From 18c49f46b00b85d33e7ec0053b66c83a09bc4963 Mon Sep 17 00:00:00 2001
From: Anders Larsson <anders.x.larsson@ericsson.com>
Date: Mon, 17 Jul 2023 15:09:49 +0200
Subject: [PATCH] Convert function api_fetch to new format

---
 REFERENCE.md                             | 630 ++++++++++++-----------
 lib/puppet/functions/vas/api_fetch.rb    |  48 ++
 lib/puppet/parser/functions/api_fetch.rb |  52 --
 manifests/init.pp                        |   2 +-
 spec/classes/init_spec.rb                |   6 +-
 spec/classes/parameter_spec.rb           |  12 +-
 spec/functions/api_fetch_spec.rb         |  10 +-
 7 files changed, 392 insertions(+), 368 deletions(-)
 create mode 100644 lib/puppet/functions/vas/api_fetch.rb
 delete mode 100644 lib/puppet/parser/functions/api_fetch.rb

diff --git a/REFERENCE.md b/REFERENCE.md
index 520ab21..47c1ca2 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -10,7 +10,7 @@
 
 ### Functions
 
-* [`api_fetch`](#api_fetch)
+* [`vas::api_fetch`](#vas--api_fetch): Query a remote HTTP-based service for entries to be added to users_allow.
 
 ## Classes
 
@@ -49,133 +49,133 @@ vas::realm: 'realm.example.com'
 
 The following parameters are available in the `vas` class:
 
-* [`manage_nis`](#manage_nis)
-* [`package_version`](#package_version)
-* [`enable_group_policies`](#enable_group_policies)
-* [`users_allow_entries`](#users_allow_entries)
-* [`users_deny_entries`](#users_deny_entries)
-* [`user_override_entries`](#user_override_entries)
-* [`group_override_entries`](#group_override_entries)
-* [`username`](#username)
-* [`keytab_path`](#keytab_path)
-* [`keytab_source`](#keytab_source)
-* [`keytab_owner`](#keytab_owner)
-* [`keytab_group`](#keytab_group)
-* [`keytab_mode`](#keytab_mode)
-* [`vas_fqdn`](#vas_fqdn)
-* [`computers_ou`](#computers_ou)
-* [`users_ou`](#users_ou)
-* [`nismaps_ou`](#nismaps_ou)
-* [`user_search_path`](#user_search_path)
-* [`group_search_path`](#group_search_path)
-* [`upm_search_path`](#upm_search_path)
-* [`nisdomainname`](#nisdomainname)
-* [`realm`](#realm)
-* [`domain_change`](#domain_change)
-* [`sitenameoverride`](#sitenameoverride)
-* [`vas_conf_client_addrs`](#vas_conf_client_addrs)
-* [`vas_conf_vasypd_update_interval`](#vas_conf_vasypd_update_interval)
-* [`vas_conf_full_update_interval`](#vas_conf_full_update_interval)
-* [`vas_conf_group_update_mode`](#vas_conf_group_update_mode)
-* [`vas_conf_root_update_mode`](#vas_conf_root_update_mode)
-* [`vas_conf_disabled_user_pwhash`](#vas_conf_disabled_user_pwhash)
-* [`vas_conf_expired_account_pwhash`](#vas_conf_expired_account_pwhash)
-* [`vas_conf_locked_out_pwhash`](#vas_conf_locked_out_pwhash)
-* [`vas_conf_preload_nested_memberships`](#vas_conf_preload_nested_memberships)
-* [`vas_conf_update_process`](#vas_conf_update_process)
-* [`vas_conf_upm_computerou_attr`](#vas_conf_upm_computerou_attr)
-* [`vas_conf_vasd_update_interval`](#vas_conf_vasd_update_interval)
-* [`vas_conf_vasd_auto_ticket_renew_interval`](#vas_conf_vasd_auto_ticket_renew_interval)
-* [`vas_conf_vasd_lazy_cache_update_interval`](#vas_conf_vasd_lazy_cache_update_interval)
-* [`vas_conf_vasd_timesync_interval`](#vas_conf_vasd_timesync_interval)
-* [`vas_conf_vasd_cross_domain_user_groups_member_search`](#vas_conf_vasd_cross_domain_user_groups_member_search)
-* [`vas_conf_vasd_password_change_script`](#vas_conf_vasd_password_change_script)
-* [`vas_conf_vasd_password_change_script_timelimit`](#vas_conf_vasd_password_change_script_timelimit)
-* [`vas_conf_vasd_workstation_mode`](#vas_conf_vasd_workstation_mode)
-* [`vas_conf_vasd_workstation_mode_users_preload`](#vas_conf_vasd_workstation_mode_users_preload)
-* [`vas_conf_vasd_workstation_mode_group_do_member`](#vas_conf_vasd_workstation_mode_group_do_member)
-* [`vas_conf_vasd_workstation_mode_groups_skip_update`](#vas_conf_vasd_workstation_mode_groups_skip_update)
-* [`vas_conf_vasd_ws_resolve_uid`](#vas_conf_vasd_ws_resolve_uid)
-* [`vas_conf_vasd_deluser_check_timelimit`](#vas_conf_vasd_deluser_check_timelimit)
-* [`vas_conf_vasd_delusercheck_interval`](#vas_conf_vasd_delusercheck_interval)
-* [`vas_conf_vasd_delusercheck_script`](#vas_conf_vasd_delusercheck_script)
-* [`vas_conf_vasd_username_attr_name`](#vas_conf_vasd_username_attr_name)
-* [`vas_conf_vasd_groupname_attr_name`](#vas_conf_vasd_groupname_attr_name)
-* [`vas_conf_vasd_uid_number_attr_name`](#vas_conf_vasd_uid_number_attr_name)
-* [`vas_conf_vasd_gid_number_attr_name`](#vas_conf_vasd_gid_number_attr_name)
-* [`vas_conf_vasd_gecos_attr_name`](#vas_conf_vasd_gecos_attr_name)
-* [`vas_conf_vasd_home_dir_attr_name`](#vas_conf_vasd_home_dir_attr_name)
-* [`vas_conf_vasd_login_shell_attr_name`](#vas_conf_vasd_login_shell_attr_name)
-* [`vas_conf_vasd_group_member_attr_name`](#vas_conf_vasd_group_member_attr_name)
-* [`vas_conf_vasd_memberof_attr_name`](#vas_conf_vasd_memberof_attr_name)
-* [`vas_conf_vasd_unix_password_attr_name`](#vas_conf_vasd_unix_password_attr_name)
-* [`vas_conf_vasd_netgroup_mode`](#vas_conf_vasd_netgroup_mode)
-* [`vas_conf_prompt_vas_ad_pw`](#vas_conf_prompt_vas_ad_pw)
-* [`vas_conf_pam_vas_prompt_ad_lockout_msg`](#vas_conf_pam_vas_prompt_ad_lockout_msg)
-* [`vas_conf_libdefaults_forwardable`](#vas_conf_libdefaults_forwardable)
-* [`vas_conf_libdefaults_tgs_default_enctypes`](#vas_conf_libdefaults_tgs_default_enctypes)
-* [`vas_conf_libdefaults_tkt_default_enctypes`](#vas_conf_libdefaults_tkt_default_enctypes)
-* [`vas_conf_libdefaults_default_etypes`](#vas_conf_libdefaults_default_etypes)
-* [`vas_conf_libdefaults_default_cc_name`](#vas_conf_libdefaults_default_cc_name)
-* [`vas_conf_vas_auth_uid_check_limit`](#vas_conf_vas_auth_uid_check_limit)
-* [`vas_conf_vas_auth_allow_disconnected_auth`](#vas_conf_vas_auth_allow_disconnected_auth)
-* [`vas_conf_vas_auth_expand_ac_groups`](#vas_conf_vas_auth_expand_ac_groups)
-* [`vas_conf_libvas_vascache_ipc_timeout`](#vas_conf_libvas_vascache_ipc_timeout)
-* [`vas_conf_libvas_use_server_referrals`](#vas_conf_libvas_use_server_referrals)
-* [`vas_conf_libvas_use_server_referrals_version_switch`](#vas_conf_libvas_use_server_referrals_version_switch)
-* [`vas_conf_libvas_auth_helper_timeout`](#vas_conf_libvas_auth_helper_timeout)
-* [`vas_conf_libvas_mscldap_timeout`](#vas_conf_libvas_mscldap_timeout)
-* [`vas_conf_libvas_site_only_servers`](#vas_conf_libvas_site_only_servers)
-* [`vas_conf_libvas_use_dns_srv`](#vas_conf_libvas_use_dns_srv)
-* [`vas_conf_libvas_use_tcp_only`](#vas_conf_libvas_use_tcp_only)
-* [`vas_conf_lowercase_names`](#vas_conf_lowercase_names)
-* [`vas_conf_lowercase_homedirs`](#vas_conf_lowercase_homedirs)
-* [`vas_config_path`](#vas_config_path)
-* [`vas_config_owner`](#vas_config_owner)
-* [`vas_config_group`](#vas_config_group)
-* [`vas_config_mode`](#vas_config_mode)
-* [`vas_user_override_path`](#vas_user_override_path)
-* [`vas_user_override_owner`](#vas_user_override_owner)
-* [`vas_user_override_group`](#vas_user_override_group)
-* [`vas_user_override_mode`](#vas_user_override_mode)
-* [`vas_group_override_path`](#vas_group_override_path)
-* [`vas_group_override_owner`](#vas_group_override_owner)
-* [`vas_group_override_group`](#vas_group_override_group)
-* [`vas_group_override_mode`](#vas_group_override_mode)
-* [`vas_users_allow_path`](#vas_users_allow_path)
-* [`vas_users_allow_owner`](#vas_users_allow_owner)
-* [`vas_users_allow_group`](#vas_users_allow_group)
-* [`vas_users_allow_mode`](#vas_users_allow_mode)
-* [`vas_users_deny_path`](#vas_users_deny_path)
-* [`vas_users_deny_owner`](#vas_users_deny_owner)
-* [`vas_users_deny_group`](#vas_users_deny_group)
-* [`vas_users_deny_mode`](#vas_users_deny_mode)
-* [`vasjoin_logfile`](#vasjoin_logfile)
-* [`vastool_binary`](#vastool_binary)
-* [`symlink_vastool_binary_target`](#symlink_vastool_binary_target)
-* [`symlink_vastool_binary`](#symlink_vastool_binary)
-* [`license_files`](#license_files)
-* [`domain_realms`](#domain_realms)
-* [`join_domain_controllers`](#join_domain_controllers)
-* [`unjoin_vas`](#unjoin_vas)
-* [`use_srv_infocache`](#use_srv_infocache)
-* [`kdcs`](#kdcs)
-* [`kdc_port`](#kdc_port)
-* [`kpasswd_servers`](#kpasswd_servers)
-* [`kpasswd_server_port`](#kpasswd_server_port)
-* [`api_enable`](#api_enable)
-* [`api_users_allow_url`](#api_users_allow_url)
-* [`api_token`](#api_token)
-
-##### <a name="manage_nis"></a>`manage_nis`
+* [`manage_nis`](#-vas--manage_nis)
+* [`package_version`](#-vas--package_version)
+* [`enable_group_policies`](#-vas--enable_group_policies)
+* [`users_allow_entries`](#-vas--users_allow_entries)
+* [`users_deny_entries`](#-vas--users_deny_entries)
+* [`user_override_entries`](#-vas--user_override_entries)
+* [`group_override_entries`](#-vas--group_override_entries)
+* [`username`](#-vas--username)
+* [`keytab_path`](#-vas--keytab_path)
+* [`keytab_source`](#-vas--keytab_source)
+* [`keytab_owner`](#-vas--keytab_owner)
+* [`keytab_group`](#-vas--keytab_group)
+* [`keytab_mode`](#-vas--keytab_mode)
+* [`vas_fqdn`](#-vas--vas_fqdn)
+* [`computers_ou`](#-vas--computers_ou)
+* [`users_ou`](#-vas--users_ou)
+* [`nismaps_ou`](#-vas--nismaps_ou)
+* [`user_search_path`](#-vas--user_search_path)
+* [`group_search_path`](#-vas--group_search_path)
+* [`upm_search_path`](#-vas--upm_search_path)
+* [`nisdomainname`](#-vas--nisdomainname)
+* [`realm`](#-vas--realm)
+* [`domain_change`](#-vas--domain_change)
+* [`sitenameoverride`](#-vas--sitenameoverride)
+* [`vas_conf_client_addrs`](#-vas--vas_conf_client_addrs)
+* [`vas_conf_vasypd_update_interval`](#-vas--vas_conf_vasypd_update_interval)
+* [`vas_conf_full_update_interval`](#-vas--vas_conf_full_update_interval)
+* [`vas_conf_group_update_mode`](#-vas--vas_conf_group_update_mode)
+* [`vas_conf_root_update_mode`](#-vas--vas_conf_root_update_mode)
+* [`vas_conf_disabled_user_pwhash`](#-vas--vas_conf_disabled_user_pwhash)
+* [`vas_conf_expired_account_pwhash`](#-vas--vas_conf_expired_account_pwhash)
+* [`vas_conf_locked_out_pwhash`](#-vas--vas_conf_locked_out_pwhash)
+* [`vas_conf_preload_nested_memberships`](#-vas--vas_conf_preload_nested_memberships)
+* [`vas_conf_update_process`](#-vas--vas_conf_update_process)
+* [`vas_conf_upm_computerou_attr`](#-vas--vas_conf_upm_computerou_attr)
+* [`vas_conf_vasd_update_interval`](#-vas--vas_conf_vasd_update_interval)
+* [`vas_conf_vasd_auto_ticket_renew_interval`](#-vas--vas_conf_vasd_auto_ticket_renew_interval)
+* [`vas_conf_vasd_lazy_cache_update_interval`](#-vas--vas_conf_vasd_lazy_cache_update_interval)
+* [`vas_conf_vasd_timesync_interval`](#-vas--vas_conf_vasd_timesync_interval)
+* [`vas_conf_vasd_cross_domain_user_groups_member_search`](#-vas--vas_conf_vasd_cross_domain_user_groups_member_search)
+* [`vas_conf_vasd_password_change_script`](#-vas--vas_conf_vasd_password_change_script)
+* [`vas_conf_vasd_password_change_script_timelimit`](#-vas--vas_conf_vasd_password_change_script_timelimit)
+* [`vas_conf_vasd_workstation_mode`](#-vas--vas_conf_vasd_workstation_mode)
+* [`vas_conf_vasd_workstation_mode_users_preload`](#-vas--vas_conf_vasd_workstation_mode_users_preload)
+* [`vas_conf_vasd_workstation_mode_group_do_member`](#-vas--vas_conf_vasd_workstation_mode_group_do_member)
+* [`vas_conf_vasd_workstation_mode_groups_skip_update`](#-vas--vas_conf_vasd_workstation_mode_groups_skip_update)
+* [`vas_conf_vasd_ws_resolve_uid`](#-vas--vas_conf_vasd_ws_resolve_uid)
+* [`vas_conf_vasd_deluser_check_timelimit`](#-vas--vas_conf_vasd_deluser_check_timelimit)
+* [`vas_conf_vasd_delusercheck_interval`](#-vas--vas_conf_vasd_delusercheck_interval)
+* [`vas_conf_vasd_delusercheck_script`](#-vas--vas_conf_vasd_delusercheck_script)
+* [`vas_conf_vasd_username_attr_name`](#-vas--vas_conf_vasd_username_attr_name)
+* [`vas_conf_vasd_groupname_attr_name`](#-vas--vas_conf_vasd_groupname_attr_name)
+* [`vas_conf_vasd_uid_number_attr_name`](#-vas--vas_conf_vasd_uid_number_attr_name)
+* [`vas_conf_vasd_gid_number_attr_name`](#-vas--vas_conf_vasd_gid_number_attr_name)
+* [`vas_conf_vasd_gecos_attr_name`](#-vas--vas_conf_vasd_gecos_attr_name)
+* [`vas_conf_vasd_home_dir_attr_name`](#-vas--vas_conf_vasd_home_dir_attr_name)
+* [`vas_conf_vasd_login_shell_attr_name`](#-vas--vas_conf_vasd_login_shell_attr_name)
+* [`vas_conf_vasd_group_member_attr_name`](#-vas--vas_conf_vasd_group_member_attr_name)
+* [`vas_conf_vasd_memberof_attr_name`](#-vas--vas_conf_vasd_memberof_attr_name)
+* [`vas_conf_vasd_unix_password_attr_name`](#-vas--vas_conf_vasd_unix_password_attr_name)
+* [`vas_conf_vasd_netgroup_mode`](#-vas--vas_conf_vasd_netgroup_mode)
+* [`vas_conf_prompt_vas_ad_pw`](#-vas--vas_conf_prompt_vas_ad_pw)
+* [`vas_conf_pam_vas_prompt_ad_lockout_msg`](#-vas--vas_conf_pam_vas_prompt_ad_lockout_msg)
+* [`vas_conf_libdefaults_forwardable`](#-vas--vas_conf_libdefaults_forwardable)
+* [`vas_conf_libdefaults_tgs_default_enctypes`](#-vas--vas_conf_libdefaults_tgs_default_enctypes)
+* [`vas_conf_libdefaults_tkt_default_enctypes`](#-vas--vas_conf_libdefaults_tkt_default_enctypes)
+* [`vas_conf_libdefaults_default_etypes`](#-vas--vas_conf_libdefaults_default_etypes)
+* [`vas_conf_libdefaults_default_cc_name`](#-vas--vas_conf_libdefaults_default_cc_name)
+* [`vas_conf_vas_auth_uid_check_limit`](#-vas--vas_conf_vas_auth_uid_check_limit)
+* [`vas_conf_vas_auth_allow_disconnected_auth`](#-vas--vas_conf_vas_auth_allow_disconnected_auth)
+* [`vas_conf_vas_auth_expand_ac_groups`](#-vas--vas_conf_vas_auth_expand_ac_groups)
+* [`vas_conf_libvas_vascache_ipc_timeout`](#-vas--vas_conf_libvas_vascache_ipc_timeout)
+* [`vas_conf_libvas_use_server_referrals`](#-vas--vas_conf_libvas_use_server_referrals)
+* [`vas_conf_libvas_use_server_referrals_version_switch`](#-vas--vas_conf_libvas_use_server_referrals_version_switch)
+* [`vas_conf_libvas_auth_helper_timeout`](#-vas--vas_conf_libvas_auth_helper_timeout)
+* [`vas_conf_libvas_mscldap_timeout`](#-vas--vas_conf_libvas_mscldap_timeout)
+* [`vas_conf_libvas_site_only_servers`](#-vas--vas_conf_libvas_site_only_servers)
+* [`vas_conf_libvas_use_dns_srv`](#-vas--vas_conf_libvas_use_dns_srv)
+* [`vas_conf_libvas_use_tcp_only`](#-vas--vas_conf_libvas_use_tcp_only)
+* [`vas_conf_lowercase_names`](#-vas--vas_conf_lowercase_names)
+* [`vas_conf_lowercase_homedirs`](#-vas--vas_conf_lowercase_homedirs)
+* [`vas_config_path`](#-vas--vas_config_path)
+* [`vas_config_owner`](#-vas--vas_config_owner)
+* [`vas_config_group`](#-vas--vas_config_group)
+* [`vas_config_mode`](#-vas--vas_config_mode)
+* [`vas_user_override_path`](#-vas--vas_user_override_path)
+* [`vas_user_override_owner`](#-vas--vas_user_override_owner)
+* [`vas_user_override_group`](#-vas--vas_user_override_group)
+* [`vas_user_override_mode`](#-vas--vas_user_override_mode)
+* [`vas_group_override_path`](#-vas--vas_group_override_path)
+* [`vas_group_override_owner`](#-vas--vas_group_override_owner)
+* [`vas_group_override_group`](#-vas--vas_group_override_group)
+* [`vas_group_override_mode`](#-vas--vas_group_override_mode)
+* [`vas_users_allow_path`](#-vas--vas_users_allow_path)
+* [`vas_users_allow_owner`](#-vas--vas_users_allow_owner)
+* [`vas_users_allow_group`](#-vas--vas_users_allow_group)
+* [`vas_users_allow_mode`](#-vas--vas_users_allow_mode)
+* [`vas_users_deny_path`](#-vas--vas_users_deny_path)
+* [`vas_users_deny_owner`](#-vas--vas_users_deny_owner)
+* [`vas_users_deny_group`](#-vas--vas_users_deny_group)
+* [`vas_users_deny_mode`](#-vas--vas_users_deny_mode)
+* [`vasjoin_logfile`](#-vas--vasjoin_logfile)
+* [`vastool_binary`](#-vas--vastool_binary)
+* [`symlink_vastool_binary_target`](#-vas--symlink_vastool_binary_target)
+* [`symlink_vastool_binary`](#-vas--symlink_vastool_binary)
+* [`license_files`](#-vas--license_files)
+* [`domain_realms`](#-vas--domain_realms)
+* [`join_domain_controllers`](#-vas--join_domain_controllers)
+* [`unjoin_vas`](#-vas--unjoin_vas)
+* [`use_srv_infocache`](#-vas--use_srv_infocache)
+* [`kdcs`](#-vas--kdcs)
+* [`kdc_port`](#-vas--kdc_port)
+* [`kpasswd_servers`](#-vas--kpasswd_servers)
+* [`kpasswd_server_port`](#-vas--kpasswd_server_port)
+* [`api_enable`](#-vas--api_enable)
+* [`api_users_allow_url`](#-vas--api_users_allow_url)
+* [`api_token`](#-vas--api_token)
+
+##### <a name="-vas--manage_nis"></a>`manage_nis`
 
 Data type: `Boolean`
 
 FIXME Missing description
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="package_version"></a>`package_version`
+##### <a name="-vas--package_version"></a>`package_version`
 
 Data type: `String[1]`
 
@@ -183,16 +183,16 @@ The VAS package version. Used when upgrading.
 
 Default value: `'installed'`
 
-##### <a name="enable_group_policies"></a>`enable_group_policies`
+##### <a name="-vas--enable_group_policies"></a>`enable_group_policies`
 
 Data type: `Boolean`
 
 Boolean to control if vas should manage group policies. Manages the vasgp
 package. Version is controlled by package_version.
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="users_allow_entries"></a>`users_allow_entries`
+##### <a name="-vas--users_allow_entries"></a>`users_allow_entries`
 
 Data type: `Array[String[1]]`
 
@@ -200,7 +200,7 @@ List of users.allow entries. All users are allowed by default.
 
 Default value: `[]`
 
-##### <a name="users_deny_entries"></a>`users_deny_entries`
+##### <a name="-vas--users_deny_entries"></a>`users_deny_entries`
 
 Data type: `Array[String[1]]`
 
@@ -208,7 +208,7 @@ List of users.deny entries. No users are denied by default.
 
 Default value: `[]`
 
-##### <a name="user_override_entries"></a>`user_override_entries`
+##### <a name="-vas--user_override_entries"></a>`user_override_entries`
 
 Data type: `Array[String[1]]`
 
@@ -217,7 +217,7 @@ UID, GID, GECOS, HOME_DIR and SHELL.
 
 Default value: `[]`
 
-##### <a name="group_override_entries"></a>`group_override_entries`
+##### <a name="-vas--group_override_entries"></a>`group_override_entries`
 
 Data type: `Array[String[1]]`
 
@@ -226,7 +226,7 @@ GROUP_NAME, GID and GROUP_MEMBERSHIP.
 
 Default value: `[]`
 
-##### <a name="username"></a>`username`
+##### <a name="-vas--username"></a>`username`
 
 Data type: `String[1]`
 
@@ -234,7 +234,7 @@ Name of user account used to join Active Directory.
 
 Default value: `'username'`
 
-##### <a name="keytab_path"></a>`keytab_path`
+##### <a name="-vas--keytab_path"></a>`keytab_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -242,15 +242,15 @@ The path to the keytab file used together with <username> to join Active Directo
 
 Default value: `'/etc/vasinst.key'`
 
-##### <a name="keytab_source"></a>`keytab_source`
+##### <a name="-vas--keytab_source"></a>`keytab_source`
 
 Data type: `Optional[String[1]]`
 
 File source for the keytab file used to join Active Directory.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="keytab_owner"></a>`keytab_owner`
+##### <a name="-vas--keytab_owner"></a>`keytab_owner`
 
 Data type: `String[1]`
 
@@ -258,7 +258,7 @@ keytab file owner.
 
 Default value: `'root'`
 
-##### <a name="keytab_group"></a>`keytab_group`
+##### <a name="-vas--keytab_group"></a>`keytab_group`
 
 Data type: `String[1]`
 
@@ -266,7 +266,7 @@ keytab file group.
 
 Default value: `'root'`
 
-##### <a name="keytab_mode"></a>`keytab_mode`
+##### <a name="-vas--keytab_mode"></a>`keytab_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -274,7 +274,7 @@ keytab file mode.
 
 Default value: `'0400'`
 
-##### <a name="vas_fqdn"></a>`vas_fqdn`
+##### <a name="-vas--vas_fqdn"></a>`vas_fqdn`
 
 Data type: `Stdlib::Fqdn`
 
@@ -282,24 +282,24 @@ FQDN to join to VAS as.
 
 Default value: `$facts['networking']['fqdn']`
 
-##### <a name="computers_ou"></a>`computers_ou`
+##### <a name="-vas--computers_ou"></a>`computers_ou`
 
 Data type: `Optional[String[1]]`
 
 Path to OU where to store computer object.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="users_ou"></a>`users_ou`
+##### <a name="-vas--users_ou"></a>`users_ou`
 
 Data type: `Optional[String[1]]`
 
 Deprecated, this parameter is the same as upm_search_path. Path to OU where
 to load UPM user profiles.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="nismaps_ou"></a>`nismaps_ou`
+##### <a name="-vas--nismaps_ou"></a>`nismaps_ou`
 
 Data type: `String[1]`
 
@@ -307,42 +307,42 @@ Path to OU where to load nismaps initially.
 
 Default value: `'ou=nismaps,dc=example,dc=com'`
 
-##### <a name="user_search_path"></a>`user_search_path`
+##### <a name="-vas--user_search_path"></a>`user_search_path`
 
 Data type: `Optional[String[1]]`
 
 LDAP search path for user profiles. This will limit the scope where QAS will
 search for users when operating in RFC2307 mode.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="group_search_path"></a>`group_search_path`
+##### <a name="-vas--group_search_path"></a>`group_search_path`
 
 Data type: `Optional[String[1]]`
 
 LDAP search path for groups. This will limit the scope where QAS will search
 for groups when operating in RFC2307 mode.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="upm_search_path"></a>`upm_search_path`
+##### <a name="-vas--upm_search_path"></a>`upm_search_path`
 
 Data type: `Optional[String[1]]`
 
 LDAP search path for UPM user profiles. Setting this parameter will cause
 QAS to run in UPM mode.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="nisdomainname"></a>`nisdomainname`
+##### <a name="-vas--nisdomainname"></a>`nisdomainname`
 
 Data type: `Optional[String[1]]`
 
 Name of the NIS domain.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="realm"></a>`realm`
+##### <a name="-vas--realm"></a>`realm`
 
 Data type: `Stdlib::Host`
 
@@ -350,32 +350,32 @@ Name of the realm.
 
 Default value: `'realm.example.com'`
 
-##### <a name="domain_change"></a>`domain_change`
+##### <a name="-vas--domain_change"></a>`domain_change`
 
 Data type: `Boolean`
 
 FIXME Missing description
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="sitenameoverride"></a>`sitenameoverride`
+##### <a name="-vas--sitenameoverride"></a>`sitenameoverride`
 
 Data type: `Optional[String[1]]`
 
 Name of AD site to join. The AD site is determined automatically in AD by
 default.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_client_addrs"></a>`vas_conf_client_addrs`
+##### <a name="-vas--vas_conf_client_addrs"></a>`vas_conf_client_addrs`
 
 Data type: `Optional[String[1,1024]]`
 
 client-addrs option in vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasypd_update_interval"></a>`vas_conf_vasypd_update_interval`
+##### <a name="-vas--vas_conf_vasypd_update_interval"></a>`vas_conf_vasypd_update_interval`
 
 Data type: `Integer[0]`
 
@@ -384,16 +384,16 @@ NIS Map information in Active Directory. See VAS.CONF(5).
 
 Default value: `1800`
 
-##### <a name="vas_conf_full_update_interval"></a>`vas_conf_full_update_interval`
+##### <a name="-vas--vas_conf_full_update_interval"></a>`vas_conf_full_update_interval`
 
 Data type: `Optional[Integer]`
 
 Integer for number of seconds vasypd will wait until it fully reloads all
 the NIS maps. See VAS.CONF(5)
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_group_update_mode"></a>`vas_conf_group_update_mode`
+##### <a name="-vas--vas_conf_group_update_mode"></a>`vas_conf_group_update_mode`
 
 Data type: `String[1]`
 
@@ -404,7 +404,7 @@ Possible values: force | force-if-missing | none
 
 Default value: `'none'`
 
-##### <a name="vas_conf_root_update_mode"></a>`vas_conf_root_update_mode`
+##### <a name="-vas--vas_conf_root_update_mode"></a>`vas_conf_root_update_mode`
 
 Data type: `String[1]`
 
@@ -415,43 +415,43 @@ Possible values: force | force-if-missing | none
 
 Default value: `'none'`
 
-##### <a name="vas_conf_disabled_user_pwhash"></a>`vas_conf_disabled_user_pwhash`
+##### <a name="-vas--vas_conf_disabled_user_pwhash"></a>`vas_conf_disabled_user_pwhash`
 
 Data type: `Optional[String[1]]`
 
 String to be used for disabled-user-pwhash option in vas.conf. If undef,
 line will be suppressed.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_expired_account_pwhash"></a>`vas_conf_expired_account_pwhash`
+##### <a name="-vas--vas_conf_expired_account_pwhash"></a>`vas_conf_expired_account_pwhash`
 
 Data type: `Optional[String[1]]`
 
 String to be used for expired-account-pwhash option in vas.conf.
 If undef, line will be suppressed.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_locked_out_pwhash"></a>`vas_conf_locked_out_pwhash`
+##### <a name="-vas--vas_conf_locked_out_pwhash"></a>`vas_conf_locked_out_pwhash`
 
 Data type: `Optional[String[1]]`
 
 String to be used for locked-out-pwhash option in vas.conf.
 If undef, line will be suppressed.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_preload_nested_memberships"></a>`vas_conf_preload_nested_memberships`
+##### <a name="-vas--vas_conf_preload_nested_memberships"></a>`vas_conf_preload_nested_memberships`
 
 Data type: `Optional[Boolean]`
 
 preload-nested-membership option in vas.conf. Set this to 'false' to speed
 up flush (and join) operations in VAS version 4.0.3-206 and later.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_update_process"></a>`vas_conf_update_process`
+##### <a name="-vas--vas_conf_update_process"></a>`vas_conf_update_process`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -459,16 +459,16 @@ update-process option in vas.conf. See VAS.CONF(5) for more info.
 
 Default value: `'/opt/quest/libexec/vas/mapupdate_2307'`
 
-##### <a name="vas_conf_upm_computerou_attr"></a>`vas_conf_upm_computerou_attr`
+##### <a name="-vas--vas_conf_upm_computerou_attr"></a>`vas_conf_upm_computerou_attr`
 
 Data type: `Optional[String[1]]`
 
 upm-computerou-attr option in vas.conf. Changed to 'department' to work in
 a multi-AD-domain setup. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_update_interval"></a>`vas_conf_vasd_update_interval`
+##### <a name="-vas--vas_conf_vasd_update_interval"></a>`vas_conf_vasd_update_interval`
 
 Data type: `Integer[0]`
 
@@ -477,7 +477,7 @@ section of vas.conf. See VAS.CONF(5) for more info.
 
 Default value: `600`
 
-##### <a name="vas_conf_vasd_auto_ticket_renew_interval"></a>`vas_conf_vasd_auto_ticket_renew_interval`
+##### <a name="-vas--vas_conf_vasd_auto_ticket_renew_interval"></a>`vas_conf_vasd_auto_ticket_renew_interval`
 
 Data type: `Integer[0]`
 
@@ -486,7 +486,7 @@ in [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
 Default value: `32400`
 
-##### <a name="vas_conf_vasd_lazy_cache_update_interval"></a>`vas_conf_vasd_lazy_cache_update_interval`
+##### <a name="-vas--vas_conf_vasd_lazy_cache_update_interval"></a>`vas_conf_vasd_lazy_cache_update_interval`
 
 Data type: `Integer[0]`
 
@@ -495,7 +495,7 @@ in [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
 Default value: `10`
 
-##### <a name="vas_conf_vasd_timesync_interval"></a>`vas_conf_vasd_timesync_interval`
+##### <a name="-vas--vas_conf_vasd_timesync_interval"></a>`vas_conf_vasd_timesync_interval`
 
 Data type: `Optional[Integer]`
 
@@ -503,27 +503,27 @@ Integer for number of seconds to set value of timesync-interval in
 [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 If $::virtual is "zone" this value is set to 0
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_cross_domain_user_groups_member_search"></a>`vas_conf_vasd_cross_domain_user_groups_member_search`
+##### <a name="-vas--vas_conf_vasd_cross_domain_user_groups_member_search"></a>`vas_conf_vasd_cross_domain_user_groups_member_search`
 
 Data type: `Optional[Boolean]`
 
 Boolean to set value of cross-domain-user-groups-member-search in
 [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_password_change_script"></a>`vas_conf_vasd_password_change_script`
+##### <a name="-vas--vas_conf_vasd_password_change_script"></a>`vas_conf_vasd_password_change_script`
 
 Data type: `Optional[Stdlib::Absolutepath]`
 
 Path for script to set value of password-change-script in
 [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_password_change_script_timelimit"></a>`vas_conf_vasd_password_change_script_timelimit`
+##### <a name="-vas--vas_conf_vasd_password_change_script_timelimit"></a>`vas_conf_vasd_password_change_script_timelimit`
 
 Data type: `Optional[Integer]`
 
@@ -531,171 +531,171 @@ Integer for number of seconds to set value of
 password-change-script-timelimit in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_workstation_mode"></a>`vas_conf_vasd_workstation_mode`
+##### <a name="-vas--vas_conf_vasd_workstation_mode"></a>`vas_conf_vasd_workstation_mode`
 
 Data type: `Boolean`
 
 Boolean to control whether or not vasd operates in Workstation mode.
 See VAS.CONF(5) for more info.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="vas_conf_vasd_workstation_mode_users_preload"></a>`vas_conf_vasd_workstation_mode_users_preload`
+##### <a name="-vas--vas_conf_vasd_workstation_mode_users_preload"></a>`vas_conf_vasd_workstation_mode_users_preload`
 
 Data type: `Optional[String[1]]`
 
 Comma separated list of groups for preloading users in Workstation mode.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_workstation_mode_group_do_member"></a>`vas_conf_vasd_workstation_mode_group_do_member`
+##### <a name="-vas--vas_conf_vasd_workstation_mode_group_do_member"></a>`vas_conf_vasd_workstation_mode_group_do_member`
 
 Data type: `Boolean`
 
 Boolean to control if vasd should process group memberships in Workstation
 mode. See VAS.CONF(5) for more info.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="vas_conf_vasd_workstation_mode_groups_skip_update"></a>`vas_conf_vasd_workstation_mode_groups_skip_update`
+##### <a name="-vas--vas_conf_vasd_workstation_mode_groups_skip_update"></a>`vas_conf_vasd_workstation_mode_groups_skip_update`
 
 Data type: `Boolean`
 
 Boolean that can be used to reduce the number of updates by vasd in
 Workstation mode. See VAS.CONF(5) for more info.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="vas_conf_vasd_ws_resolve_uid"></a>`vas_conf_vasd_ws_resolve_uid`
+##### <a name="-vas--vas_conf_vasd_ws_resolve_uid"></a>`vas_conf_vasd_ws_resolve_uid`
 
 Data type: `Boolean`
 
 Boolean to control whether vasd will resolve unknown UIDs when in
 Workstation mode. See VAS.CONF(5) for more info.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="vas_conf_vasd_deluser_check_timelimit"></a>`vas_conf_vasd_deluser_check_timelimit`
+##### <a name="-vas--vas_conf_vasd_deluser_check_timelimit"></a>`vas_conf_vasd_deluser_check_timelimit`
 
 Data type: `Optional[Integer]`
 
 Integer for number of seconds to set value of deluser-check-timelimit in
 [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_delusercheck_interval"></a>`vas_conf_vasd_delusercheck_interval`
+##### <a name="-vas--vas_conf_vasd_delusercheck_interval"></a>`vas_conf_vasd_delusercheck_interval`
 
 Data type: `Optional[Integer]`
 
 Integer for number of minutes to set value of delusercheck-interval in
 [vasd] section of vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_delusercheck_script"></a>`vas_conf_vasd_delusercheck_script`
+##### <a name="-vas--vas_conf_vasd_delusercheck_script"></a>`vas_conf_vasd_delusercheck_script`
 
 Data type: `Optional[Stdlib::Absolutepath]`
 
 Path for script to set value of delusercheck-script in [vasd] section of
 vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_username_attr_name"></a>`vas_conf_vasd_username_attr_name`
+##### <a name="-vas--vas_conf_vasd_username_attr_name"></a>`vas_conf_vasd_username_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for username-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_groupname_attr_name"></a>`vas_conf_vasd_groupname_attr_name`
+##### <a name="-vas--vas_conf_vasd_groupname_attr_name"></a>`vas_conf_vasd_groupname_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for groupname-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_uid_number_attr_name"></a>`vas_conf_vasd_uid_number_attr_name`
+##### <a name="-vas--vas_conf_vasd_uid_number_attr_name"></a>`vas_conf_vasd_uid_number_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for uid-number-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_gid_number_attr_name"></a>`vas_conf_vasd_gid_number_attr_name`
+##### <a name="-vas--vas_conf_vasd_gid_number_attr_name"></a>`vas_conf_vasd_gid_number_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for gid-number-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_gecos_attr_name"></a>`vas_conf_vasd_gecos_attr_name`
+##### <a name="-vas--vas_conf_vasd_gecos_attr_name"></a>`vas_conf_vasd_gecos_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for gecos-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_home_dir_attr_name"></a>`vas_conf_vasd_home_dir_attr_name`
+##### <a name="-vas--vas_conf_vasd_home_dir_attr_name"></a>`vas_conf_vasd_home_dir_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for home-dir-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_login_shell_attr_name"></a>`vas_conf_vasd_login_shell_attr_name`
+##### <a name="-vas--vas_conf_vasd_login_shell_attr_name"></a>`vas_conf_vasd_login_shell_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for login-shell-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_group_member_attr_name"></a>`vas_conf_vasd_group_member_attr_name`
+##### <a name="-vas--vas_conf_vasd_group_member_attr_name"></a>`vas_conf_vasd_group_member_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for group-member-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_memberof_attr_name"></a>`vas_conf_vasd_memberof_attr_name`
+##### <a name="-vas--vas_conf_vasd_memberof_attr_name"></a>`vas_conf_vasd_memberof_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for memberof-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_unix_password_attr_name"></a>`vas_conf_vasd_unix_password_attr_name`
+##### <a name="-vas--vas_conf_vasd_unix_password_attr_name"></a>`vas_conf_vasd_unix_password_attr_name`
 
 Data type: `Optional[String[1]]`
 
 String to be used for unix_password-attr-name  in [vasd] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vasd_netgroup_mode"></a>`vas_conf_vasd_netgroup_mode`
+##### <a name="-vas--vas_conf_vasd_netgroup_mode"></a>`vas_conf_vasd_netgroup_mode`
 
 Data type: `Optional[Enum['NSS', 'NIS', 'OFF']]`
 
@@ -704,9 +704,9 @@ vas.conf. Valid values are 'NSS', 'NIS' and 'OFF'. If not specified, the
 netgroup-mode parameter will not be set in vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_prompt_vas_ad_pw"></a>`vas_conf_prompt_vas_ad_pw`
+##### <a name="-vas--vas_conf_prompt_vas_ad_pw"></a>`vas_conf_prompt_vas_ad_pw`
 
 Data type: `String[1]`
 
@@ -714,24 +714,24 @@ prompt-vas-ad-pw option in vas.conf. Sets the password prompt for logins.
 
 Default value: `'"Enter Windows password: "'`
 
-##### <a name="vas_conf_pam_vas_prompt_ad_lockout_msg"></a>`vas_conf_pam_vas_prompt_ad_lockout_msg`
+##### <a name="-vas--vas_conf_pam_vas_prompt_ad_lockout_msg"></a>`vas_conf_pam_vas_prompt_ad_lockout_msg`
 
 Data type: `Optional[String[1]]`
 
 prompt-ad-lockout-msg option in vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_libdefaults_forwardable"></a>`vas_conf_libdefaults_forwardable`
+##### <a name="-vas--vas_conf_libdefaults_forwardable"></a>`vas_conf_libdefaults_forwardable`
 
 Data type: `Boolean`
 
 Boolean to set value of forwardable in [libdefaults] vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="vas_conf_libdefaults_tgs_default_enctypes"></a>`vas_conf_libdefaults_tgs_default_enctypes`
+##### <a name="-vas--vas_conf_libdefaults_tgs_default_enctypes"></a>`vas_conf_libdefaults_tgs_default_enctypes`
 
 Data type: `String[1]`
 
@@ -739,7 +739,7 @@ FIXME Missing description
 
 Default value: `'arcfour-hmac-md5'`
 
-##### <a name="vas_conf_libdefaults_tkt_default_enctypes"></a>`vas_conf_libdefaults_tkt_default_enctypes`
+##### <a name="-vas--vas_conf_libdefaults_tkt_default_enctypes"></a>`vas_conf_libdefaults_tkt_default_enctypes`
 
 Data type: `String[1]`
 
@@ -747,7 +747,7 @@ FIXME Missing description
 
 Default value: `'arcfour-hmac-md5'`
 
-##### <a name="vas_conf_libdefaults_default_etypes"></a>`vas_conf_libdefaults_default_etypes`
+##### <a name="-vas--vas_conf_libdefaults_default_etypes"></a>`vas_conf_libdefaults_default_etypes`
 
 Data type: `String[1]`
 
@@ -756,7 +756,7 @@ See VAS.CONF(5) for more info.
 
 Default value: `'arcfour-hmac-md5'`
 
-##### <a name="vas_conf_libdefaults_default_cc_name"></a>`vas_conf_libdefaults_default_cc_name`
+##### <a name="-vas--vas_conf_libdefaults_default_cc_name"></a>`vas_conf_libdefaults_default_cc_name`
 
 Data type: `Optional[String[1]]`
 
@@ -764,18 +764,18 @@ String to set where kerberos cache files should be stored (default on most
 systems is /tmp/krb5cc_${uid}).
 Example: FILE:/new/path/krb5cc_${uid}
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vas_auth_uid_check_limit"></a>`vas_conf_vas_auth_uid_check_limit`
+##### <a name="-vas--vas_conf_vas_auth_uid_check_limit"></a>`vas_conf_vas_auth_uid_check_limit`
 
 Data type: `Optional[Integer]`
 
 Integer for uid-check-limit option in vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vas_auth_allow_disconnected_auth"></a>`vas_conf_vas_auth_allow_disconnected_auth`
+##### <a name="-vas--vas_conf_vas_auth_allow_disconnected_auth"></a>`vas_conf_vas_auth_allow_disconnected_auth`
 
 Data type: `Optional[Boolean]`
 
@@ -783,9 +783,9 @@ Boolean to set value of allow-disconnected-auth option in [vas_auth] section
 of vas.conf. See VAS.CONF(5) for more info. If set to 'UNSET' nothing will
 get printed.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_vas_auth_expand_ac_groups"></a>`vas_conf_vas_auth_expand_ac_groups`
+##### <a name="-vas--vas_conf_vas_auth_expand_ac_groups"></a>`vas_conf_vas_auth_expand_ac_groups`
 
 Data type: `Optional[Boolean]`
 
@@ -793,9 +793,9 @@ Boolean to set value of expand-ac-groups option in [vas_auth] section of
 vas.conf. See VAS.CONF(5) for more info. If set to 'UNSET' nothing will get
 printed.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_libvas_vascache_ipc_timeout"></a>`vas_conf_libvas_vascache_ipc_timeout`
+##### <a name="-vas--vas_conf_libvas_vascache_ipc_timeout"></a>`vas_conf_libvas_vascache_ipc_timeout`
 
 Data type: `Integer[0]`
 
@@ -804,7 +804,7 @@ Integer for number of seconds to set value of vascache-ipc-timeout in
 
 Default value: `15`
 
-##### <a name="vas_conf_libvas_use_server_referrals"></a>`vas_conf_libvas_use_server_referrals`
+##### <a name="-vas--vas_conf_libvas_use_server_referrals"></a>`vas_conf_libvas_use_server_referrals`
 
 Data type: `Variant[Boolean, Enum['']]`
 
@@ -813,9 +813,9 @@ See VAS.CONF(5) for more info. Set to 'USE_DEFAULTS' for automagically
 switching depending on running $vas_version.
 Also see $vas_conf_libvas_use_server_referrals_version_switch.
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="vas_conf_libvas_use_server_referrals_version_switch"></a>`vas_conf_libvas_use_server_referrals_version_switch`
+##### <a name="-vas--vas_conf_libvas_use_server_referrals_version_switch"></a>`vas_conf_libvas_use_server_referrals_version_switch`
 
 Data type: `String[1]`
 
@@ -825,7 +825,7 @@ Equal or higher version numbers will pull the trigger.
 
 Default value: `'4.1.0.21518'`
 
-##### <a name="vas_conf_libvas_auth_helper_timeout"></a>`vas_conf_libvas_auth_helper_timeout`
+##### <a name="-vas--vas_conf_libvas_auth_helper_timeout"></a>`vas_conf_libvas_auth_helper_timeout`
 
 Data type: `Integer[0]`
 
@@ -834,7 +834,7 @@ Integer for number of seconds to set value of auth-helper-timeout in
 
 Default value: `10`
 
-##### <a name="vas_conf_libvas_mscldap_timeout"></a>`vas_conf_libvas_mscldap_timeout`
+##### <a name="-vas--vas_conf_libvas_mscldap_timeout"></a>`vas_conf_libvas_mscldap_timeout`
 
 Data type: `Integer[0]`
 
@@ -843,52 +843,52 @@ AD Domain Controllers. See VAS.CONF(5) for more info.
 
 Default value: `1`
 
-##### <a name="vas_conf_libvas_site_only_servers"></a>`vas_conf_libvas_site_only_servers`
+##### <a name="-vas--vas_conf_libvas_site_only_servers"></a>`vas_conf_libvas_site_only_servers`
 
 Data type: `Boolean`
 
 Boolean to set valut of site-only-servers in [libvas] section of
 vas.conf. See VAS.CONF(5) for more info.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="vas_conf_libvas_use_dns_srv"></a>`vas_conf_libvas_use_dns_srv`
+##### <a name="-vas--vas_conf_libvas_use_dns_srv"></a>`vas_conf_libvas_use_dns_srv`
 
 Data type: `Boolean`
 
 Boolean to set value of use-dns-srv in [libvas] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="vas_conf_libvas_use_tcp_only"></a>`vas_conf_libvas_use_tcp_only`
+##### <a name="-vas--vas_conf_libvas_use_tcp_only"></a>`vas_conf_libvas_use_tcp_only`
 
 Data type: `Boolean`
 
 Boolean to set value of use-tcp-only in [libvas] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``true``
+Default value: `true`
 
-##### <a name="vas_conf_lowercase_names"></a>`vas_conf_lowercase_names`
+##### <a name="-vas--vas_conf_lowercase_names"></a>`vas_conf_lowercase_names`
 
 Data type: `Optional[Boolean]`
 
 Boolean to set value of lowercase-names in [nss_vas] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_conf_lowercase_homedirs"></a>`vas_conf_lowercase_homedirs`
+##### <a name="-vas--vas_conf_lowercase_homedirs"></a>`vas_conf_lowercase_homedirs`
 
 Data type: `Optional[Boolean]`
 
 Boolean to set value of lowercase-homedirs in [nss_vas] section of vas.conf.
 See VAS.CONF(5) for more info.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="vas_config_path"></a>`vas_config_path`
+##### <a name="-vas--vas_config_path"></a>`vas_config_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -896,7 +896,7 @@ Path to VAS config file.
 
 Default value: `'/etc/opt/quest/vas/vas.conf'`
 
-##### <a name="vas_config_owner"></a>`vas_config_owner`
+##### <a name="-vas--vas_config_owner"></a>`vas_config_owner`
 
 Data type: `String[1]`
 
@@ -904,7 +904,7 @@ vas.conf owner.
 
 Default value: `'root'`
 
-##### <a name="vas_config_group"></a>`vas_config_group`
+##### <a name="-vas--vas_config_group"></a>`vas_config_group`
 
 Data type: `String[1]`
 
@@ -912,7 +912,7 @@ vas.conf group.
 
 Default value: `'root'`
 
-##### <a name="vas_config_mode"></a>`vas_config_mode`
+##### <a name="-vas--vas_config_mode"></a>`vas_config_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -920,7 +920,7 @@ vas.conf mode.
 
 Default value: `'0644'`
 
-##### <a name="vas_user_override_path"></a>`vas_user_override_path`
+##### <a name="-vas--vas_user_override_path"></a>`vas_user_override_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -928,7 +928,7 @@ Path to user-override file.
 
 Default value: `'/etc/opt/quest/vas/user-override'`
 
-##### <a name="vas_user_override_owner"></a>`vas_user_override_owner`
+##### <a name="-vas--vas_user_override_owner"></a>`vas_user_override_owner`
 
 Data type: `String[1]`
 
@@ -936,7 +936,7 @@ user-override file owner.
 
 Default value: `'root'`
 
-##### <a name="vas_user_override_group"></a>`vas_user_override_group`
+##### <a name="-vas--vas_user_override_group"></a>`vas_user_override_group`
 
 Data type: `String[1]`
 
@@ -944,7 +944,7 @@ user-override file group.
 
 Default value: `'root'`
 
-##### <a name="vas_user_override_mode"></a>`vas_user_override_mode`
+##### <a name="-vas--vas_user_override_mode"></a>`vas_user_override_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -952,7 +952,7 @@ user-override file mode.
 
 Default value: `'0644'`
 
-##### <a name="vas_group_override_path"></a>`vas_group_override_path`
+##### <a name="-vas--vas_group_override_path"></a>`vas_group_override_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -960,7 +960,7 @@ Path to user-override file.
 
 Default value: `'/etc/opt/quest/vas/group-override'`
 
-##### <a name="vas_group_override_owner"></a>`vas_group_override_owner`
+##### <a name="-vas--vas_group_override_owner"></a>`vas_group_override_owner`
 
 Data type: `String[1]`
 
@@ -968,7 +968,7 @@ group-override file owner.
 
 Default value: `'root'`
 
-##### <a name="vas_group_override_group"></a>`vas_group_override_group`
+##### <a name="-vas--vas_group_override_group"></a>`vas_group_override_group`
 
 Data type: `String[1]`
 
@@ -976,7 +976,7 @@ group-override file group.
 
 Default value: `'root'`
 
-##### <a name="vas_group_override_mode"></a>`vas_group_override_mode`
+##### <a name="-vas--vas_group_override_mode"></a>`vas_group_override_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -984,7 +984,7 @@ group-override file mode.
 
 Default value: `'0644'`
 
-##### <a name="vas_users_allow_path"></a>`vas_users_allow_path`
+##### <a name="-vas--vas_users_allow_path"></a>`vas_users_allow_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -992,7 +992,7 @@ Path to users.allow file.
 
 Default value: `'/etc/opt/quest/vas/users.allow'`
 
-##### <a name="vas_users_allow_owner"></a>`vas_users_allow_owner`
+##### <a name="-vas--vas_users_allow_owner"></a>`vas_users_allow_owner`
 
 Data type: `String[1]`
 
@@ -1000,7 +1000,7 @@ users.allow file owner.
 
 Default value: `'root'`
 
-##### <a name="vas_users_allow_group"></a>`vas_users_allow_group`
+##### <a name="-vas--vas_users_allow_group"></a>`vas_users_allow_group`
 
 Data type: `String[1]`
 
@@ -1008,7 +1008,7 @@ users.allow file group.
 
 Default value: `'root'`
 
-##### <a name="vas_users_allow_mode"></a>`vas_users_allow_mode`
+##### <a name="-vas--vas_users_allow_mode"></a>`vas_users_allow_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -1016,7 +1016,7 @@ users.allow file mode.
 
 Default value: `'0644'`
 
-##### <a name="vas_users_deny_path"></a>`vas_users_deny_path`
+##### <a name="-vas--vas_users_deny_path"></a>`vas_users_deny_path`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -1024,7 +1024,7 @@ Path to users.deny file.
 
 Default value: `'/etc/opt/quest/vas/users.deny'`
 
-##### <a name="vas_users_deny_owner"></a>`vas_users_deny_owner`
+##### <a name="-vas--vas_users_deny_owner"></a>`vas_users_deny_owner`
 
 Data type: `String[1]`
 
@@ -1032,7 +1032,7 @@ users.deny file owner.
 
 Default value: `'root'`
 
-##### <a name="vas_users_deny_group"></a>`vas_users_deny_group`
+##### <a name="-vas--vas_users_deny_group"></a>`vas_users_deny_group`
 
 Data type: `String[1]`
 
@@ -1040,7 +1040,7 @@ users.deny file group.
 
 Default value: `'root'`
 
-##### <a name="vas_users_deny_mode"></a>`vas_users_deny_mode`
+##### <a name="-vas--vas_users_deny_mode"></a>`vas_users_deny_mode`
 
 Data type: `Stdlib::Filemode`
 
@@ -1048,7 +1048,7 @@ users.deny file mode.
 
 Default value: `'0644'`
 
-##### <a name="vasjoin_logfile"></a>`vasjoin_logfile`
+##### <a name="-vas--vasjoin_logfile"></a>`vasjoin_logfile`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -1056,7 +1056,7 @@ Path to logfile used by AD join commando.
 
 Default value: `'/var/tmp/vasjoin.log'`
 
-##### <a name="vastool_binary"></a>`vastool_binary`
+##### <a name="-vas--vastool_binary"></a>`vastool_binary`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -1064,7 +1064,7 @@ Path to vastool binary to create symlink from.
 
 Default value: `'/opt/quest/bin/vastool'`
 
-##### <a name="symlink_vastool_binary_target"></a>`symlink_vastool_binary_target`
+##### <a name="-vas--symlink_vastool_binary_target"></a>`symlink_vastool_binary_target`
 
 Data type: `Stdlib::Absolutepath`
 
@@ -1072,7 +1072,7 @@ Path to where the symlink should be created.
 
 Default value: `'/usr/bin/vastool'`
 
-##### <a name="symlink_vastool_binary"></a>`symlink_vastool_binary`
+##### <a name="-vas--symlink_vastool_binary"></a>`symlink_vastool_binary`
 
 Data type: `Boolean`
 
@@ -1080,9 +1080,9 @@ Boolean for ensuring a symlink for vastool_binary to
 symlink_vastool_binary_target. This is useful since /opt/quest/bin is a
 non-standard location that is not in your $PATH.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="license_files"></a>`license_files`
+##### <a name="-vas--license_files"></a>`license_files`
 
 Data type: `Hash`
 
@@ -1090,7 +1090,7 @@ Hash of license files.
 
 Default value: `{}`
 
-##### <a name="domain_realms"></a>`domain_realms`
+##### <a name="-vas--domain_realms"></a>`domain_realms`
 
 Data type: `Hash`
 
@@ -1098,7 +1098,7 @@ Hash of domains that should be mapped to correct realm.
 
 Default value: `{}`
 
-##### <a name="join_domain_controllers"></a>`join_domain_controllers`
+##### <a name="-vas--join_domain_controllers"></a>`join_domain_controllers`
 
 Data type: `Array[String[1]]`
 
@@ -1113,25 +1113,25 @@ made.
 
 Default value: `[]`
 
-##### <a name="unjoin_vas"></a>`unjoin_vas`
+##### <a name="-vas--unjoin_vas"></a>`unjoin_vas`
 
 Data type: `Boolean`
 
 Boolean to trigger an unjoining of the domain. Obviously this will only
 work if the system is joined to a domain.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="use_srv_infocache"></a>`use_srv_infocache`
+##### <a name="-vas--use_srv_infocache"></a>`use_srv_infocache`
 
 Data type: `Optional[Boolean]`
 
 A bool to achieve the same thing as issuing "vastool configure vas libvas
 use-srv-info-cache <bool>" Only has any effect if set to false.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="kdcs"></a>`kdcs`
+##### <a name="-vas--kdcs"></a>`kdcs`
 
 Data type: `Array[String[1]]`
 
@@ -1141,7 +1141,7 @@ has the same effect as issuing
 
 Default value: `[]`
 
-##### <a name="kdc_port"></a>`kdc_port`
+##### <a name="-vas--kdc_port"></a>`kdc_port`
 
 Data type: `Stdlib::Port`
 
@@ -1150,7 +1150,7 @@ with servernames.
 
 Default value: `88`
 
-##### <a name="kpasswd_servers"></a>`kpasswd_servers`
+##### <a name="-vas--kpasswd_servers"></a>`kpasswd_servers`
 
 Data type: `Array[String[1]]`
 
@@ -1160,7 +1160,7 @@ of kdcs (above).
 
 Default value: `[]`
 
-##### <a name="kpasswd_server_port"></a>`kpasswd_server_port`
+##### <a name="-vas--kpasswd_server_port"></a>`kpasswd_server_port`
 
 Data type: `Stdlib::Port`
 
@@ -1169,7 +1169,7 @@ kpasswd_servers or kdcs is populated with servernames.
 
 Default value: `464`
 
-##### <a name="api_enable"></a>`api_enable`
+##### <a name="-vas--api_enable"></a>`api_enable`
 
 Data type: `Boolean`
 
@@ -1178,35 +1178,63 @@ will return a list of entries for the users.allow file. This result will be
 merged with whatever content is provided otherwise provided; i.e. it will be
 concatenated with the content created by parameters users_allow_entries.
 
-Default value: ``false``
+Default value: `false`
 
-##### <a name="api_users_allow_url"></a>`api_users_allow_url`
+##### <a name="-vas--api_users_allow_url"></a>`api_users_allow_url`
 
 Data type: `Optional[Stdlib::HTTPSUrl]`
 
 The URL towards the API.
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="api_token"></a>`api_token`
+##### <a name="-vas--api_token"></a>`api_token`
 
 Data type: `Optional[String[1]]`
 
 Security token for authenticated access to the API.
 
-Default value: ``undef``
+Default value: `undef`
 
 ## Functions
 
-### <a name="api_fetch"></a>`api_fetch`
+### <a name="vas--api_fetch"></a>`vas::api_fetch`
 
-Type: Ruby 3.x API
+Type: Ruby 4.x API
 
-The api_fetch function.
+Query a remote HTTP-based service for entries to be added to users_allow.
 
-#### `api_fetch()`
+#### Examples
+
+##### Calling the function
+
+```puppet
+vas::api_fetch("https://host.domain.tld/api/${facts['trusted.certname']}")
+```
+
+#### `vas::api_fetch(Stdlib::HTTPUrl $url, String[1] $token)`
+
+Query a remote HTTP-based service for entries to be added to users_allow.
+
+Returns: `Stdlib::Http::Status` If a valid response and contains entries
+
+##### Examples
 
-The api_fetch function.
+###### Calling the function
+
+```puppet
+vas::api_fetch("https://host.domain.tld/api/${facts['trusted.certname']}")
+```
+
+##### `url`
+
+Data type: `Stdlib::HTTPUrl`
+
+URL to connect to
+
+##### `token`
+
+Data type: `String[1]`
 
-Returns: `Any`
+Token used for authentication
 
diff --git a/lib/puppet/functions/vas/api_fetch.rb b/lib/puppet/functions/vas/api_fetch.rb
new file mode 100644
index 0000000..52c4261
--- /dev/null
+++ b/lib/puppet/functions/vas/api_fetch.rb
@@ -0,0 +1,48 @@
+# Query a remote HTTP-based service for entries to be added to users_allow.
+Puppet::Functions.create_function(:'vas::api_fetch') do
+  require 'net/http'
+  require 'net/https'
+  require 'openssl'
+  # @param url URL to connect to
+  # @param token Token used for authentication
+  # @return [Stdlib::Http::Status, Array[String]] If a valid response and contains entries
+  # @return [Stdlib::Http::Status, Array[nil]] If a valid response, but no entries
+  # @return [Stdlib::Http::Status, nil] If response is not of SUCCESS status code
+  # @return [0, String] If the query is unable to reach server or other error
+  # @example Calling the function
+  #   vas::api_fetch("https://host.domain.tld/api/${facts['trusted.certname']}")
+  dispatch :api_fetch do
+    param 'Stdlib::HTTPUrl', :url
+    param 'String[1]', :token
+  end
+
+  def api_fetch(url, token)
+    uri = URI.parse(url)
+
+    req = Net::HTTP::Get.new(uri.to_s)
+    req['Authorization'] = "Bearer #{token}"
+    req['Accept'] = 'text/plain'
+
+    https = Net::HTTP.new(uri.host, uri.port)
+    https.use_ssl = true
+    https.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    https.open_timeout = 2
+    https.read_timeout = 2
+
+    begin
+      response = https.start do |cx|
+        cx.request(req)
+      end
+
+      case response
+      when Net::HTTPSuccess
+        return response.code, response.body.split("\n") unless response.body.to_s.empty?
+        [response.code, []]
+      else
+        [response.code, nil]
+      end
+    rescue => error
+      [0, error.message]
+    end
+  end
+end
diff --git a/lib/puppet/parser/functions/api_fetch.rb b/lib/puppet/parser/functions/api_fetch.rb
deleted file mode 100644
index 8500b3a..0000000
--- a/lib/puppet/parser/functions/api_fetch.rb
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# api_fetch.rb
-#
-
-require 'net/http'
-require 'net/https'
-require 'openssl'
-
-module Puppet::Parser::Functions
-  newfunction(:api_fetch, type: :rvalue) do |args|
-    raise(Puppet::ParseError, "api_fetch(): Wrong number of arguments given (#{args.size} for 2)") if args.size < 2
-
-    url = args[0]
-    token = args[1]
-
-    unless url.is_a?(String)
-      raise(Puppet::ParseError, 'api_fetch(): Argument must be a string')
-    end
-
-    unless token.is_a?(String)
-      raise(Puppet::ParseError, 'api_fetch(): Argument must be a string')
-    end
-
-    uri = URI.parse(url)
-
-    req = Net::HTTP::Get.new(uri.to_s)
-    req['Authorization'] = "Bearer #{token}"
-    req['Accept'] = 'text/plain'
-
-    https = Net::HTTP.new(uri.host, uri.port)
-    https.use_ssl = true
-    https.verify_mode = OpenSSL::SSL::VERIFY_NONE
-    https.open_timeout = 2
-    https.read_timeout = 2
-
-    begin
-      response = https.start do |cx|
-        cx.request(req)
-      end
-
-      case response
-      when Net::HTTPSuccess
-        return response.code, response.body.split("\n") unless response.body.to_s.empty?
-        return response.code, []
-      else
-        return response.code, nil
-      end
-    rescue => error
-      return 0, error.message
-    end
-  end
-end
diff --git a/manifests/init.pp b/manifests/init.pp
index c31c95d..00a94ab 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -673,7 +673,7 @@
   if $api_enable == true and ($api_users_allow_url == undef or $api_token == undef) {
     fail('vas::api_enable is set to true but required parameters vas::api_users_allow_url and/or vas::api_token missing')
   } elsif $api_enable == true {
-    $api_users_allow_data = api_fetch($api_users_allow_url, $api_token)
+    $api_users_allow_data = vas::api_fetch($api_users_allow_url, $api_token)
 
     case $api_users_allow_data[0] {
       200,'200': { # api_fetch() returns integer in Puppet 3 and string in Puppet 6
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
index d6957de..4c2d561 100644
--- a/spec/classes/init_spec.rb
+++ b/spec/classes/init_spec.rb
@@ -317,7 +317,7 @@
             context 'and returns 200' do
               context 'without data' do
                 let(:pre_condition) do
-                  'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+                  'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
                 end
 
                 users_allow_api_nodata_content = <<-END.gsub(%r{^\s+\|}, '')
@@ -355,7 +355,7 @@
 
               context 'with data' do
                 let(:pre_condition) do
-                  'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@example.com\'] }'
+                  'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@example.com\'] }'
                 end
 
                 users_allow_api_data_content = <<-END.gsub(%r{^\s+\|}, '')
@@ -394,7 +394,7 @@
 
             context 'and return non-200 code' do
               let(:pre_condition) do
-                'function api_fetch($api_users_allow_url, $api_token) { return [0, undef] }'
+                'function vas::api_fetch($api_users_allow_url, $api_token) { return [0, undef] }'
               end
 
               it {
diff --git a/spec/classes/parameter_spec.rb b/spec/classes/parameter_spec.rb
index f3a3970..3b5007c 100644
--- a/spec/classes/parameter_spec.rb
+++ b/spec/classes/parameter_spec.rb
@@ -918,7 +918,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -935,7 +935,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do
@@ -953,7 +953,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -971,7 +971,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do
@@ -1007,7 +1007,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -1024,7 +1024,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do
diff --git a/spec/functions/api_fetch_spec.rb b/spec/functions/api_fetch_spec.rb
index c194d7a..faa7975 100644
--- a/spec/functions/api_fetch_spec.rb
+++ b/spec/functions/api_fetch_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 require 'webmock/rspec'
 
-describe 'api_fetch' do
+describe 'vas::api_fetch' do
   headers = {
     'Accept' => 'text/plain',
     'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
@@ -18,7 +18,7 @@
       it do
         is_expected.to run
           .with_params
-          .and_raise_error(Puppet::ParseError, 'api_fetch(): Wrong number of arguments given (0 for 2)')
+          .and_raise_error(ArgumentError, '\'vas::api_fetch\' expects 2 arguments, got none')
       end
     end
 
@@ -26,7 +26,7 @@
       it do
         is_expected.to run
           .with_params(url)
-          .and_raise_error(Puppet::ParseError, 'api_fetch(): Wrong number of arguments given (1 for 2)')
+          .and_raise_error(ArgumentError, '\'vas::api_fetch\' expects 2 arguments, got 1')
       end
     end
   end
@@ -35,7 +35,7 @@
     it do
       is_expected.to run
         .with_params(1, 'somesecret')
-        .and_raise_error(%r{Argument must be a string})
+        .and_raise_error(ArgumentError, %r{'vas::api_fetch' parameter 'url' expects a match for Stdlib::HTTPUrl.* got Integer})
     end
   end
 
@@ -43,7 +43,7 @@
     it do
       is_expected.to run
         .with_params(url, 1)
-        .and_raise_error(%r{Argument must be a string})
+        .and_raise_error(ArgumentError, '\'vas::api_fetch\' parameter \'token\' expects a String value, got Integer')
     end
   end