is used for membership mappings.
-     */
     readonly membershipLdapAttribute: pulumi.Output<string>;
-    /**
-     * The name of the LDAP attribute on a user that is used for membership mappings.
-     */
     readonly membershipUserLdapAttribute: pulumi.Output<string>;
-    /**
-     * Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
-     */
     readonly mode: pulumi.Output<string | undefined>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     readonly name: pulumi.Output<string>;
-    /**
-     * When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
-     */
     readonly preserveGroupInheritance: pulumi.Output<boolean | undefined>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     readonly realmId: pulumi.Output<string>;
-    /**
-     * Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
-     */
     readonly userRolesRetrieveStrategy: pulumi.Output<string | undefined>;
     /**
      * Create a GroupMapper resource with the given unique name, arguments, and options.
@@ -151,153 +132,63 @@ export declare class GroupMapper extends pulumi.CustomResource {
  * Input properties used for looking up and filtering GroupMapper resources.
  */
 export interface GroupMapperState {
-    /**
-     * When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
-     */
     dropNonExistingGroupsDuringSync?: pulumi.Input<boolean>;
-    /**
-     * The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
-     */
     groupNameLdapAttribute?: pulumi.Input<string>;
-    /**
-     * List of strings representing the object classes for the group. Must contain at least one.
-     */
     groupObjectClasses?: pulumi.Input<pulumi.Input<string>[]>;
-    /**
-     * When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
-     */
     groupsLdapFilter?: pulumi.Input<string>;
-    /**
-     * Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
-     */
     groupsPath?: pulumi.Input<string>;
-    /**
-     * When `true`, missing groups in the hierarchy will be ignored.
-     */
     ignoreMissingGroups?: pulumi.Input<boolean>;
-    /**
-     * The LDAP DN where groups can be found.
-     */
     ldapGroupsDn?: pulumi.Input<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     ldapUserFederationId?: pulumi.Input<string>;
-    /**
-     * Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
-     */
     mappedGroupAttributes?: pulumi.Input<pulumi.Input<string>[]>;
-    /**
-     * Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
-     */
     memberofLdapAttribute?: pulumi.Input<string>;
-    /**
-     * Can be one of `DN` or `UID`. Defaults to `DN`.
-     */
     membershipAttributeType?: pulumi.Input<string>;
-    /**
-     * The name of the LDAP attribute that is used for membership mappings.
-     */
     membershipLdapAttribute?: pulumi.Input<string>;
-    /**
-     * The name of the LDAP attribute on a user that is used for membership mappings.
-     */
     membershipUserLdapAttribute?: pulumi.Input<string>;
-    /**
-     * Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
-     */
     mode?: pulumi.Input<string>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     name?: pulumi.Input<string>;
-    /**
-     * When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
-     */
     preserveGroupInheritance?: pulumi.Input<boolean>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     realmId?: pulumi.Input<string>;
-    /**
-     * Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
-     */
     userRolesRetrieveStrategy?: pulumi.Input<string>;
 }
 /**
  * The set of arguments for constructing a GroupMapper resource.
  */
 export interface GroupMapperArgs {
-    /**
-     * When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
-     */
     dropNonExistingGroupsDuringSync?: pulumi.Input<boolean>;
-    /**
-     * The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
-     */
     groupNameLdapAttribute: pulumi.Input<string>;
-    /**
-     * List of strings representing the object classes for the group. Must contain at least one.
-     */
     groupObjectClasses: pulumi.Input<pulumi.Input<string>[]>;
-    /**
-     * When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
-     */
     groupsLdapFilter?: pulumi.Input<string>;
-    /**
-     * Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
-     */
     groupsPath?: pulumi.Input<string>;
-    /**
-     * When `true`, missing groups in the hierarchy will be ignored.
-     */
     ignoreMissingGroups?: pulumi.Input<boolean>;
-    /**
-     * The LDAP DN where groups can be found.
-     */
     ldapGroupsDn: pulumi.Input<string>;
     /**
-     * The ID of the LDAP user federation provider to attach this mapper to.
+     * The ldap user federation provider to attach this mapper to.
      */
     ldapUserFederationId: pulumi.Input<string>;
-    /**
-     * Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
-     */
     mappedGroupAttributes?: pulumi.Input<pulumi.Input<string>[]>;
-    /**
-     * Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
-     */
     memberofLdapAttribute?: pulumi.Input<string>;
-    /**
-     * Can be one of `DN` or `UID`. Defaults to `DN`.
-     */
     membershipAttributeType?: pulumi.Input<string>;
-    /**
-     * The name of the LDAP attribute that is used for membership mappings.
-     */
     membershipLdapAttribute: pulumi.Input<string>;
-    /**
-     * The name of the LDAP attribute on a user that is used for membership mappings.
-     */
     membershipUserLdapAttribute: pulumi.Input<string>;
-    /**
-     * Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
-     */
     mode?: pulumi.Input<string>;
     /**
-     * Display name of this mapper when displayed in the console.
+     * Display name of the mapper when displayed in the console.
      */
     name?: pulumi.Input<string>;
-    /**
-     * When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
-     */
     preserveGroupInheritance?: pulumi.Input<boolean>;
     /**
-     * The realm that this LDAP mapper will exist in.
+     * The realm in which the ldap user federation provider exists.
      */
     realmId: pulumi.Input<string>;
-    /**
-     * Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
-     */
     userRolesRetrieveStrategy?: pulumi.Input<string>;
 }