import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * Multi-Factor Authentication works by requiring additional factors during the login process to prevent unauthorized access. With this resource you can configure some options available for MFA. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as auth0 from "@pulumi/auth0"; * * const myGuardian = new auth0.Guardian("my_guardian", { * policy: "all-applications", * email: true, * otp: true, * recoveryCode: true, * webauthnPlatform: { * enabled: true, * }, * webauthnRoaming: { * enabled: true, * userVerification: "required", * }, * phone: { * enabled: true, * provider: "auth0", * messageTypes: [ * "sms", * "voice", * ], * options: { * enrollmentMessage: "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment.", * verificationMessage: "{{code}} is your verification code for {{tenant.friendly_name}}.", * }, * }, * push: { * enabled: true, * provider: "sns", * amazonSns: { * awsAccessKeyId: "test1", * awsRegion: "us-west-1", * awsSecretAccessKey: "secretKey", * snsApnsPlatformApplicationArn: "test_arn", * snsGcmPlatformApplicationArn: "test_arn", * }, * customApp: { * appName: "CustomApp", * appleAppLink: "https://itunes.apple.com/us/app/my-app/id123121", * googleAppLink: "https://play.google.com/store/apps/details?id=com.my.app", * }, * }, * duo: { * enabled: true, * integrationKey: "someKey", * secretKey: "someSecret", * hostname: "api-hostname", * }, * }); * ``` * * ## Import * * As this is not a resource identifiable by an ID within the Auth0 Management API, * * guardian can be imported using a random string. * * We recommend [Version 4 UUID](https://www.uuidgenerator.net/version4) * * Example: * * ```sh * $ pulumi import auth0:index/guardian:Guardian my_guardian "24940d4b-4bd4-44e7-894e-f92e4de36a40" * ``` */ export declare class Guardian extends pulumi.CustomResource { /** * Get an existing Guardian resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: GuardianState, opts?: pulumi.CustomResourceOptions): Guardian; /** * Returns true if the given object is an instance of Guardian. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Guardian; /** * Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise. */ readonly duo: pulumi.Output; /** * Indicates whether email MFA is enabled. */ readonly email: pulumi.Output; /** * Indicates whether one time password MFA is enabled. */ readonly otp: pulumi.Output; /** * Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise. */ readonly phone: pulumi.Output; /** * Policy to use. Available options are `never`, `all-applications` and `confidence-score`. */ readonly policy: pulumi.Output; /** * Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise. */ readonly push: pulumi.Output; /** * Indicates whether recovery code MFA is enabled. */ readonly recoveryCode: pulumi.Output; /** * Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise. */ readonly webauthnPlatform: pulumi.Output; /** * Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise. */ readonly webauthnRoaming: pulumi.Output; /** * Create a Guardian resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: GuardianArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Guardian resources. */ export interface GuardianState { /** * Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise. */ duo?: pulumi.Input; /** * Indicates whether email MFA is enabled. */ email?: pulumi.Input; /** * Indicates whether one time password MFA is enabled. */ otp?: pulumi.Input; /** * Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise. */ phone?: pulumi.Input; /** * Policy to use. Available options are `never`, `all-applications` and `confidence-score`. */ policy?: pulumi.Input; /** * Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise. */ push?: pulumi.Input; /** * Indicates whether recovery code MFA is enabled. */ recoveryCode?: pulumi.Input; /** * Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise. */ webauthnPlatform?: pulumi.Input; /** * Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise. */ webauthnRoaming?: pulumi.Input; } /** * The set of arguments for constructing a Guardian resource. */ export interface GuardianArgs { /** * Configuration settings for the Duo MFA. If this block is present, Duo MFA will be enabled, and disabled otherwise. */ duo?: pulumi.Input; /** * Indicates whether email MFA is enabled. */ email?: pulumi.Input; /** * Indicates whether one time password MFA is enabled. */ otp?: pulumi.Input; /** * Configuration settings for the phone MFA. If this block is present, Phone MFA will be enabled, and disabled otherwise. */ phone?: pulumi.Input; /** * Policy to use. Available options are `never`, `all-applications` and `confidence-score`. */ policy: pulumi.Input; /** * Configuration settings for the Push MFA. If this block is present, Push MFA will be enabled, and disabled otherwise. */ push?: pulumi.Input; /** * Indicates whether recovery code MFA is enabled. */ recoveryCode?: pulumi.Input; /** * Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. If this block is present, WebAuthn with FIDO Device Biometrics MFA will be enabled, and disabled otherwise. */ webauthnPlatform?: pulumi.Input; /** * Configuration settings for the WebAuthn with FIDO Security Keys MFA. If this block is present, WebAuthn with FIDO Security Keys MFA will be enabled, and disabled otherwise. */ webauthnRoaming?: pulumi.Input; }