I have a recursive resource. E.g. (partial example):
wildfly::util::resource { "/core-service=management/security-realm=${realm_name}/authorization=ldap":
recursive => true,
content => {
'connection' => "${realm_name}-LDAPConnection",
'group-search' => {
'group-to-principal' => {
'group-name' => $authorization_group_name,
'group-name-attribute' => $authorization_group_name_attribute,
'group-dn-attribute' => $authorization_group_dn_attribute,
'base-dn' => $authorization_group_base_dn,
'search-by' => $authorization_group_search_by,
'principal-attribute' => $authorization_principal_attribute,
'recursive' => $authorization_group_recursive,
'iterative' => $authorization_group_iterative,
'prefer-original-connection' => $authorization_prefer_original_conn,
'cache' => {
"${cache_type}" => {
'max-cache-size' => $max_cache_size,
'eviction-time' => $cache_eviction_time,
'cache-failures' => $cache_failures,
}
}
}},
'username-to-dn' => {
'username-filter' => {
'base-dn' => $ldap_user_base_dn,
'attribute' => $authorization_user_name_attribute,
'user-dn-attribute' => $authorization_user_dn_attribute,
'force' => $authorization_user_force,
'recursive' => $authorization_user_recursive,
'cache' => {
"${cache_type}" => {
'max-cache-size' => $max_cache_size,
'eviction-time' => $cache_eviction_time,
'cache-failures' => $cache_failures,
}
}
}},
},
}