Auth0 v3.4.0, Jun 19 24

Auth0 v3.4.0 published on Wednesday, Jun 19, 2024 by Pulumi

auth0.getAttackProtection

Explore with Pulumi AI

Auth0 v3.4.0 published on Wednesday, Jun 19, 2024 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";

const myProtection = auth0.getAttackProtection({});

import pulumi
import pulumi_auth0 as auth0

my_protection = auth0.get_attack_protection()

package main

import (
	"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth0.LookupAttackProtection(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Auth0 = Pulumi.Auth0;

return await Deployment.RunAsync(() => 
{
    var myProtection = Auth0.GetAttackProtection.Invoke();

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Auth0Functions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var myProtection = Auth0Functions.getAttackProtection();

    }
}

variables:
  myProtection:
    fn::invoke:
      Function: auth0:getAttackProtection
      Arguments: {}

Using getAttackProtection

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAttackProtection(opts?: InvokeOptions): Promise<GetAttackProtectionResult>
function getAttackProtectionOutput(opts?: InvokeOptions): Output<GetAttackProtectionResult>

def get_attack_protection(opts: Optional[InvokeOptions] = None) -> GetAttackProtectionResult
def get_attack_protection_output(opts: Optional[InvokeOptions] = None) -> Output[GetAttackProtectionResult]

func LookupAttackProtection(ctx *Context, opts ...InvokeOption) (*LookupAttackProtectionResult, error)
func LookupAttackProtectionOutput(ctx *Context, opts ...InvokeOption) LookupAttackProtectionResultOutput

> Note: This function is named LookupAttackProtection in the Go SDK.

public static class GetAttackProtection 
{
    public static Task<GetAttackProtectionResult> InvokeAsync(InvokeOptions? opts = null)
    public static Output<GetAttackProtectionResult> Invoke(InvokeOptions? opts = null)
}

public static CompletableFuture<GetAttackProtectionResult> getAttackProtection(InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: auth0:index/getAttackProtection:getAttackProtection
  arguments:
    # arguments dictionary

getAttackProtection Result

The following output properties are available:

BreachedPasswordDetections List<GetAttackProtectionBreachedPasswordDetection>: Breached password detection protects your applications from bad actors logging in with stolen credentials.
BruteForceProtections List<GetAttackProtectionBruteForceProtection>: Brute-force protection safeguards against a single IP address attacking a single user account.
Id string: The provider-assigned unique ID for this managed resource.
SuspiciousIpThrottlings List<GetAttackProtectionSuspiciousIpThrottling>: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

BreachedPasswordDetections []GetAttackProtectionBreachedPasswordDetection: Breached password detection protects your applications from bad actors logging in with stolen credentials.
BruteForceProtections []GetAttackProtectionBruteForceProtection: Brute-force protection safeguards against a single IP address attacking a single user account.
Id string: The provider-assigned unique ID for this managed resource.
SuspiciousIpThrottlings []GetAttackProtectionSuspiciousIpThrottling: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetections List<GetAttackProtectionBreachedPasswordDetection>: Breached password detection protects your applications from bad actors logging in with stolen credentials.
bruteForceProtections List<GetAttackProtectionBruteForceProtection>: Brute-force protection safeguards against a single IP address attacking a single user account.
id String: The provider-assigned unique ID for this managed resource.
suspiciousIpThrottlings List<GetAttackProtectionSuspiciousIpThrottling>: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetections GetAttackProtectionBreachedPasswordDetection[]: Breached password detection protects your applications from bad actors logging in with stolen credentials.
bruteForceProtections GetAttackProtectionBruteForceProtection[]: Brute-force protection safeguards against a single IP address attacking a single user account.
id string: The provider-assigned unique ID for this managed resource.
suspiciousIpThrottlings GetAttackProtectionSuspiciousIpThrottling[]: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breached_password_detections Sequence[GetAttackProtectionBreachedPasswordDetection]: Breached password detection protects your applications from bad actors logging in with stolen credentials.
brute_force_protections Sequence[GetAttackProtectionBruteForceProtection]: Brute-force protection safeguards against a single IP address attacking a single user account.
id str: The provider-assigned unique ID for this managed resource.
suspicious_ip_throttlings Sequence[GetAttackProtectionSuspiciousIpThrottling]: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

breachedPasswordDetections List<Property Map>: Breached password detection protects your applications from bad actors logging in with stolen credentials.
bruteForceProtections List<Property Map>: Brute-force protection safeguards against a single IP address attacking a single user account.
id String: The provider-assigned unique ID for this managed resource.
suspiciousIpThrottlings List<Property Map>: Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups.

Supporting Types

GetAttackProtectionBreachedPasswordDetection

AdminNotificationFrequencies List<string>: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
Enabled bool: Whether breached password detection is active.
Method string: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
PreUserRegistrations List<GetAttackProtectionBreachedPasswordDetectionPreUserRegistration>: Configuration options that apply before every user registration attempt. Only available on public tenants.
Shields List<string>: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

AdminNotificationFrequencies []string: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
Enabled bool: Whether breached password detection is active.
Method string: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
PreUserRegistrations []GetAttackProtectionBreachedPasswordDetectionPreUserRegistration: Configuration options that apply before every user registration attempt. Only available on public tenants.
Shields []string: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

adminNotificationFrequencies List<String>: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
enabled Boolean: Whether breached password detection is active.
method String: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
preUserRegistrations List<GetAttackProtectionBreachedPasswordDetectionPreUserRegistration>: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields List<String>: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

adminNotificationFrequencies string[]: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
enabled boolean: Whether breached password detection is active.
method string: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
preUserRegistrations GetAttackProtectionBreachedPasswordDetectionPreUserRegistration[]: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields string[]: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

admin_notification_frequencies Sequence[str]: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
enabled bool: Whether breached password detection is active.
method str: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
pre_user_registrations Sequence[GetAttackProtectionBreachedPasswordDetectionPreUserRegistration]: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields Sequence[str]: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

adminNotificationFrequencies List<String>: When admin_notification is enabled within the shields property, determines how often email notifications are sent. Possible values: immediately, daily, weekly, monthly.
enabled Boolean: Whether breached password detection is active.
method String: The subscription level for breached password detection methods. Use "enhanced" to enable Credential Guard. Possible values: standard, enhanced.
preUserRegistrations List<Property Map>: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields List<String>: Action to take when a breached password is detected. Options include: block (block compromised user accounts), user_notification (send an email to user when we detect that they are using compromised credentials) and admin_notification (send an email with a summary of the number of accounts logging in with compromised credentials).

GetAttackProtectionBreachedPasswordDetectionPreUserRegistration

Shields List<string>: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

Shields []string: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

shields List<String>: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

shields string[]: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

shields Sequence[str]: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

shields List<String>: Action to take when a breached password is detected during a signup. Possible values: block (block compromised credentials for new accounts), admin_notification (send an email notification with a summary of compromised credentials in new accounts).

GetAttackProtectionBruteForceProtection

Allowlists List<string>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
Enabled bool: Whether brute force attack protections are active.
MaxAttempts int: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
Mode string: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
Shields List<string>: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

Allowlists []string: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
Enabled bool: Whether brute force attack protections are active.
MaxAttempts int: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
Mode string: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
Shields []string: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

allowlists List<String>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled Boolean: Whether brute force attack protections are active.
maxAttempts Integer: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
mode String: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
shields List<String>: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

allowlists string[]: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled boolean: Whether brute force attack protections are active.
maxAttempts number: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
mode string: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
shields string[]: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

allowlists Sequence[str]: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled bool: Whether brute force attack protections are active.
max_attempts int: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
mode str: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
shields Sequence[str]: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

allowlists List<String>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled Boolean: Whether brute force attack protections are active.
maxAttempts Number: Maximum number of consecutive failed login attempts from a single user before blocking is triggered. Only available on public tenants.
mode String: Determines whether the IP address is used when counting failed attempts. Possible values: count_per_identifier_and_ip (lockout an account from a given IP Address) or count_per_identifier (lockout an account regardless of IP Address).
shields List<String>: Action to take when a brute force protection threshold is violated. Possible values: block (block login attempts for a flagged user account), user_notification (send an email to user when their account has been blocked).

GetAttackProtectionSuspiciousIpThrottling

Allowlists List<string>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
Enabled bool: Whether suspicious IP throttling attack protections are active.
PreLogins List<GetAttackProtectionSuspiciousIpThrottlingPreLogin>: Configuration options that apply before every login attempt. Only available on public tenants.
PreUserRegistrations List<GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration>: Configuration options that apply before every user registration attempt. Only available on public tenants.
Shields List<string>: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

Allowlists []string: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
Enabled bool: Whether suspicious IP throttling attack protections are active.
PreLogins []GetAttackProtectionSuspiciousIpThrottlingPreLogin: Configuration options that apply before every login attempt. Only available on public tenants.
PreUserRegistrations []GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration: Configuration options that apply before every user registration attempt. Only available on public tenants.
Shields []string: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

allowlists List<String>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled Boolean: Whether suspicious IP throttling attack protections are active.
preLogins List<GetAttackProtectionSuspiciousIpThrottlingPreLogin>: Configuration options that apply before every login attempt. Only available on public tenants.
preUserRegistrations List<GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration>: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields List<String>: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

allowlists string[]: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled boolean: Whether suspicious IP throttling attack protections are active.
preLogins GetAttackProtectionSuspiciousIpThrottlingPreLogin[]: Configuration options that apply before every login attempt. Only available on public tenants.
preUserRegistrations GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration[]: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields string[]: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

allowlists Sequence[str]: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled bool: Whether suspicious IP throttling attack protections are active.
pre_logins Sequence[GetAttackProtectionSuspiciousIpThrottlingPreLogin]: Configuration options that apply before every login attempt. Only available on public tenants.
pre_user_registrations Sequence[GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration]: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields Sequence[str]: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

allowlists List<String>: List of trusted IP addresses that will not have attack protection enforced against them. This field allows you to specify multiple IP addresses, or ranges. You can use IPv4 or IPv6 addresses and CIDR notation.
enabled Boolean: Whether suspicious IP throttling attack protections are active.
preLogins List<Property Map>: Configuration options that apply before every login attempt. Only available on public tenants.
preUserRegistrations List<Property Map>: Configuration options that apply before every user registration attempt. Only available on public tenants.
shields List<String>: Action to take when a suspicious IP throttling threshold is violated. Possible values: block (throttle traffic from an IP address when there is a high number of login attempts targeting too many different accounts), admin_notification (send an email notification when traffic is throttled on one or more IP addresses due to high-velocity traffic).

GetAttackProtectionSuspiciousIpThrottlingPreLogin

MaxAttempts int: The maximum number of failed login attempts allowed from a single IP address.
Rate int: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

MaxAttempts int: The maximum number of failed login attempts allowed from a single IP address.
Rate int: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

maxAttempts Integer: The maximum number of failed login attempts allowed from a single IP address.
rate Integer: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

maxAttempts number: The maximum number of failed login attempts allowed from a single IP address.
rate number: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

max_attempts int: The maximum number of failed login attempts allowed from a single IP address.
rate int: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

maxAttempts Number: The maximum number of failed login attempts allowed from a single IP address.
rate Number: Interval of time, given in milliseconds at which new login tokens will become available after they have been used by an IP address. Each login attempt will be added on the defined throttling rate.

GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration

MaxAttempts int: The maximum number of sign up attempts allowed from a single IP address.
Rate int: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

MaxAttempts int: The maximum number of sign up attempts allowed from a single IP address.
Rate int: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

maxAttempts Integer: The maximum number of sign up attempts allowed from a single IP address.
rate Integer: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

maxAttempts number: The maximum number of sign up attempts allowed from a single IP address.
rate number: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

max_attempts int: The maximum number of sign up attempts allowed from a single IP address.
rate int: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

maxAttempts Number: The maximum number of sign up attempts allowed from a single IP address.
rate Number: Interval of time, given in milliseconds at which new sign up tokens will become available after they have been used by an IP address. Each sign up attempt will be added on the defined throttling rate.

Package Details

Repository: Auth0 pulumi/pulumi-auth0
License: Apache-2.0
Notes: This Pulumi package is based on the auth0 Terraform Provider.

Auth0 v3.4.0 published on Wednesday, Jun 19, 2024 by Pulumi

pulumi/pulumi-auth0

auth0.getAttackProtection

On this page

On this page

Example Usage

Using getAttackProtection

getAttackProtection Result

Supporting Types

GetAttackProtectionBreachedPasswordDetection

GetAttackProtectionBreachedPasswordDetectionPreUserRegistration

GetAttackProtectionBruteForceProtection

GetAttackProtectionSuspiciousIpThrottling

GetAttackProtectionSuspiciousIpThrottlingPreLogin

GetAttackProtectionSuspiciousIpThrottlingPreUserRegistration

Package Details

On this page

On this page