terraform apply data.keycloak_realm.master: Reading... data.keycloak_realm.master: Read complete after 0s [id=master] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # keycloak_ldap_user_federation.ldap_user_federation will be created + resource "keycloak_ldap_user_federation" "ldap_user_federation" { + batch_size_for_sync = 1000 + bind_credential = (sensitive value) + bind_dn = "cn=admin,dc=example,dc=org" + changed_sync_period = -1 + connection_timeout = "5s" + connection_url = "ldap://openldap" + edit_mode = "READ_ONLY" + enabled = true + full_sync_period = -1 + id = (known after apply) + import_enabled = true + name = "openldap" + pagination = true + priority = 0 + rdn_ldap_attribute = "cn" + read_timeout = "10s" + realm_id = "master" + search_scope = "ONE_LEVEL" + start_tls = false + sync_registrations = false + trust_email = false + use_password_modify_extended_op = false + use_truststore_spi = "ONLY_FOR_LDAPS" + user_object_classes = [ + "simpleSecurityObject", + "organizationalRole", ] + username_ldap_attribute = "cn" + users_dn = "dc=example,dc=org" + uuid_ldap_attribute = "entryDN" + validate_password_policy = false + vendor = "OTHER" + kerberos { + kerberos_realm = "FOO.LOCAL" + key_tab = "/etc/host.keytab" + server_principal = "HTTP/host.foo.com@FOO.LOCAL" + use_kerberos_for_password_authentication = false } } Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes keycloak_ldap_user_federation.ldap_user_federation: Creating... keycloak_ldap_user_federation.ldap_user_federation: Creation complete after 1s [id=fb2f2ee4-b185-4283-be33-5c9efe4fbd22]