Protected operations

akamai_apr_protected_operations

📘

Hello. Just a note to let you know the underlying API on which this data source is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.

This status just means we've paused for a bit to get your feedback to make sure this data source works like you need and expect.

Get a list of and details about your protected API operations.

data "akamai_apr_protected_operations" "my_protected_operations" {
  config_id          = 12345
  security_policy_id = "abcd_123456"
  operation_id       = "12a3bc4d-5678-9ef0-g12h-3i4jklm5no67"
}

output "my_protected_operations" {
  value = data.akamai_apr_protected_operations.my_protected_operations
}
my_protected_operations = {
  config_id          = 12345
  id                 = "12345:abcd_123456"
  json               = jsonencode(
    {
      metadata   = {
        configId         = 12345
        configVersion    = 1
        securityPolicyId = "abcd_123456"
      }
      operations = [
        {
          apiEndPointId          = 408126
          operationId            = "12a3bc4d-5678-9ef0-g12h-3i4jklm5no67"
          telemetryTypeStates    = {
            inline    = {
              ajaxSupportEnabled = false
              disabledAction     = "monitor"
              enabled            = false
            }
            nativeSdk = {
              ajaxSupportEnabled = false
              disabledAction     = "monitor"
              enabled            = false
            }
            standard  = {
              ajaxSupportEnabled = false
              disabledAction     = "monitor"
              enabled            = true
            }
          }
          traffic                = {
              inline   = {
                aggressive         = {
                  action = "monitor"
                }
                cautious           = {
                  action = "monitor"
                }
                overrideThresholds = false
                strict             = {
                  action = "monitor"
                }
              }
              standard = {
                aggressive         = {
                  action = "deny"
                }
                cautious           = {
                  action = "monitor"
                }
                overrideThresholds = false
                strict             = {
                  action = "monitor"
                }
              }
          }
        },
      ]
    }
  )
  operation_id       = null
  security_policy_id = "abcd_123456"
}

Arguments

Pass all required arguments to get information about your protected API operations. Provide an operation's ID to limit the return.

ArgumentRequiredDescription
config_id✔️Your security configuration's ID.
security_policy_id✔️Your security policy's ID.
operation_idAn API operation's ID.

Attributes

Returned to you are details about your protected operations.

Notes:

  • There is an id attribute returned. It is an ID for the run of the data source and is not needed downstream anywhere.
  • Due to the level of nesting, the information within the json attribute has been pulled out and placed in a subtable.
AttributeDescription
config_idYour security configuration's ID.
security_policy_idYour security policy's ID.
operation_idAn API operation's ID.
jsonDetails about your protected operations. Contains:
  • metadata. Data about your security configuration. Contains:
    • config_id. Your security configuration's ID.
    • config_version. The security configuration's version.
    • security_policy_id. Your security policy's ID.
  • operationsA list of your protected API operations. See Protected operation JSON for the schema.

Protected operations JSON

Your protected operations's details.

Parameter Description
apiEndPointId An endpoint's ID.
operationId An API operation's ID.
protectedOperationLink A GET endpoint to retrieve information about your protected operations.
telemetryTypeStates An object that contains the operation's types of telemetry, their enablement statuses, and their actions and thresholds. These telemetry types are available:
  • inline. Collects incoming inline telemetry traffic.
  • nativeSdk. Collects incoming SDK telemetry traffic.
  • standard. Collects incoming standard telemetry traffic.
For each telemetry type, you can set these attributes:
  • ajaxSupportEnabled. Whether to use AJAX for challenge actions.
  • enabled. Required. Whether to include inline telemetry.
  • disabledAction. Conditionally required. If enabled is false, provide an action to take on unexpected traffic. Possible actions are:
    • deny
    • monitor
    • tarpit
    • delay
    • slow
    • none
    • custom
traffic The types of traffic to take action upon. These types of traffic are available:
  • inline. Attaches user telemetry directly to the protected request without using a first-party cookie. If you set the threshold override to true, don't pass threshold.
  • nativeSdkAndroid. Attaches telemetry traffic directly from a native Android mobile application. If you set the threshold override to true, don't pass threshold.
  • nativeSdkIos. Attaches telemetry traffic directly from a native iOS mobile application. If you set the threshold override to true, don't pass threshold.
  • standard. Uses first-party cookies to associate and transmit user behavior data. If you set the threshold override to true, don't pass threshold.
For each traffic type, you can set these attributes:
  • aggressive. Aggressive response settings object. Contains:
    • threshold. The point at which to trigger the response action. Set to a default of90 with an available range of 2-100.
    • action. The action to take once the threshold is triggered. Possible actions are:
      • deny
      • monitor
      • tarpit
      • delay
      • slow
      • none
      • custom
    • overrideThresholds. Whether to override threshold scores. Used when you want to customize actions on an endpoint.
  • cautious. Cautious response settings object Contains:
    • threshold. The point at which to trigger the response action with an available range of 0-98.
    • action. The action to take once the threshold is triggered. Possible actions are:
      • deny
      • monitor
      • tarpit
      • delay
      • slow
      • none
      • custom
    • overrideThresholds. Whether to override threshold scores. Used when you want to customize actions on an endpoint.
  • strict. Strict response settings object. Contains:
    • threshold The point at which to trigger the response action. Set to a default of 50. Available range is 1-99.
    • action. The action to take once the threshold is triggered. Possible actions are:
      • deny
      • monitor
      • tarpit
      • delay
      • slow
      • none
      • custom
    • overrideThresholds. Whether to override threshold scores. Used when you want to customize actions on an endpoint.