Auth0 v3.9.0 published on Wednesday, Dec 4, 2024 by Pulumi
auth0.getAttackProtection
Explore with Pulumi AI
Use this data source to access information about the tenant’s attack protection settings.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";
const myProtection = auth0.getAttackProtection({});
import pulumi
import pulumi_auth0 as auth0
my_protection = auth0.get_attack_protection()
package main
import (
"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auth0.LookupAttackProtection(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Auth0 = Pulumi.Auth0;
return await Deployment.RunAsync(() =>
{
var myProtection = Auth0.GetAttackProtection.Invoke();
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Auth0Functions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var myProtection = Auth0Functions.getAttackProtection();
}
}
variables:
myProtection:
fn::invoke:
Function: auth0:getAttackProtection
Arguments: {}
Using getAttackProtection
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAttackProtection(opts?: InvokeOptions): Promise<GetAttackProtectionResult>
function getAttackProtectionOutput(opts?: InvokeOptions): Output<GetAttackProtectionResult>
def get_attack_protection(opts: Optional[InvokeOptions] = None) -> GetAttackProtectionResult
def get_attack_protection_output(opts: Optional[InvokeOptions] = None) -> Output[GetAttackProtectionResult]
func LookupAttackProtection(ctx *Context, opts ...InvokeOption) (*LookupAttackProtectionResult, error)
func LookupAttackProtectionOutput(ctx *Context, opts ...InvokeOption) LookupAttackProtectionResultOutput
> Note: This function is named LookupAttackProtection
in the Go SDK.
public static class GetAttackProtection
{
public static Task<GetAttackProtectionResult> InvokeAsync(InvokeOptions? opts = null)
public static Output<GetAttackProtectionResult> Invoke(InvokeOptions? opts = null)
}
public static CompletableFuture<GetAttackProtectionResult> getAttackProtection(InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: auth0:index/getAttackProtection:getAttackProtection
arguments:
# arguments dictionary
getAttackProtection Result
The following output properties are available:
- Breached
Password List<GetDetections Attack Protection Breached Password Detection> - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- Brute
Force List<GetProtections Attack Protection Brute Force Protection> - Brute-force protection safeguards against a single IP address attacking a single user account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Suspicious
Ip List<GetThrottlings Attack Protection Suspicious Ip Throttling> - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
- Breached
Password []GetDetections Attack Protection Breached Password Detection - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- Brute
Force []GetProtections Attack Protection Brute Force Protection - Brute-force protection safeguards against a single IP address attacking a single user account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Suspicious
Ip []GetThrottlings Attack Protection Suspicious Ip Throttling - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
- breached
Password List<GetDetections Attack Protection Breached Password Detection> - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- brute
Force List<GetProtections Attack Protection Brute Force Protection> - Brute-force protection safeguards against a single IP address attacking a single user account.
- id String
- The provider-assigned unique ID for this managed resource.
- suspicious
Ip List<GetThrottlings Attack Protection Suspicious Ip Throttling> - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
- breached
Password GetDetections Attack Protection Breached Password Detection[] - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- brute
Force GetProtections Attack Protection Brute Force Protection[] - Brute-force protection safeguards against a single IP address attacking a single user account.
- id string
- The provider-assigned unique ID for this managed resource.
- suspicious
Ip GetThrottlings Attack Protection Suspicious Ip Throttling[] - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
- breached_
password_ Sequence[Getdetections Attack Protection Breached Password Detection] - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- brute_
force_ Sequence[Getprotections Attack Protection Brute Force Protection] - Brute-force protection safeguards against a single IP address attacking a single user account.
- id str
- The provider-assigned unique ID for this managed resource.
- suspicious_
ip_ Sequence[Getthrottlings Attack Protection Suspicious Ip Throttling] - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
- breached
Password List<Property Map>Detections - Breached password detection protects your applications from bad actors logging in with stolen credentials.
- brute
Force List<Property Map>Protections - Brute-force protection safeguards against a single IP address attacking a single user account.
- id String
- The provider-assigned unique ID for this managed resource.
- suspicious
Ip List<Property Map>Throttlings - Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.
Supporting Types
GetAttackProtectionBreachedPasswordDetection
- Admin
Notification List<string>Frequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - Enabled bool
- Whether breached password detection is active.
- Method string
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - Pre
User List<GetRegistrations Attack Protection Breached Password Detection Pre User Registration> - Configuration options that apply before every user registration attempt. Only available on public tenants.
- Shields List<string>
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
- Admin
Notification []stringFrequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - Enabled bool
- Whether breached password detection is active.
- Method string
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - Pre
User []GetRegistrations Attack Protection Breached Password Detection Pre User Registration - Configuration options that apply before every user registration attempt. Only available on public tenants.
- Shields []string
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
- admin
Notification List<String>Frequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - enabled Boolean
- Whether breached password detection is active.
- method String
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - pre
User List<GetRegistrations Attack Protection Breached Password Detection Pre User Registration> - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields List<String>
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
- admin
Notification string[]Frequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - enabled boolean
- Whether breached password detection is active.
- method string
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - pre
User GetRegistrations Attack Protection Breached Password Detection Pre User Registration[] - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields string[]
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
- admin_
notification_ Sequence[str]frequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - enabled bool
- Whether breached password detection is active.
- method str
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - pre_
user_ Sequence[Getregistrations Attack Protection Breached Password Detection Pre User Registration] - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields Sequence[str]
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
- admin
Notification List<String>Frequencies - When
admin_notification
is enabled within theshields
property, determines how often email notifications are sent. Possible values:immediately
,daily
,weekly
,monthly
. - enabled Boolean
- Whether breached password detection is active.
- method String
- The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values:
standard
,enhanced
. - pre
User List<Property Map>Registrations - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields List<String>
- Action to take when a breached password is detected. Options include:
block
(block compromised user accounts),user_notification
(send an email to user when we detect that they are using compromised credentials) andadmin_notification
(send an email with a summary of the number of accounts logging in with compromised credentials).
GetAttackProtectionBreachedPasswordDetectionPreUserRegistration
- Shields List<string>
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
- Shields []string
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
- shields List<String>
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
- shields string[]
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
- shields Sequence[str]
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
- shields List<String>
- Action to take when a breached password is detected during a signup. Possible values:
block
(block compromised credentials for new accounts),admin_notification
(send an email notification with a summary of compromised credentials in new accounts).
GetAttackProtectionBruteForceProtection
- Allowlists List<string>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- Enabled bool
- Whether brute force attack protections are active.
- Max
Attempts int - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- Mode string
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - Shields List<string>
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
- Allowlists []string
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- Enabled bool
- Whether brute force attack protections are active.
- Max
Attempts int - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- Mode string
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - Shields []string
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
- allowlists List<String>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled Boolean
- Whether brute force attack protections are active.
- max
Attempts Integer - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- mode String
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - shields List<String>
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
- allowlists string[]
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled boolean
- Whether brute force attack protections are active.
- max
Attempts number - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- mode string
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - shields string[]
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
- allowlists Sequence[str]
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled bool
- Whether brute force attack protections are active.
- max_
attempts int - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- mode str
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - shields Sequence[str]
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
- allowlists List<String>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled Boolean
- Whether brute force attack protections are active.
- max
Attempts Number - Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
- mode String
- Determines whether the IP address is used when counting failed attempts. Possible values:
count_per_identifier_and_ip
(lockout an account from a given IP Address) orcount_per_identifier
(lockout an account regardless of IP Address). - shields List<String>
- Action to take when a brute force protection threshold is violated. Possible values:
block
(block login attempts for a flagged user account),user_notification
(send an email to user when their account has been blocked).
GetAttackProtectionSuspiciousIpThrottling
- Allowlists List<string>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- Enabled bool
- Whether suspicious IP throttling attack protections are active.
- Pre
Logins List<GetAttack Protection Suspicious Ip Throttling Pre Login> - Configuration options that apply before every login attempt. Only available on public tenants.
- Pre
User List<GetRegistrations Attack Protection Suspicious Ip Throttling Pre User Registration> - Configuration options that apply before every user registration attempt. Only available on public tenants.
- Shields List<string>
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
- Allowlists []string
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- Enabled bool
- Whether suspicious IP throttling attack protections are active.
- Pre
Logins []GetAttack Protection Suspicious Ip Throttling Pre Login - Configuration options that apply before every login attempt. Only available on public tenants.
- Pre
User []GetRegistrations Attack Protection Suspicious Ip Throttling Pre User Registration - Configuration options that apply before every user registration attempt. Only available on public tenants.
- Shields []string
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
- allowlists List<String>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled Boolean
- Whether suspicious IP throttling attack protections are active.
- pre
Logins List<GetAttack Protection Suspicious Ip Throttling Pre Login> - Configuration options that apply before every login attempt. Only available on public tenants.
- pre
User List<GetRegistrations Attack Protection Suspicious Ip Throttling Pre User Registration> - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields List<String>
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
- allowlists string[]
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled boolean
- Whether suspicious IP throttling attack protections are active.
- pre
Logins GetAttack Protection Suspicious Ip Throttling Pre Login[] - Configuration options that apply before every login attempt. Only available on public tenants.
- pre
User GetRegistrations Attack Protection Suspicious Ip Throttling Pre User Registration[] - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields string[]
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
- allowlists Sequence[str]
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled bool
- Whether suspicious IP throttling attack protections are active.
- pre_
logins Sequence[GetAttack Protection Suspicious Ip Throttling Pre Login] - Configuration options that apply before every login attempt. Only available on public tenants.
- pre_
user_ Sequence[Getregistrations Attack Protection Suspicious Ip Throttling Pre User Registration] - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields Sequence[str]
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
- allowlists List<String>
- List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
- enabled Boolean
- Whether suspicious IP throttling attack protections are active.
- pre
Logins List<Property Map> - Configuration options that apply before every login attempt. Only available on public tenants.
- pre
User List<Property Map>Registrations - Configuration options that apply before every user registration attempt. Only available on public tenants.
- shields List<String>
- Action to take when a suspicious IP throttling threshold is violated. Possible values:
block
(throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts),admin_notification
(send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).
GetAttackProtectionSuspiciousIpThrottlingPreLogin
- Max
Attempts int - The maximum number of failed login attempts allowed from a single IP address.
- Rate int
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
- Max
Attempts int - The maximum number of failed login attempts allowed from a single IP address.
- Rate int
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
- max
Attempts Integer - The maximum number of failed login attempts allowed from a single IP address.
- rate Integer
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
- max
Attempts number - The maximum number of failed login attempts allowed from a single IP address.
- rate number
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
- max_
attempts int - The maximum number of failed login attempts allowed from a single IP address.
- rate int
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
- max
Attempts Number - The maximum number of failed login attempts allowed from a single IP address.
- rate Number
- Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.
GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration
- Max
Attempts int - The maximum number of sign up attempts allowed from a single IP address.
- Rate int
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
- Max
Attempts int - The maximum number of sign up attempts allowed from a single IP address.
- Rate int
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
- max
Attempts Integer - The maximum number of sign up attempts allowed from a single IP address.
- rate Integer
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
- max
Attempts number - The maximum number of sign up attempts allowed from a single IP address.
- rate number
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
- max_
attempts int - The maximum number of sign up attempts allowed from a single IP address.
- rate int
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
- max
Attempts Number - The maximum number of sign up attempts allowed from a single IP address.
- rate Number
- Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.
Package Details
- Repository
- Auth0 pulumi/pulumi-auth0
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
auth0
Terraform Provider.