Auth0

Pulumi Official
Package maintained by Pulumi
v2.9.0 published on Thursday, May 26, 2022 by Pulumi

AttackProtection

Auth0 can detect attacks and stop malicious attempts to access your application such as blocking traffic from certain IPs and displaying CAPTCHA

Example Usage

using Pulumi;
using Auth0 = Pulumi.Auth0;

class MyStack : Stack
{
    public MyStack()
    {
        var attackProtection = new Auth0.AttackProtection("attackProtection", new Auth0.AttackProtectionArgs
        {
            BreachedPasswordDetection = new Auth0.Inputs.AttackProtectionBreachedPasswordDetectionArgs
            {
                AdminNotificationFrequencies = 
                {
                    "daily",
                },
                Enabled = true,
                Method = "standard",
                Shields = 
                {
                    "admin_notification",
                    "block",
                },
            },
            BruteForceProtection = new Auth0.Inputs.AttackProtectionBruteForceProtectionArgs
            {
                Allowlists = 
                {
                    "127.0.0.1",
                },
                Enabled = true,
                MaxAttempts = 5,
                Mode = "count_per_identifier_and_ip",
                Shields = 
                {
                    "block",
                    "user_notification",
                },
            },
            SuspiciousIpThrottling = new Auth0.Inputs.AttackProtectionSuspiciousIpThrottlingArgs
            {
                Allowlists = 
                {
                    "192.168.1.1",
                },
                Enabled = true,
                PreLogin = new Auth0.Inputs.AttackProtectionSuspiciousIpThrottlingPreLoginArgs
                {
                    MaxAttempts = 100,
                    Rate = 864000,
                },
                PreUserRegistration = new Auth0.Inputs.AttackProtectionSuspiciousIpThrottlingPreUserRegistrationArgs
                {
                    MaxAttempts = 50,
                    Rate = 1200,
                },
                Shields = 
                {
                    "admin_notification",
                    "block",
                },
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-auth0/sdk/v2/go/auth0"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth0.NewAttackProtection(ctx, "attackProtection", &auth0.AttackProtectionArgs{
			BreachedPasswordDetection: &AttackProtectionBreachedPasswordDetectionArgs{
				AdminNotificationFrequencies: pulumi.StringArray{
					pulumi.String("daily"),
				},
				Enabled: pulumi.Bool(true),
				Method:  pulumi.String("standard"),
				Shields: pulumi.StringArray{
					pulumi.String("admin_notification"),
					pulumi.String("block"),
				},
			},
			BruteForceProtection: &AttackProtectionBruteForceProtectionArgs{
				Allowlists: pulumi.StringArray{
					pulumi.String("127.0.0.1"),
				},
				Enabled:     pulumi.Bool(true),
				MaxAttempts: pulumi.Int(5),
				Mode:        pulumi.String("count_per_identifier_and_ip"),
				Shields: pulumi.StringArray{
					pulumi.String("block"),
					pulumi.String("user_notification"),
				},
			},
			SuspiciousIpThrottling: &AttackProtectionSuspiciousIpThrottlingArgs{
				Allowlists: pulumi.StringArray{
					pulumi.String("192.168.1.1"),
				},
				Enabled: pulumi.Bool(true),
				PreLogin: &AttackProtectionSuspiciousIpThrottlingPreLoginArgs{
					MaxAttempts: pulumi.Int(100),
					Rate:        pulumi.Int(864000),
				},
				PreUserRegistration: &AttackProtectionSuspiciousIpThrottlingPreUserRegistrationArgs{
					MaxAttempts: pulumi.Int(50),
					Rate:        pulumi.Int(1200),
				},
				Shields: pulumi.StringArray{
					pulumi.String("admin_notification"),
					pulumi.String("block"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var attackProtection = new AttackProtection("attackProtection", AttackProtectionArgs.builder()        
            .breachedPasswordDetection(AttackProtectionBreachedPasswordDetectionArgs.builder()
                .adminNotificationFrequencies("daily")
                .enabled(true)
                .method("standard")
                .shields(                
                    "admin_notification",
                    "block")
                .build())
            .bruteForceProtection(AttackProtectionBruteForceProtectionArgs.builder()
                .allowlists("127.0.0.1")
                .enabled(true)
                .maxAttempts(5)
                .mode("count_per_identifier_and_ip")
                .shields(                
                    "block",
                    "user_notification")
                .build())
            .suspiciousIpThrottling(AttackProtectionSuspiciousIpThrottlingArgs.builder()
                .allowlists("192.168.1.1")
                .enabled(true)
                .preLogin(AttackProtectionSuspiciousIpThrottlingPreLoginArgs.builder()
                    .maxAttempts(100)
                    .rate(864000)
                    .build())
                .preUserRegistration(AttackProtectionSuspiciousIpThrottlingPreUserRegistrationArgs.builder()
                    .maxAttempts(50)
                    .rate(1200)
                    .build())
                .shields(                
                    "admin_notification",
                    "block")
                .build())
            .build());

    }
}
import pulumi
import pulumi_auth0 as auth0

attack_protection = auth0.AttackProtection("attackProtection",
    breached_password_detection=auth0.AttackProtectionBreachedPasswordDetectionArgs(
        admin_notification_frequencies=["daily"],
        enabled=True,
        method="standard",
        shields=[
            "admin_notification",
            "block",
        ],
    ),
    brute_force_protection=auth0.AttackProtectionBruteForceProtectionArgs(
        allowlists=["127.0.0.1"],
        enabled=True,
        max_attempts=5,
        mode="count_per_identifier_and_ip",
        shields=[
            "block",
            "user_notification",
        ],
    ),
    suspicious_ip_throttling=auth0.AttackProtectionSuspiciousIpThrottlingArgs(
        allowlists=["192.168.1.1"],
        enabled=True,
        pre_login=auth0.AttackProtectionSuspiciousIpThrottlingPreLoginArgs(
            max_attempts=100,
            rate=864000,
        ),
        pre_user_registration=auth0.AttackProtectionSuspiciousIpThrottlingPreUserRegistrationArgs(
            max_attempts=50,
            rate=1200,
        ),
        shields=[
            "admin_notification",
            "block",
        ],
    ))
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";

const attackProtection = new auth0.AttackProtection("attack_protection", {
    breachedPasswordDetection: {
        adminNotificationFrequencies: ["daily"],
        enabled: true,
        method: "standard",
        shields: [
            "admin_notification",
            "block",
        ],
    },
    bruteForceProtection: {
        allowlists: ["127.0.0.1"],
        enabled: true,
        maxAttempts: 5,
        mode: "count_per_identifier_and_ip",
        shields: [
            "block",
            "user_notification",
        ],
    },
    suspiciousIpThrottling: {
        allowlists: ["192.168.1.1"],
        enabled: true,
        preLogin: {
            maxAttempts: 100,
            rate: 864000,
        },
        preUserRegistration: {
            maxAttempts: 50,
            rate: 1200,
        },
        shields: [
            "admin_notification",
            "block",
        ],
    },
});
resources:
  attackProtection:
    type: auth0:AttackProtection
    properties:
      breachedPasswordDetection:
        adminNotificationFrequencies:
          - daily
        enabled: true
        method: standard
        shields:
          - admin_notification
          - block
      bruteForceProtection:
        allowlists:
          - 127.0.0.1
        enabled: true
        maxAttempts: 5
        mode: count_per_identifier_and_ip
        shields:
          - block
          - user_notification
      suspiciousIpThrottling:
        allowlists:
          - 192.168.1.1
        enabled: true
        preLogin:
          maxAttempts: 100
          rate: 864000
        preUserRegistration:
          maxAttempts: 50
          rate: 1200
        shields:
          - admin_notification
          - block

Create a AttackProtection Resource

new AttackProtection(name: string, args?: AttackProtectionArgs, opts?: CustomResourceOptions);
@overload
def AttackProtection(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     breached_password_detection: Optional[AttackProtectionBreachedPasswordDetectionArgs] = None,
                     brute_force_protection: Optional[AttackProtectionBruteForceProtectionArgs] = None,
                     suspicious_ip_throttling: Optional[AttackProtectionSuspiciousIpThrottlingArgs] = None)
@overload
def AttackProtection(resource_name: str,
                     args: Optional[AttackProtectionArgs] = None,
                     opts: Optional[ResourceOptions] = None)
func NewAttackProtection(ctx *Context, name string, args *AttackProtectionArgs, opts ...ResourceOption) (*AttackProtection, error)
public AttackProtection(string name, AttackProtectionArgs? args = null, CustomResourceOptions? opts = null)
public AttackProtection(String name, AttackProtectionArgs args)
public AttackProtection(String name, AttackProtectionArgs args, CustomResourceOptions options)
type: auth0:AttackProtection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AttackProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AttackProtectionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AttackProtectionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AttackProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AttackProtectionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AttackProtection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AttackProtection resource accepts the following input properties:

BreachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

BruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

SuspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

BreachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

BruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

SuspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breached_password_detection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

brute_force_protection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspicious_ip_throttling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection Property Map

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection Property Map

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling Property Map

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

Outputs

All input properties are implicitly available as output properties. Additionally, the AttackProtection resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing AttackProtection Resource

Get an existing AttackProtection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AttackProtectionState, opts?: CustomResourceOptions): AttackProtection
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        breached_password_detection: Optional[AttackProtectionBreachedPasswordDetectionArgs] = None,
        brute_force_protection: Optional[AttackProtectionBruteForceProtectionArgs] = None,
        suspicious_ip_throttling: Optional[AttackProtectionSuspiciousIpThrottlingArgs] = None) -> AttackProtection
func GetAttackProtection(ctx *Context, name string, id IDInput, state *AttackProtectionState, opts ...ResourceOption) (*AttackProtection, error)
public static AttackProtection Get(string name, Input<string> id, AttackProtectionState? state, CustomResourceOptions? opts = null)
public static AttackProtection get(String name, Output<String> id, AttackProtectionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
BreachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

BruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

SuspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

BreachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

BruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

SuspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breached_password_detection AttackProtectionBreachedPasswordDetectionArgs

Breached password detection protects your applications from bad actors logging in with stolen credentials.

brute_force_protection AttackProtectionBruteForceProtectionArgs

Safeguards against a single IP address attacking a single user account.

suspicious_ip_throttling AttackProtectionSuspiciousIpThrottlingArgs

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetection Property Map

Breached password detection protects your applications from bad actors logging in with stolen credentials.

bruteForceProtection Property Map

Safeguards against a single IP address attacking a single user account.

suspiciousIpThrottling Property Map

Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

Supporting Types

AttackProtectionBreachedPasswordDetection

AdminNotificationFrequencies List<string>

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

Enabled bool

Whether or not breached password detection is active.

Method string

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

Shields List<string>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

AdminNotificationFrequencies []string

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

Enabled bool

Whether or not breached password detection is active.

Method string

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

Shields []string

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

adminNotificationFrequencies List<String>

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

enabled Boolean

Whether or not breached password detection is active.

method String

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

adminNotificationFrequencies string[]

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

enabled boolean

Whether or not breached password detection is active.

method string

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

shields string[]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

admin_notification_frequencies Sequence[str]

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

enabled bool

Whether or not breached password detection is active.

method str

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

shields Sequence[str]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

adminNotificationFrequencies List<String>

When "admin_notification" is enabled, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.

enabled Boolean

Whether or not breached password detection is active.

method String

The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

AttackProtectionBruteForceProtection

Allowlists List<string>

List of trusted IP addresses that will not have attack protection enforced against them.

Enabled bool

Whether or not breached password detection is active.

MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Mode string

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

Shields List<string>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

Allowlists []string

List of trusted IP addresses that will not have attack protection enforced against them.

Enabled bool

Whether or not breached password detection is active.

MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Mode string

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

Shields []string

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists List<String>

List of trusted IP addresses that will not have attack protection enforced against them.

enabled Boolean

Whether or not breached password detection is active.

maxAttempts Integer

Maximum number of unsuccessful attempts. Only available on public tenants.

mode String

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists string[]

List of trusted IP addresses that will not have attack protection enforced against them.

enabled boolean

Whether or not breached password detection is active.

maxAttempts number

Maximum number of unsuccessful attempts. Only available on public tenants.

mode string

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

shields string[]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists Sequence[str]

List of trusted IP addresses that will not have attack protection enforced against them.

enabled bool

Whether or not breached password detection is active.

max_attempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

mode str

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

shields Sequence[str]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists List<String>

List of trusted IP addresses that will not have attack protection enforced against them.

enabled Boolean

Whether or not breached password detection is active.

maxAttempts Number

Maximum number of unsuccessful attempts. Only available on public tenants.

mode String

Determines whether or not IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip or count_per_identifier.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

AttackProtectionSuspiciousIpThrottling

Allowlists List<string>

List of trusted IP addresses that will not have attack protection enforced against them.

Enabled bool

Whether or not breached password detection is active.

PreLogin AttackProtectionSuspiciousIpThrottlingPreLogin

Configuration options that apply before every login attempt. Only available on public tenants.

PreUserRegistration AttackProtectionSuspiciousIpThrottlingPreUserRegistration

Configuration options that apply before every user registration attempt. Only available on public tenants.

Shields List<string>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

Allowlists []string

List of trusted IP addresses that will not have attack protection enforced against them.

Enabled bool

Whether or not breached password detection is active.

PreLogin AttackProtectionSuspiciousIpThrottlingPreLogin

Configuration options that apply before every login attempt. Only available on public tenants.

PreUserRegistration AttackProtectionSuspiciousIpThrottlingPreUserRegistration

Configuration options that apply before every user registration attempt. Only available on public tenants.

Shields []string

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists List<String>

List of trusted IP addresses that will not have attack protection enforced against them.

enabled Boolean

Whether or not breached password detection is active.

preLogin AttackProtectionSuspiciousIpThrottlingPreLogin

Configuration options that apply before every login attempt. Only available on public tenants.

preUserRegistration AttackProtectionSuspiciousIpThrottlingPreUserRegistration

Configuration options that apply before every user registration attempt. Only available on public tenants.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists string[]

List of trusted IP addresses that will not have attack protection enforced against them.

enabled boolean

Whether or not breached password detection is active.

preLogin AttackProtectionSuspiciousIpThrottlingPreLogin

Configuration options that apply before every login attempt. Only available on public tenants.

preUserRegistration AttackProtectionSuspiciousIpThrottlingPreUserRegistration

Configuration options that apply before every user registration attempt. Only available on public tenants.

shields string[]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists Sequence[str]

List of trusted IP addresses that will not have attack protection enforced against them.

enabled bool

Whether or not breached password detection is active.

pre_login AttackProtectionSuspiciousIpThrottlingPreLogin

Configuration options that apply before every login attempt. Only available on public tenants.

pre_user_registration AttackProtectionSuspiciousIpThrottlingPreUserRegistration

Configuration options that apply before every user registration attempt. Only available on public tenants.

shields Sequence[str]

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

allowlists List<String>

List of trusted IP addresses that will not have attack protection enforced against them.

enabled Boolean

Whether or not breached password detection is active.

preLogin Property Map

Configuration options that apply before every login attempt. Only available on public tenants.

preUserRegistration Property Map

Configuration options that apply before every user registration attempt. Only available on public tenants.

shields List<String>

Action to take when a breached password is detected. Possible values: block, user_notification, admin_notification.

AttackProtectionSuspiciousIpThrottlingPreLogin

MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Rate int
MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Rate int
maxAttempts Integer

Maximum number of unsuccessful attempts. Only available on public tenants.

rate Integer
maxAttempts number

Maximum number of unsuccessful attempts. Only available on public tenants.

rate number
max_attempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

rate int
maxAttempts Number

Maximum number of unsuccessful attempts. Only available on public tenants.

rate Number

AttackProtectionSuspiciousIpThrottlingPreUserRegistration

MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Rate int
MaxAttempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

Rate int
maxAttempts Integer

Maximum number of unsuccessful attempts. Only available on public tenants.

rate Integer
maxAttempts number

Maximum number of unsuccessful attempts. Only available on public tenants.

rate number
max_attempts int

Maximum number of unsuccessful attempts. Only available on public tenants.

rate int
maxAttempts Number

Maximum number of unsuccessful attempts. Only available on public tenants.

rate Number

Import

As this is not a resource identifiable by an ID within the Auth0 Management API, guardian can be imported using a random string. We recommend Version 4 UUID e.g.

 $ pulumi import auth0:index/attackProtection:AttackProtection default 24940d4b-4bd4-44e7-894e-f92e4de36a40

Package Details

Repository
https://github.com/pulumi/pulumi-auth0
License
Apache-2.0
Notes

This Pulumi package is based on the auth0 Terraform Provider.