1. Packages
  2. Auth0 Provider
  3. API Docs
  4. Guardian
Auth0 v3.8.2 published on Friday, Nov 1, 2024 by Pulumi

auth0.Guardian

Explore with Pulumi AI

auth0 logo
Auth0 v3.8.2 published on Friday, Nov 1, 2024 by Pulumi

    Multi-Factor Authentication works by requiring additional factors during the login process to prevent unauthorized access. With this resource you can configure some options available for MFA.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as auth0 from "@pulumi/auth0";
    
    const myGuardian = new auth0.Guardian("my_guardian", {
        policy: "all-applications",
        email: true,
        otp: true,
        recoveryCode: true,
        webauthnPlatform: {
            enabled: true,
        },
        webauthnRoaming: {
            enabled: true,
            userVerification: "required",
        },
        phone: {
            enabled: true,
            provider: "auth0",
            messageTypes: [
                "sms",
                "voice",
            ],
            options: {
                enrollmentMessage: "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.",
                verificationMessage: "{{code}} is your verification code for {{tenant.friendly_name}}.",
            },
        },
        push: {
            enabled: true,
            provider: "sns",
            amazonSns: {
                awsAccessKeyId: "test1",
                awsRegion: "us-west-1",
                awsSecretAccessKey: "secretKey",
                snsApnsPlatformApplicationArn: "test_arn",
                snsGcmPlatformApplicationArn: "test_arn",
            },
            customApp: {
                appName: "CustomApp",
                appleAppLink: "https://itunes.apple.com/us/app/my-app/id123121",
                googleAppLink: "https://play.google.com/store/apps/details?id=com.my.app",
            },
        },
        duo: {
            enabled: true,
            integrationKey: "someKey",
            secretKey: "someSecret",
            hostname: "api-hostname",
        },
    });
    
    import pulumi
    import pulumi_auth0 as auth0
    
    my_guardian = auth0.Guardian("my_guardian",
        policy="all-applications",
        email=True,
        otp=True,
        recovery_code=True,
        webauthn_platform={
            "enabled": True,
        },
        webauthn_roaming={
            "enabled": True,
            "user_verification": "required",
        },
        phone={
            "enabled": True,
            "provider": "auth0",
            "message_types": [
                "sms",
                "voice",
            ],
            "options": {
                "enrollment_message": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.",
                "verification_message": "{{code}} is your verification code for {{tenant.friendly_name}}.",
            },
        },
        push={
            "enabled": True,
            "provider": "sns",
            "amazon_sns": {
                "aws_access_key_id": "test1",
                "aws_region": "us-west-1",
                "aws_secret_access_key": "secretKey",
                "sns_apns_platform_application_arn": "test_arn",
                "sns_gcm_platform_application_arn": "test_arn",
            },
            "custom_app": {
                "app_name": "CustomApp",
                "apple_app_link": "https://itunes.apple.com/us/app/my-app/id123121",
                "google_app_link": "https://play.google.com/store/apps/details?id=com.my.app",
            },
        },
        duo={
            "enabled": True,
            "integration_key": "someKey",
            "secret_key": "someSecret",
            "hostname": "api-hostname",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := auth0.NewGuardian(ctx, "my_guardian", &auth0.GuardianArgs{
    			Policy:       pulumi.String("all-applications"),
    			Email:        pulumi.Bool(true),
    			Otp:          pulumi.Bool(true),
    			RecoveryCode: pulumi.Bool(true),
    			WebauthnPlatform: &auth0.GuardianWebauthnPlatformArgs{
    				Enabled: pulumi.Bool(true),
    			},
    			WebauthnRoaming: &auth0.GuardianWebauthnRoamingArgs{
    				Enabled:          pulumi.Bool(true),
    				UserVerification: pulumi.String("required"),
    			},
    			Phone: &auth0.GuardianPhoneArgs{
    				Enabled:  pulumi.Bool(true),
    				Provider: pulumi.String("auth0"),
    				MessageTypes: pulumi.StringArray{
    					pulumi.String("sms"),
    					pulumi.String("voice"),
    				},
    				Options: &auth0.GuardianPhoneOptionsArgs{
    					EnrollmentMessage:   pulumi.String("{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."),
    					VerificationMessage: pulumi.String("{{code}} is your verification code for {{tenant.friendly_name}}."),
    				},
    			},
    			Push: &auth0.GuardianPushArgs{
    				Enabled:  pulumi.Bool(true),
    				Provider: pulumi.String("sns"),
    				AmazonSns: &auth0.GuardianPushAmazonSnsArgs{
    					AwsAccessKeyId:                pulumi.String("test1"),
    					AwsRegion:                     pulumi.String("us-west-1"),
    					AwsSecretAccessKey:            pulumi.String("secretKey"),
    					SnsApnsPlatformApplicationArn: pulumi.String("test_arn"),
    					SnsGcmPlatformApplicationArn:  pulumi.String("test_arn"),
    				},
    				CustomApp: &auth0.GuardianPushCustomAppArgs{
    					AppName:       pulumi.String("CustomApp"),
    					AppleAppLink:  pulumi.String("https://itunes.apple.com/us/app/my-app/id123121"),
    					GoogleAppLink: pulumi.String("https://play.google.com/store/apps/details?id=com.my.app"),
    				},
    			},
    			Duo: &auth0.GuardianDuoArgs{
    				Enabled:        pulumi.Bool(true),
    				IntegrationKey: pulumi.String("someKey"),
    				SecretKey:      pulumi.String("someSecret"),
    				Hostname:       pulumi.String("api-hostname"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Auth0 = Pulumi.Auth0;
    
    return await Deployment.RunAsync(() => 
    {
        var myGuardian = new Auth0.Guardian("my_guardian", new()
        {
            Policy = "all-applications",
            Email = true,
            Otp = true,
            RecoveryCode = true,
            WebauthnPlatform = new Auth0.Inputs.GuardianWebauthnPlatformArgs
            {
                Enabled = true,
            },
            WebauthnRoaming = new Auth0.Inputs.GuardianWebauthnRoamingArgs
            {
                Enabled = true,
                UserVerification = "required",
            },
            Phone = new Auth0.Inputs.GuardianPhoneArgs
            {
                Enabled = true,
                Provider = "auth0",
                MessageTypes = new[]
                {
                    "sms",
                    "voice",
                },
                Options = new Auth0.Inputs.GuardianPhoneOptionsArgs
                {
                    EnrollmentMessage = "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.",
                    VerificationMessage = "{{code}} is your verification code for {{tenant.friendly_name}}.",
                },
            },
            Push = new Auth0.Inputs.GuardianPushArgs
            {
                Enabled = true,
                Provider = "sns",
                AmazonSns = new Auth0.Inputs.GuardianPushAmazonSnsArgs
                {
                    AwsAccessKeyId = "test1",
                    AwsRegion = "us-west-1",
                    AwsSecretAccessKey = "secretKey",
                    SnsApnsPlatformApplicationArn = "test_arn",
                    SnsGcmPlatformApplicationArn = "test_arn",
                },
                CustomApp = new Auth0.Inputs.GuardianPushCustomAppArgs
                {
                    AppName = "CustomApp",
                    AppleAppLink = "https://itunes.apple.com/us/app/my-app/id123121",
                    GoogleAppLink = "https://play.google.com/store/apps/details?id=com.my.app",
                },
            },
            Duo = new Auth0.Inputs.GuardianDuoArgs
            {
                Enabled = true,
                IntegrationKey = "someKey",
                SecretKey = "someSecret",
                Hostname = "api-hostname",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.auth0.Guardian;
    import com.pulumi.auth0.GuardianArgs;
    import com.pulumi.auth0.inputs.GuardianWebauthnPlatformArgs;
    import com.pulumi.auth0.inputs.GuardianWebauthnRoamingArgs;
    import com.pulumi.auth0.inputs.GuardianPhoneArgs;
    import com.pulumi.auth0.inputs.GuardianPhoneOptionsArgs;
    import com.pulumi.auth0.inputs.GuardianPushArgs;
    import com.pulumi.auth0.inputs.GuardianPushAmazonSnsArgs;
    import com.pulumi.auth0.inputs.GuardianPushCustomAppArgs;
    import com.pulumi.auth0.inputs.GuardianDuoArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var myGuardian = new Guardian("myGuardian", GuardianArgs.builder()
                .policy("all-applications")
                .email(true)
                .otp(true)
                .recoveryCode(true)
                .webauthnPlatform(GuardianWebauthnPlatformArgs.builder()
                    .enabled(true)
                    .build())
                .webauthnRoaming(GuardianWebauthnRoamingArgs.builder()
                    .enabled(true)
                    .userVerification("required")
                    .build())
                .phone(GuardianPhoneArgs.builder()
                    .enabled(true)
                    .provider("auth0")
                    .messageTypes(                
                        "sms",
                        "voice")
                    .options(GuardianPhoneOptionsArgs.builder()
                        .enrollmentMessage("{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.")
                        .verificationMessage("{{code}} is your verification code for {{tenant.friendly_name}}.")
                        .build())
                    .build())
                .push(GuardianPushArgs.builder()
                    .enabled(true)
                    .provider("sns")
                    .amazonSns(GuardianPushAmazonSnsArgs.builder()
                        .awsAccessKeyId("test1")
                        .awsRegion("us-west-1")
                        .awsSecretAccessKey("secretKey")
                        .snsApnsPlatformApplicationArn("test_arn")
                        .snsGcmPlatformApplicationArn("test_arn")
                        .build())
                    .customApp(GuardianPushCustomAppArgs.builder()
                        .appName("CustomApp")
                        .appleAppLink("https://itunes.apple.com/us/app/my-app/id123121")
                        .googleAppLink("https://play.google.com/store/apps/details?id=com.my.app")
                        .build())
                    .build())
                .duo(GuardianDuoArgs.builder()
                    .enabled(true)
                    .integrationKey("someKey")
                    .secretKey("someSecret")
                    .hostname("api-hostname")
                    .build())
                .build());
    
        }
    }
    
    resources:
      myGuardian:
        type: auth0:Guardian
        name: my_guardian
        properties:
          policy: all-applications
          email: true
          otp: true
          recoveryCode: true
          webauthnPlatform:
            enabled: true
          webauthnRoaming:
            enabled: true
            userVerification: required
          phone:
            enabled: true
            provider: auth0
            messageTypes:
              - sms
              - voice
            options:
              enrollmentMessage: '{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.'
              verificationMessage: '{{code}} is your verification code for {{tenant.friendly_name}}.'
          push:
            enabled: true
            provider: sns
            amazonSns:
              awsAccessKeyId: test1
              awsRegion: us-west-1
              awsSecretAccessKey: secretKey
              snsApnsPlatformApplicationArn: test_arn
              snsGcmPlatformApplicationArn: test_arn
            customApp:
              appName: CustomApp
              appleAppLink: https://itunes.apple.com/us/app/my-app/id123121
              googleAppLink: https://play.google.com/store/apps/details?id=com.my.app
          duo:
            enabled: true
            integrationKey: someKey
            secretKey: someSecret
            hostname: api-hostname
    

    Create Guardian Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Guardian(name: string, args: GuardianArgs, opts?: CustomResourceOptions);
    @overload
    def Guardian(resource_name: str,
                 args: GuardianArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Guardian(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 policy: Optional[str] = None,
                 duo: Optional[GuardianDuoArgs] = None,
                 email: Optional[bool] = None,
                 otp: Optional[bool] = None,
                 phone: Optional[GuardianPhoneArgs] = None,
                 push: Optional[GuardianPushArgs] = None,
                 recovery_code: Optional[bool] = None,
                 webauthn_platform: Optional[GuardianWebauthnPlatformArgs] = None,
                 webauthn_roaming: Optional[GuardianWebauthnRoamingArgs] = None)
    func NewGuardian(ctx *Context, name string, args GuardianArgs, opts ...ResourceOption) (*Guardian, error)
    public Guardian(string name, GuardianArgs args, CustomResourceOptions? opts = null)
    public Guardian(String name, GuardianArgs args)
    public Guardian(String name, GuardianArgs args, CustomResourceOptions options)
    
    type: auth0:Guardian
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args GuardianArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GuardianArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GuardianArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GuardianArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GuardianArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var guardianResource = new Auth0.Guardian("guardianResource", new()
    {
        Policy = "string",
        Duo = new Auth0.Inputs.GuardianDuoArgs
        {
            Enabled = false,
            Hostname = "string",
            IntegrationKey = "string",
            SecretKey = "string",
        },
        Email = false,
        Otp = false,
        Phone = new Auth0.Inputs.GuardianPhoneArgs
        {
            Enabled = false,
            MessageTypes = new[]
            {
                "string",
            },
            Options = new Auth0.Inputs.GuardianPhoneOptionsArgs
            {
                AuthToken = "string",
                EnrollmentMessage = "string",
                From = "string",
                MessagingServiceSid = "string",
                Sid = "string",
                VerificationMessage = "string",
            },
            Provider = "string",
        },
        Push = new Auth0.Inputs.GuardianPushArgs
        {
            Enabled = false,
            AmazonSns = new Auth0.Inputs.GuardianPushAmazonSnsArgs
            {
                AwsAccessKeyId = "string",
                AwsRegion = "string",
                AwsSecretAccessKey = "string",
                SnsApnsPlatformApplicationArn = "string",
                SnsGcmPlatformApplicationArn = "string",
            },
            CustomApp = new Auth0.Inputs.GuardianPushCustomAppArgs
            {
                AppName = "string",
                AppleAppLink = "string",
                GoogleAppLink = "string",
            },
            DirectApns = new Auth0.Inputs.GuardianPushDirectApnsArgs
            {
                BundleId = "string",
                P12 = "string",
                Sandbox = false,
                Enabled = false,
            },
            DirectFcm = new Auth0.Inputs.GuardianPushDirectFcmArgs
            {
                ServerKey = "string",
            },
            Provider = "string",
        },
        RecoveryCode = false,
        WebauthnPlatform = new Auth0.Inputs.GuardianWebauthnPlatformArgs
        {
            Enabled = false,
            OverrideRelyingParty = false,
            RelyingPartyIdentifier = "string",
        },
        WebauthnRoaming = new Auth0.Inputs.GuardianWebauthnRoamingArgs
        {
            Enabled = false,
            OverrideRelyingParty = false,
            RelyingPartyIdentifier = "string",
            UserVerification = "string",
        },
    });
    
    example, err := auth0.NewGuardian(ctx, "guardianResource", &auth0.GuardianArgs{
    	Policy: pulumi.String("string"),
    	Duo: &auth0.GuardianDuoArgs{
    		Enabled:        pulumi.Bool(false),
    		Hostname:       pulumi.String("string"),
    		IntegrationKey: pulumi.String("string"),
    		SecretKey:      pulumi.String("string"),
    	},
    	Email: pulumi.Bool(false),
    	Otp:   pulumi.Bool(false),
    	Phone: &auth0.GuardianPhoneArgs{
    		Enabled: pulumi.Bool(false),
    		MessageTypes: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Options: &auth0.GuardianPhoneOptionsArgs{
    			AuthToken:           pulumi.String("string"),
    			EnrollmentMessage:   pulumi.String("string"),
    			From:                pulumi.String("string"),
    			MessagingServiceSid: pulumi.String("string"),
    			Sid:                 pulumi.String("string"),
    			VerificationMessage: pulumi.String("string"),
    		},
    		Provider: pulumi.String("string"),
    	},
    	Push: &auth0.GuardianPushArgs{
    		Enabled: pulumi.Bool(false),
    		AmazonSns: &auth0.GuardianPushAmazonSnsArgs{
    			AwsAccessKeyId:                pulumi.String("string"),
    			AwsRegion:                     pulumi.String("string"),
    			AwsSecretAccessKey:            pulumi.String("string"),
    			SnsApnsPlatformApplicationArn: pulumi.String("string"),
    			SnsGcmPlatformApplicationArn:  pulumi.String("string"),
    		},
    		CustomApp: &auth0.GuardianPushCustomAppArgs{
    			AppName:       pulumi.String("string"),
    			AppleAppLink:  pulumi.String("string"),
    			GoogleAppLink: pulumi.String("string"),
    		},
    		DirectApns: &auth0.GuardianPushDirectApnsArgs{
    			BundleId: pulumi.String("string"),
    			P12:      pulumi.String("string"),
    			Sandbox:  pulumi.Bool(false),
    			Enabled:  pulumi.Bool(false),
    		},
    		DirectFcm: &auth0.GuardianPushDirectFcmArgs{
    			ServerKey: pulumi.String("string"),
    		},
    		Provider: pulumi.String("string"),
    	},
    	RecoveryCode: pulumi.Bool(false),
    	WebauthnPlatform: &auth0.GuardianWebauthnPlatformArgs{
    		Enabled:                pulumi.Bool(false),
    		OverrideRelyingParty:   pulumi.Bool(false),
    		RelyingPartyIdentifier: pulumi.String("string"),
    	},
    	WebauthnRoaming: &auth0.GuardianWebauthnRoamingArgs{
    		Enabled:                pulumi.Bool(false),
    		OverrideRelyingParty:   pulumi.Bool(false),
    		RelyingPartyIdentifier: pulumi.String("string"),
    		UserVerification:       pulumi.String("string"),
    	},
    })
    
    var guardianResource = new Guardian("guardianResource", GuardianArgs.builder()
        .policy("string")
        .duo(GuardianDuoArgs.builder()
            .enabled(false)
            .hostname("string")
            .integrationKey("string")
            .secretKey("string")
            .build())
        .email(false)
        .otp(false)
        .phone(GuardianPhoneArgs.builder()
            .enabled(false)
            .messageTypes("string")
            .options(GuardianPhoneOptionsArgs.builder()
                .authToken("string")
                .enrollmentMessage("string")
                .from("string")
                .messagingServiceSid("string")
                .sid("string")
                .verificationMessage("string")
                .build())
            .provider("string")
            .build())
        .push(GuardianPushArgs.builder()
            .enabled(false)
            .amazonSns(GuardianPushAmazonSnsArgs.builder()
                .awsAccessKeyId("string")
                .awsRegion("string")
                .awsSecretAccessKey("string")
                .snsApnsPlatformApplicationArn("string")
                .snsGcmPlatformApplicationArn("string")
                .build())
            .customApp(GuardianPushCustomAppArgs.builder()
                .appName("string")
                .appleAppLink("string")
                .googleAppLink("string")
                .build())
            .directApns(GuardianPushDirectApnsArgs.builder()
                .bundleId("string")
                .p12("string")
                .sandbox(false)
                .enabled(false)
                .build())
            .directFcm(GuardianPushDirectFcmArgs.builder()
                .serverKey("string")
                .build())
            .provider("string")
            .build())
        .recoveryCode(false)
        .webauthnPlatform(GuardianWebauthnPlatformArgs.builder()
            .enabled(false)
            .overrideRelyingParty(false)
            .relyingPartyIdentifier("string")
            .build())
        .webauthnRoaming(GuardianWebauthnRoamingArgs.builder()
            .enabled(false)
            .overrideRelyingParty(false)
            .relyingPartyIdentifier("string")
            .userVerification("string")
            .build())
        .build());
    
    guardian_resource = auth0.Guardian("guardianResource",
        policy="string",
        duo={
            "enabled": False,
            "hostname": "string",
            "integration_key": "string",
            "secret_key": "string",
        },
        email=False,
        otp=False,
        phone={
            "enabled": False,
            "message_types": ["string"],
            "options": {
                "auth_token": "string",
                "enrollment_message": "string",
                "from_": "string",
                "messaging_service_sid": "string",
                "sid": "string",
                "verification_message": "string",
            },
            "provider": "string",
        },
        push={
            "enabled": False,
            "amazon_sns": {
                "aws_access_key_id": "string",
                "aws_region": "string",
                "aws_secret_access_key": "string",
                "sns_apns_platform_application_arn": "string",
                "sns_gcm_platform_application_arn": "string",
            },
            "custom_app": {
                "app_name": "string",
                "apple_app_link": "string",
                "google_app_link": "string",
            },
            "direct_apns": {
                "bundle_id": "string",
                "p12": "string",
                "sandbox": False,
                "enabled": False,
            },
            "direct_fcm": {
                "server_key": "string",
            },
            "provider": "string",
        },
        recovery_code=False,
        webauthn_platform={
            "enabled": False,
            "override_relying_party": False,
            "relying_party_identifier": "string",
        },
        webauthn_roaming={
            "enabled": False,
            "override_relying_party": False,
            "relying_party_identifier": "string",
            "user_verification": "string",
        })
    
    const guardianResource = new auth0.Guardian("guardianResource", {
        policy: "string",
        duo: {
            enabled: false,
            hostname: "string",
            integrationKey: "string",
            secretKey: "string",
        },
        email: false,
        otp: false,
        phone: {
            enabled: false,
            messageTypes: ["string"],
            options: {
                authToken: "string",
                enrollmentMessage: "string",
                from: "string",
                messagingServiceSid: "string",
                sid: "string",
                verificationMessage: "string",
            },
            provider: "string",
        },
        push: {
            enabled: false,
            amazonSns: {
                awsAccessKeyId: "string",
                awsRegion: "string",
                awsSecretAccessKey: "string",
                snsApnsPlatformApplicationArn: "string",
                snsGcmPlatformApplicationArn: "string",
            },
            customApp: {
                appName: "string",
                appleAppLink: "string",
                googleAppLink: "string",
            },
            directApns: {
                bundleId: "string",
                p12: "string",
                sandbox: false,
                enabled: false,
            },
            directFcm: {
                serverKey: "string",
            },
            provider: "string",
        },
        recoveryCode: false,
        webauthnPlatform: {
            enabled: false,
            overrideRelyingParty: false,
            relyingPartyIdentifier: "string",
        },
        webauthnRoaming: {
            enabled: false,
            overrideRelyingParty: false,
            relyingPartyIdentifier: "string",
            userVerification: "string",
        },
    });
    
    type: auth0:Guardian
    properties:
        duo:
            enabled: false
            hostname: string
            integrationKey: string
            secretKey: string
        email: false
        otp: false
        phone:
            enabled: false
            messageTypes:
                - string
            options:
                authToken: string
                enrollmentMessage: string
                from: string
                messagingServiceSid: string
                sid: string
                verificationMessage: string
            provider: string
        policy: string
        push:
            amazonSns:
                awsAccessKeyId: string
                awsRegion: string
                awsSecretAccessKey: string
                snsApnsPlatformApplicationArn: string
                snsGcmPlatformApplicationArn: string
            customApp:
                appName: string
                appleAppLink: string
                googleAppLink: string
            directApns:
                bundleId: string
                enabled: false
                p12: string
                sandbox: false
            directFcm:
                serverKey: string
            enabled: false
            provider: string
        recoveryCode: false
        webauthnPlatform:
            enabled: false
            overrideRelyingParty: false
            relyingPartyIdentifier: string
        webauthnRoaming:
            enabled: false
            overrideRelyingParty: false
            relyingPartyIdentifier: string
            userVerification: string
    

    Guardian Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Guardian resource accepts the following input properties:

    Policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    Duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    Email bool
    Indicates whether email MFA is enabled.
    Otp bool
    Indicates whether one time password MFA is enabled.
    Phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    Push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    RecoveryCode bool
    Indicates whether recovery code MFA is enabled.
    WebauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    WebauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    Policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    Duo GuardianDuoArgs
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    Email bool
    Indicates whether email MFA is enabled.
    Otp bool
    Indicates whether one time password MFA is enabled.
    Phone GuardianPhoneArgs
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    Push GuardianPushArgs
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    RecoveryCode bool
    Indicates whether recovery code MFA is enabled.
    WebauthnPlatform GuardianWebauthnPlatformArgs
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    WebauthnRoaming GuardianWebauthnRoamingArgs
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    policy String
    Policy to use. Available options are never, all-applications and confidence-score.
    duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email Boolean
    Indicates whether email MFA is enabled.
    otp Boolean
    Indicates whether one time password MFA is enabled.
    phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode Boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email boolean
    Indicates whether email MFA is enabled.
    otp boolean
    Indicates whether one time password MFA is enabled.
    phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    policy str
    Policy to use. Available options are never, all-applications and confidence-score.
    duo GuardianDuoArgs
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email bool
    Indicates whether email MFA is enabled.
    otp bool
    Indicates whether one time password MFA is enabled.
    phone GuardianPhoneArgs
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    push GuardianPushArgs
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recovery_code bool
    Indicates whether recovery code MFA is enabled.
    webauthn_platform GuardianWebauthnPlatformArgs
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthn_roaming GuardianWebauthnRoamingArgs
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    policy String
    Policy to use. Available options are never, all-applications and confidence-score.
    duo Property Map
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email Boolean
    Indicates whether email MFA is enabled.
    otp Boolean
    Indicates whether one time password MFA is enabled.
    phone Property Map
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    push Property Map
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode Boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform Property Map
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming Property Map
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Guardian resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Guardian Resource

    Get an existing Guardian resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: GuardianState, opts?: CustomResourceOptions): Guardian
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            duo: Optional[GuardianDuoArgs] = None,
            email: Optional[bool] = None,
            otp: Optional[bool] = None,
            phone: Optional[GuardianPhoneArgs] = None,
            policy: Optional[str] = None,
            push: Optional[GuardianPushArgs] = None,
            recovery_code: Optional[bool] = None,
            webauthn_platform: Optional[GuardianWebauthnPlatformArgs] = None,
            webauthn_roaming: Optional[GuardianWebauthnRoamingArgs] = None) -> Guardian
    func GetGuardian(ctx *Context, name string, id IDInput, state *GuardianState, opts ...ResourceOption) (*Guardian, error)
    public static Guardian Get(string name, Input<string> id, GuardianState? state, CustomResourceOptions? opts = null)
    public static Guardian get(String name, Output<String> id, GuardianState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    Email bool
    Indicates whether email MFA is enabled.
    Otp bool
    Indicates whether one time password MFA is enabled.
    Phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    Policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    Push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    RecoveryCode bool
    Indicates whether recovery code MFA is enabled.
    WebauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    WebauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    Duo GuardianDuoArgs
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    Email bool
    Indicates whether email MFA is enabled.
    Otp bool
    Indicates whether one time password MFA is enabled.
    Phone GuardianPhoneArgs
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    Policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    Push GuardianPushArgs
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    RecoveryCode bool
    Indicates whether recovery code MFA is enabled.
    WebauthnPlatform GuardianWebauthnPlatformArgs
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    WebauthnRoaming GuardianWebauthnRoamingArgs
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email Boolean
    Indicates whether email MFA is enabled.
    otp Boolean
    Indicates whether one time password MFA is enabled.
    phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    policy String
    Policy to use. Available options are never, all-applications and confidence-score.
    push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode Boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    duo GuardianDuo
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email boolean
    Indicates whether email MFA is enabled.
    otp boolean
    Indicates whether one time password MFA is enabled.
    phone GuardianPhone
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    policy string
    Policy to use. Available options are never, all-applications and confidence-score.
    push GuardianPush
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform GuardianWebauthnPlatform
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming GuardianWebauthnRoaming
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    duo GuardianDuoArgs
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email bool
    Indicates whether email MFA is enabled.
    otp bool
    Indicates whether one time password MFA is enabled.
    phone GuardianPhoneArgs
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    policy str
    Policy to use. Available options are never, all-applications and confidence-score.
    push GuardianPushArgs
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recovery_code bool
    Indicates whether recovery code MFA is enabled.
    webauthn_platform GuardianWebauthnPlatformArgs
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthn_roaming GuardianWebauthnRoamingArgs
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.
    duo Property Map
    Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise.
    email Boolean
    Indicates whether email MFA is enabled.
    otp Boolean
    Indicates whether one time password MFA is enabled.
    phone Property Map
    Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise.
    policy String
    Policy to use. Available options are never, all-applications and confidence-score.
    push Property Map
    Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise.
    recoveryCode Boolean
    Indicates whether recovery code MFA is enabled.
    webauthnPlatform Property Map
    Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise.
    webauthnRoaming Property Map
    Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise.

    Supporting Types

    GuardianDuo, GuardianDuoArgs

    Enabled bool
    Indicates whether Duo MFA is enabled.
    Hostname string
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    IntegrationKey string
    Duo client ID, see the Duo documentation for more details on Duo setup.
    SecretKey string
    Duo client secret, see the Duo documentation for more details on Duo setup.
    Enabled bool
    Indicates whether Duo MFA is enabled.
    Hostname string
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    IntegrationKey string
    Duo client ID, see the Duo documentation for more details on Duo setup.
    SecretKey string
    Duo client secret, see the Duo documentation for more details on Duo setup.
    enabled Boolean
    Indicates whether Duo MFA is enabled.
    hostname String
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    integrationKey String
    Duo client ID, see the Duo documentation for more details on Duo setup.
    secretKey String
    Duo client secret, see the Duo documentation for more details on Duo setup.
    enabled boolean
    Indicates whether Duo MFA is enabled.
    hostname string
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    integrationKey string
    Duo client ID, see the Duo documentation for more details on Duo setup.
    secretKey string
    Duo client secret, see the Duo documentation for more details on Duo setup.
    enabled bool
    Indicates whether Duo MFA is enabled.
    hostname str
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    integration_key str
    Duo client ID, see the Duo documentation for more details on Duo setup.
    secret_key str
    Duo client secret, see the Duo documentation for more details on Duo setup.
    enabled Boolean
    Indicates whether Duo MFA is enabled.
    hostname String
    Duo API Hostname, see the Duo documentation for more details on Duo setup.
    integrationKey String
    Duo client ID, see the Duo documentation for more details on Duo setup.
    secretKey String
    Duo client secret, see the Duo documentation for more details on Duo setup.

    GuardianPhone, GuardianPhoneArgs

    Enabled bool
    Indicates whether Phone MFA is enabled.
    MessageTypes List<string>
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    Options GuardianPhoneOptions
    Options for the various providers.
    Provider string
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.
    Enabled bool
    Indicates whether Phone MFA is enabled.
    MessageTypes []string
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    Options GuardianPhoneOptions
    Options for the various providers.
    Provider string
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.
    enabled Boolean
    Indicates whether Phone MFA is enabled.
    messageTypes List<String>
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    options GuardianPhoneOptions
    Options for the various providers.
    provider String
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.
    enabled boolean
    Indicates whether Phone MFA is enabled.
    messageTypes string[]
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    options GuardianPhoneOptions
    Options for the various providers.
    provider string
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.
    enabled bool
    Indicates whether Phone MFA is enabled.
    message_types Sequence[str]
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    options GuardianPhoneOptions
    Options for the various providers.
    provider str
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.
    enabled Boolean
    Indicates whether Phone MFA is enabled.
    messageTypes List<String>
    Message types to use, array of sms and/or voice. Adding both to the array should enable the user to choose.
    options Property Map
    Options for the various providers.
    provider String
    Provider to use, one of auth0, twilio or phone-message-hook. Selecting phone-message-hook will require a Phone Message Action to be created before. Learn how.

    GuardianPhoneOptions, GuardianPhoneOptionsArgs

    AuthToken string
    AuthToken for your Twilio account.
    EnrollmentMessage string
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    From string
    Phone number to use as the sender.
    MessagingServiceSid string
    Messaging service SID.
    Sid string
    SID for your Twilio account.
    VerificationMessage string
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.
    AuthToken string
    AuthToken for your Twilio account.
    EnrollmentMessage string
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    From string
    Phone number to use as the sender.
    MessagingServiceSid string
    Messaging service SID.
    Sid string
    SID for your Twilio account.
    VerificationMessage string
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.
    authToken String
    AuthToken for your Twilio account.
    enrollmentMessage String
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    from String
    Phone number to use as the sender.
    messagingServiceSid String
    Messaging service SID.
    sid String
    SID for your Twilio account.
    verificationMessage String
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.
    authToken string
    AuthToken for your Twilio account.
    enrollmentMessage string
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    from string
    Phone number to use as the sender.
    messagingServiceSid string
    Messaging service SID.
    sid string
    SID for your Twilio account.
    verificationMessage string
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.
    auth_token str
    AuthToken for your Twilio account.
    enrollment_message str
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    from_ str
    Phone number to use as the sender.
    messaging_service_sid str
    Messaging service SID.
    sid str
    SID for your Twilio account.
    verification_message str
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.
    authToken String
    AuthToken for your Twilio account.
    enrollmentMessage String
    This message will be sent whenever a user enrolls a new device for the first time using MFA. Supports Liquid syntax, see Auth0 docs.
    from String
    Phone number to use as the sender.
    messagingServiceSid String
    Messaging service SID.
    sid String
    SID for your Twilio account.
    verificationMessage String
    This message will be sent whenever a user logs in after the enrollment. Supports Liquid syntax, see Auth0 docs.

    GuardianPush, GuardianPushArgs

    Enabled bool
    Indicates whether Push MFA is enabled.
    AmazonSns GuardianPushAmazonSns
    Configuration for Amazon SNS.
    CustomApp GuardianPushCustomApp
    Configuration for the Guardian Custom App.
    DirectApns GuardianPushDirectApns
    Configuration for the Apple Push Notification service (APNs) settings.
    DirectFcm GuardianPushDirectFcm
    Configuration for Firebase Cloud Messaging (FCM) settings.
    Provider string
    Provider to use, one of direct, guardian, sns.
    Enabled bool
    Indicates whether Push MFA is enabled.
    AmazonSns GuardianPushAmazonSns
    Configuration for Amazon SNS.
    CustomApp GuardianPushCustomApp
    Configuration for the Guardian Custom App.
    DirectApns GuardianPushDirectApns
    Configuration for the Apple Push Notification service (APNs) settings.
    DirectFcm GuardianPushDirectFcm
    Configuration for Firebase Cloud Messaging (FCM) settings.
    Provider string
    Provider to use, one of direct, guardian, sns.
    enabled Boolean
    Indicates whether Push MFA is enabled.
    amazonSns GuardianPushAmazonSns
    Configuration for Amazon SNS.
    customApp GuardianPushCustomApp
    Configuration for the Guardian Custom App.
    directApns GuardianPushDirectApns
    Configuration for the Apple Push Notification service (APNs) settings.
    directFcm GuardianPushDirectFcm
    Configuration for Firebase Cloud Messaging (FCM) settings.
    provider String
    Provider to use, one of direct, guardian, sns.
    enabled boolean
    Indicates whether Push MFA is enabled.
    amazonSns GuardianPushAmazonSns
    Configuration for Amazon SNS.
    customApp GuardianPushCustomApp
    Configuration for the Guardian Custom App.
    directApns GuardianPushDirectApns
    Configuration for the Apple Push Notification service (APNs) settings.
    directFcm GuardianPushDirectFcm
    Configuration for Firebase Cloud Messaging (FCM) settings.
    provider string
    Provider to use, one of direct, guardian, sns.
    enabled bool
    Indicates whether Push MFA is enabled.
    amazon_sns GuardianPushAmazonSns
    Configuration for Amazon SNS.
    custom_app GuardianPushCustomApp
    Configuration for the Guardian Custom App.
    direct_apns GuardianPushDirectApns
    Configuration for the Apple Push Notification service (APNs) settings.
    direct_fcm GuardianPushDirectFcm
    Configuration for Firebase Cloud Messaging (FCM) settings.
    provider str
    Provider to use, one of direct, guardian, sns.
    enabled Boolean
    Indicates whether Push MFA is enabled.
    amazonSns Property Map
    Configuration for Amazon SNS.
    customApp Property Map
    Configuration for the Guardian Custom App.
    directApns Property Map
    Configuration for the Apple Push Notification service (APNs) settings.
    directFcm Property Map
    Configuration for Firebase Cloud Messaging (FCM) settings.
    provider String
    Provider to use, one of direct, guardian, sns.

    GuardianPushAmazonSns, GuardianPushAmazonSnsArgs

    AwsAccessKeyId string
    Your AWS Access Key ID.
    AwsRegion string
    Your AWS application's region.
    AwsSecretAccessKey string
    Your AWS Secret Access Key.
    SnsApnsPlatformApplicationArn string
    The Amazon Resource Name for your Apple Push Notification Service.
    SnsGcmPlatformApplicationArn string
    The Amazon Resource Name for your Firebase Cloud Messaging Service.
    AwsAccessKeyId string
    Your AWS Access Key ID.
    AwsRegion string
    Your AWS application's region.
    AwsSecretAccessKey string
    Your AWS Secret Access Key.
    SnsApnsPlatformApplicationArn string
    The Amazon Resource Name for your Apple Push Notification Service.
    SnsGcmPlatformApplicationArn string
    The Amazon Resource Name for your Firebase Cloud Messaging Service.
    awsAccessKeyId String
    Your AWS Access Key ID.
    awsRegion String
    Your AWS application's region.
    awsSecretAccessKey String
    Your AWS Secret Access Key.
    snsApnsPlatformApplicationArn String
    The Amazon Resource Name for your Apple Push Notification Service.
    snsGcmPlatformApplicationArn String
    The Amazon Resource Name for your Firebase Cloud Messaging Service.
    awsAccessKeyId string
    Your AWS Access Key ID.
    awsRegion string
    Your AWS application's region.
    awsSecretAccessKey string
    Your AWS Secret Access Key.
    snsApnsPlatformApplicationArn string
    The Amazon Resource Name for your Apple Push Notification Service.
    snsGcmPlatformApplicationArn string
    The Amazon Resource Name for your Firebase Cloud Messaging Service.
    aws_access_key_id str
    Your AWS Access Key ID.
    aws_region str
    Your AWS application's region.
    aws_secret_access_key str
    Your AWS Secret Access Key.
    sns_apns_platform_application_arn str
    The Amazon Resource Name for your Apple Push Notification Service.
    sns_gcm_platform_application_arn str
    The Amazon Resource Name for your Firebase Cloud Messaging Service.
    awsAccessKeyId String
    Your AWS Access Key ID.
    awsRegion String
    Your AWS application's region.
    awsSecretAccessKey String
    Your AWS Secret Access Key.
    snsApnsPlatformApplicationArn String
    The Amazon Resource Name for your Apple Push Notification Service.
    snsGcmPlatformApplicationArn String
    The Amazon Resource Name for your Firebase Cloud Messaging Service.

    GuardianPushCustomApp, GuardianPushCustomAppArgs

    AppName string
    Custom Application Name.
    AppleAppLink string
    Apple App Store URL. Must be HTTPS or an empty string.
    GoogleAppLink string
    Google Store URL. Must be HTTPS or an empty string.
    AppName string
    Custom Application Name.
    AppleAppLink string
    Apple App Store URL. Must be HTTPS or an empty string.
    GoogleAppLink string
    Google Store URL. Must be HTTPS or an empty string.
    appName String
    Custom Application Name.
    appleAppLink String
    Apple App Store URL. Must be HTTPS or an empty string.
    googleAppLink String
    Google Store URL. Must be HTTPS or an empty string.
    appName string
    Custom Application Name.
    appleAppLink string
    Apple App Store URL. Must be HTTPS or an empty string.
    googleAppLink string
    Google Store URL. Must be HTTPS or an empty string.
    app_name str
    Custom Application Name.
    apple_app_link str
    Apple App Store URL. Must be HTTPS or an empty string.
    google_app_link str
    Google Store URL. Must be HTTPS or an empty string.
    appName String
    Custom Application Name.
    appleAppLink String
    Apple App Store URL. Must be HTTPS or an empty string.
    googleAppLink String
    Google Store URL. Must be HTTPS or an empty string.

    GuardianPushDirectApns, GuardianPushDirectApnsArgs

    BundleId string
    The Apple Push Notification service Bundle ID.
    P12 string
    The base64 encoded certificate in P12 format.
    Sandbox bool
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    Enabled bool
    Indicates whether the Apple Push Notification service is enabled.
    BundleId string
    The Apple Push Notification service Bundle ID.
    P12 string
    The base64 encoded certificate in P12 format.
    Sandbox bool
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    Enabled bool
    Indicates whether the Apple Push Notification service is enabled.
    bundleId String
    The Apple Push Notification service Bundle ID.
    p12 String
    The base64 encoded certificate in P12 format.
    sandbox Boolean
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    enabled Boolean
    Indicates whether the Apple Push Notification service is enabled.
    bundleId string
    The Apple Push Notification service Bundle ID.
    p12 string
    The base64 encoded certificate in P12 format.
    sandbox boolean
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    enabled boolean
    Indicates whether the Apple Push Notification service is enabled.
    bundle_id str
    The Apple Push Notification service Bundle ID.
    p12 str
    The base64 encoded certificate in P12 format.
    sandbox bool
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    enabled bool
    Indicates whether the Apple Push Notification service is enabled.
    bundleId String
    The Apple Push Notification service Bundle ID.
    p12 String
    The base64 encoded certificate in P12 format.
    sandbox Boolean
    Set to true to use the sandbox iOS app environment, otherwise set to false to use the production iOS app environment.
    enabled Boolean
    Indicates whether the Apple Push Notification service is enabled.

    GuardianPushDirectFcm, GuardianPushDirectFcmArgs

    ServerKey string
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.
    ServerKey string
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.
    serverKey String
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.
    serverKey string
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.
    server_key str
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.
    serverKey String
    The Firebase Cloud Messaging Server Key. For security purposes, we don’t retrieve your existing FCM server key to check for drift.

    GuardianWebauthnPlatform, GuardianWebauthnPlatformArgs

    Enabled bool
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    OverrideRelyingParty bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    RelyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    Enabled bool
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    OverrideRelyingParty bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    RelyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    enabled Boolean
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    overrideRelyingParty Boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier String
    The Relying Party should be a suffix of the custom domain.
    enabled boolean
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    overrideRelyingParty boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    enabled bool
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    override_relying_party bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relying_party_identifier str
    The Relying Party should be a suffix of the custom domain.
    enabled Boolean
    Indicates whether WebAuthn with FIDO Device Biometrics MFA is enabled.
    overrideRelyingParty Boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier String
    The Relying Party should be a suffix of the custom domain.

    GuardianWebauthnRoaming, GuardianWebauthnRoamingArgs

    Enabled bool
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    OverrideRelyingParty bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    RelyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    UserVerification string
    User verification, one of discouraged, preferred or required.
    Enabled bool
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    OverrideRelyingParty bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    RelyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    UserVerification string
    User verification, one of discouraged, preferred or required.
    enabled Boolean
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    overrideRelyingParty Boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier String
    The Relying Party should be a suffix of the custom domain.
    userVerification String
    User verification, one of discouraged, preferred or required.
    enabled boolean
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    overrideRelyingParty boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier string
    The Relying Party should be a suffix of the custom domain.
    userVerification string
    User verification, one of discouraged, preferred or required.
    enabled bool
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    override_relying_party bool
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relying_party_identifier str
    The Relying Party should be a suffix of the custom domain.
    user_verification str
    User verification, one of discouraged, preferred or required.
    enabled Boolean
    Indicates whether WebAuthn with FIDO Security Keys MFA is enabled.
    overrideRelyingParty Boolean
    The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier.
    relyingPartyIdentifier String
    The Relying Party should be a suffix of the custom domain.
    userVerification String
    User verification, one of discouraged, preferred or required.

    Import

    As this is not a resource identifiable by an ID within the Auth0 Management API,

    guardian can be imported using a random string.

    We recommend Version 4 UUID

    Example:

    $ pulumi import auth0:index/guardian:Guardian my_guardian "24940d4b-4bd4-44e7-894e-f92e4de36a40"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Auth0 pulumi/pulumi-auth0
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the auth0 Terraform Provider.
    auth0 logo
    Auth0 v3.8.2 published on Friday, Nov 1, 2024 by Pulumi