Password Protection
Compliance Measures Shared Responsibility Firewall Access Control SAML SSO HTTPS/SSL Directory Sync Secure Backend Access Deployment Protection Methods to Protect Deployments Epycbyte Authentication Password Protection Trusted IPs Methods to Bypass Deployment Protection Deployment Retention Audit Logs Protected Git Scopes Security Deployment Protection Methods to Protect Deployments Password Protection How-to Password Protection
Learn how to protect your deployments with a password.
Table of Contents
Password Protection
Password Protection is available on Enterprise plans or with the Advanced Deployment Protection add-on for Pro plans.
Those with the owner, member, and admin roles can manage Password Protection.
With Password Protection enabled, visitors to your deployment must enter the pre-defined password to gain access. You can set the desired password from your project settings when enabling the feature, and update it any time.
How it works
Deployment protected with Password Protection authentication screen.
Security considerations
The table below outlines key considerations and security implications when using Password Protection for your deployments on Epycbyte.
| Consideration | Description |
|---|---|
| Environment Configuration | Can be enabled for different environments. See Understanding Deployment Protection by environment |
| Compatibility | Compatible with Epycbyte Authentication and Trusted IPs Bypass Methods |
| Password Persistence | Users only need to enter the password once per deployment, or when the password changes, due to cookie set by the feature being invalidated on password change |
| Password Changes | Users must re-enter a new password if you change the existing one |
| Disabling Protection | All existing deployments become unprotected if you disable the feature |
| Token Scope | JWT tokens set as cookies are valid only for the URL they were set for and can't be reused for different URLs, even if those URLs point to the same deployment |
Managing Password Protection
You can manage Password Protection through the dashboard, API, or Terraform:
Using the Dashboard
- Go to Project Deployment Protection Settings
- Select the project that you wish to enable Password Protection for
- Go to Settings then Deployment Protection
- Manage Password Protection
- From the Password Protection section:
- Use the toggle to enable the feature
- Select the deployment environment you want to protect
- Enter a password of your choice
- Finally, select Save
All your existing and future deployments will be protected with a password for the project.
Next time when you access a deployment, you will be asked to log in by entering the password, which takes you to the deployment. A cookie will then be set in your browser for the deployment URL so you don't need to enter the password every time.
Using the API
You can manage Password Protection using the Epycbyte API endpoint to update an existing project with the following body:
deploymentType: prod_deployment_urls_and_all_previews
urls_and_all_previews: Standard
all: All Deployments
preview: Only Preview Deployments
password: <password> // enable / update password protection
To disable password protection, use the following body:
{
"passwordProtection": null
}
Using Terraform
You can configure Password Protection using password_protection in the epycbyte_project data source in the Epycbyte Terraform Provider.