diff --git a/.changelog/2160.txt b/.changelog/2160.txt
new file mode 100644
index 0000000000..78ff348e7e
--- /dev/null
+++ b/.changelog/2160.txt
@@ -0,0 +1,15 @@
+```release-note:new-resource
+tencentcloud_waf_anti_fake
+```
+
+```release-note:new-resource
+tencentcloud_waf_anti_info_leak
+```
+
+```release-note:new-data-source
+tencentcloud_waf_instance_qps_limit
+```
+
+```release-note:enhancement
+resource/tencentcloud_waf_clb_domain: alb_type support apisix, tsegw
+```
\ No newline at end of file
diff --git a/go.mod b/go.mod
index 8020313d7f..fd0c77f890 100644
--- a/go.mod
+++ b/go.mod
@@ -100,7 +100,7 @@ require (
gopkg.in/yaml.v2 v2.4.0
)
-require github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.754
+require github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.759
require (
4d63.com/gocheckcompilerdirectives v1.2.1 // indirect
diff --git a/go.sum b/go.sum
index 980cd8c3e2..597a0a143f 100644
--- a/go.sum
+++ b/go.sum
@@ -974,6 +974,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.755 h1:3u79chv
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.755/go.mod h1:sOWUQj3GQHdkTqZc1b+mAFqWmhUv2Pg4EZoOjqDprzY=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.754 h1:QjRYFbhUfH4xlwJZf1dRiz8hhQxxbfGTm8F5zC0XYXk=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.754/go.mod h1:Xz3W12eATXJq8EULnYz8/7EY/w2GLCgCWb9Dw36SWKM=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.757 h1:0068GFkgwRJHzFRsS3pUhzqD96v0DkFusmBG8U5XvWc=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.757/go.mod h1:i906Da8ZhGtegDaZyFHTGbjnlzSI1f7hxGxC/eIBWtY=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.759 h1:elaQECRbdePWEJXh3EMRWUkd5GIu5C+u9HrQZRML/3A=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.759/go.mod h1:MDjcWvTd6A+6JFVbyw1jsLfq2tNDTkbiVKvgb7wb5uE=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.725 h1:ETqP+erlPnDK1zafCmyDYNkZLcY+dAG3143Ihk5vFHk=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.725/go.mod h1:YPB08jHrJ3GJJ09ZTEBLnMvI+lqQEtu17jJjyfq8+sU=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wss v1.0.199 h1:hMBLtiJPnZ9GvA677cTB6ELBR6B68wCR2QY1sNoGQc4=
diff --git a/tencentcloud/data_source_tc_waf_instance_qps_limit.go b/tencentcloud/data_source_tc_waf_instance_qps_limit.go
new file mode 100644
index 0000000000..facfe96eff
--- /dev/null
+++ b/tencentcloud/data_source_tc_waf_instance_qps_limit.go
@@ -0,0 +1,153 @@
+/*
+Use this data source to query detailed information of waf instance_qps_limit
+
+Example Usage
+
+```hcl
+data "tencentcloud_waf_instance_qps_limit" "example" {
+ instance_id = "waf_2kxtlbky00b3b4qz"
+}
+```
+*/
+package tencentcloud
+
+import (
+ "context"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ waf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func dataSourceTencentCloudWafInstanceQpsLimit() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceTencentCloudWafInstanceQpsLimitRead,
+ Schema: map[string]*schema.Schema{
+ "instance_id": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Unique ID of Instance.",
+ },
+ "type": {
+ Optional: true,
+ Type: schema.TypeString,
+ Description: "Instance type.",
+ },
+ "qps_data": {
+ Computed: true,
+ Type: schema.TypeList,
+ Description: "Qps info.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "elastic_billing_default": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Elastic qps default value.",
+ },
+ "elastic_billing_min": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Minimum elastic qps.",
+ },
+ "elastic_billing_max": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Maximum elastic qps.",
+ },
+ "qps_extend_max": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Maximum qps of extend package.",
+ },
+ "qps_extend_intl_max": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Maximum qps of extend package for overseas.",
+ },
+ },
+ },
+ },
+ "result_output_file": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Used to save results.",
+ },
+ },
+ }
+}
+
+func dataSourceTencentCloudWafInstanceQpsLimitRead(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("data_source.tencentcloud_waf_instance_qps_limit.read")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ ctx = context.WithValue(context.TODO(), logIdKey, logId)
+ service = WafService{client: meta.(*TencentCloudClient).apiV3Conn}
+ qpsData *waf.QpsData
+ instanceId string
+ )
+
+ paramMap := make(map[string]interface{})
+ if v, ok := d.GetOk("instance_id"); ok {
+ paramMap["InstanceId"] = helper.String(v.(string))
+ instanceId = v.(string)
+ }
+
+ if v, ok := d.GetOk("type"); ok {
+ paramMap["Type"] = helper.String(v.(string))
+ }
+
+ err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
+ result, e := service.DescribeWafInstanceQpsLimitByFilter(ctx, paramMap)
+ if e != nil {
+ return retryError(e)
+ }
+
+ qpsData = result
+ return nil
+ })
+
+ if err != nil {
+ return err
+ }
+
+ if qpsData != nil {
+ tmqList := []interface{}{}
+ qpsDataMap := map[string]interface{}{}
+
+ if qpsData.ElasticBillingDefault != nil {
+ qpsDataMap["elastic_billing_default"] = qpsData.ElasticBillingDefault
+ }
+
+ if qpsData.ElasticBillingMin != nil {
+ qpsDataMap["elastic_billing_min"] = qpsData.ElasticBillingMin
+ }
+
+ if qpsData.ElasticBillingMax != nil {
+ qpsDataMap["elastic_billing_max"] = qpsData.ElasticBillingMax
+ }
+
+ if qpsData.QPSExtendMax != nil {
+ qpsDataMap["qps_extend_max"] = qpsData.QPSExtendMax
+ }
+
+ if qpsData.QPSExtendIntlMax != nil {
+ qpsDataMap["qps_extend_intl_max"] = qpsData.QPSExtendIntlMax
+ }
+
+ tmqList = append(tmqList, qpsDataMap)
+ _ = d.Set("qps_data", tmqList)
+ }
+
+ d.SetId(instanceId)
+ output, ok := d.GetOk("result_output_file")
+ if ok && output.(string) != "" {
+ if e := writeToFile(output.(string), d); e != nil {
+ return e
+ }
+ }
+
+ return nil
+}
diff --git a/tencentcloud/data_source_tc_waf_instance_qps_limit_test.go b/tencentcloud/data_source_tc_waf_instance_qps_limit_test.go
new file mode 100644
index 0000000000..4fa32e01ba
--- /dev/null
+++ b/tencentcloud/data_source_tc_waf_instance_qps_limit_test.go
@@ -0,0 +1,32 @@
+package tencentcloud
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudWafInstanceQpsLimitDataSource_basic -v
+func TestAccTencentCloudWafInstanceQpsLimitDataSource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ testAccPreCheck(t)
+ },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccWafInstanceQpsLimitDataSource,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckTencentCloudDataSourceID("data.tencentcloud_waf_instance_qps_limit.example"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccWafInstanceQpsLimitDataSource = `
+data "tencentcloud_waf_instance_qps_limit" "example" {
+ instance_id = "waf_2kxtlbky00b3b4qz"
+}
+`
diff --git a/tencentcloud/extension_waf.go b/tencentcloud/extension_waf.go
index 1986fe0456..ded4a176f5 100644
--- a/tencentcloud/extension_waf.go
+++ b/tencentcloud/extension_waf.go
@@ -126,11 +126,15 @@ const (
)
const (
- ALB_TYPE_CLB = "clb"
+ ALB_TYPE_CLB = "clb"
+ ALB_TYPE_APISIX = "apisix"
+ ALB_TYPE_TSEGW = "tsegw"
)
var ALB_TYPES = []string{
ALB_TYPE_CLB,
+ ALB_TYPE_APISIX,
+ ALB_TYPE_TSEGW,
}
const (
@@ -592,3 +596,55 @@ var MetricNameList = []string{
var (
STATE_0 = 0
)
+
+const (
+ ANTI_FAKE_URL_STATUS_0 = 0
+ ANTI_FAKE_URL_STATUS_1 = 1
+ ANTI_FAKE_URL_STATUS_2 = 2
+ ANTI_FAKE_URL_STATUS_3 = 3
+)
+
+var ANTI_FAKE_URL_STATUS = []int{
+ ANTI_FAKE_URL_STATUS_0,
+ ANTI_FAKE_URL_STATUS_1,
+ ANTI_FAKE_URL_STATUS_2,
+ ANTI_FAKE_URL_STATUS_3,
+}
+
+const (
+ ANTI_INFO_LEAK_ACTION_TYPE_0 = 0
+ ANTI_INFO_LEAK_ACTION_TYPE_1 = 1
+ ANTI_INFO_LEAK_ACTION_TYPE_2 = 2
+ ANTI_INFO_LEAK_ACTION_TYPE_3 = 3
+ ANTI_INFO_LEAK_ACTION_TYPE_4 = 4
+)
+
+var ANTI_INFO_LEAK_ACTION_TYPE = []int{
+ ANTI_INFO_LEAK_ACTION_TYPE_0,
+ ANTI_INFO_LEAK_ACTION_TYPE_1,
+ ANTI_INFO_LEAK_ACTION_TYPE_2,
+ ANTI_INFO_LEAK_ACTION_TYPE_3,
+ ANTI_INFO_LEAK_ACTION_TYPE_4,
+}
+
+const (
+ STRATEGIES_FIELD_RETURNCODE = "returncode"
+ STRATEGIES_FIELD_KEYWORDS = "keywords"
+ STRATEGIES_FIELD_INFORMATION = "information"
+)
+
+var STRATEGIES_FIELD = []string{
+ STRATEGIES_FIELD_RETURNCODE,
+ STRATEGIES_FIELD_KEYWORDS,
+ STRATEGIES_FIELD_INFORMATION,
+}
+
+const (
+ ANTI_INFO_LEAK_RULE_STATUS_0 = 0
+ ANTI_INFO_LEAK_RULE_STATUS_1 = 1
+)
+
+var ANTI_INFO_LEAK_RULE_STATUS = []int{
+ ANTI_INFO_LEAK_RULE_STATUS_0,
+ ANTI_INFO_LEAK_RULE_STATUS_1,
+}
diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go
index 1949d4a36e..452b9b54e3 100644
--- a/tencentcloud/provider.go
+++ b/tencentcloud/provider.go
@@ -1676,6 +1676,7 @@ Waf
tencentcloud_waf_attack_overview
tencentcloud_waf_attack_total_count
tencentcloud_waf_peak_points
+ tencentcloud_waf_instance_qps_limit
Resource
tencentcloud_waf_custom_rule
@@ -1684,6 +1685,8 @@ Waf
tencentcloud_waf_saas_domain
tencentcloud_waf_clb_instance
tencentcloud_waf_saas_instance
+ tencentcloud_waf_anti_fake
+ tencentcloud_waf_anti_info_leak
*/
package tencentcloud
@@ -2344,6 +2347,7 @@ func Provider() *schema.Provider {
"tencentcloud_waf_attack_overview": dataSourceTencentCloudWafAttackOverview(),
"tencentcloud_waf_attack_total_count": dataSourceTencentCloudWafAttackTotalCount(),
"tencentcloud_waf_peak_points": dataSourceTencentCloudWafPeakPoints(),
+ "tencentcloud_waf_instance_qps_limit": dataSourceTencentCloudWafInstanceQpsLimit(),
"tencentcloud_ses_receivers": dataSourceTencentCloudSesReceivers(),
"tencentcloud_ses_send_tasks": dataSourceTencentCloudSesSendTasks(),
"tencentcloud_ses_email_identities": dataSourceTencentCloudSesEmailIdentities(),
@@ -3107,6 +3111,8 @@ func Provider() *schema.Provider {
"tencentcloud_waf_saas_domain": resourceTencentCloudWafSaasDomain(),
"tencentcloud_waf_clb_instance": resourceTencentCloudWafClbInstance(),
"tencentcloud_waf_saas_instance": resourceTencentCloudWafSaasInstance(),
+ "tencentcloud_waf_anti_fake": resourceTencentCloudWafAntiFake(),
+ "tencentcloud_waf_anti_info_leak": resourceTencentCloudWafAntiInfoLeak(),
},
ConfigureFunc: providerConfigure,
diff --git a/tencentcloud/resource_tc_waf_anti_fake.go b/tencentcloud/resource_tc_waf_anti_fake.go
new file mode 100644
index 0000000000..9157a9b300
--- /dev/null
+++ b/tencentcloud/resource_tc_waf_anti_fake.go
@@ -0,0 +1,317 @@
+/*
+Provides a resource to create a waf anti_fake
+
+~> **NOTE:** Uri: Please configure static resources such as. html,. shtml,. txt,. js,. css,. jpg,. png, or access paths for static resources..
+
+Example Usage
+
+```hcl
+resource "tencentcloud_waf_anti_fake" "example" {
+ domain = "www.waf.com"
+ name = "tf_example"
+ uri = "/anti_fake_url.html"
+ status = 1
+}
+```
+
+Import
+
+waf anti_fake can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_waf_anti_fake.example 3200035516#www.waf.com
+```
+*/
+package tencentcloud
+
+import (
+ "context"
+ "fmt"
+ "log"
+ "strconv"
+ "strings"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+ waf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudWafAntiFake() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceTencentCloudWafAntiFakeCreate,
+ Read: resourceTencentCloudWafAntiFakeRead,
+ Update: resourceTencentCloudWafAntiFakeUpdate,
+ Delete: resourceTencentCloudWafAntiFakeDelete,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+ Schema: map[string]*schema.Schema{
+ "domain": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Domain.",
+ },
+ "name": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Name.",
+ },
+ "uri": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Uri.",
+ },
+ "status": {
+ Optional: true,
+ Type: schema.TypeInt,
+ Default: ANTI_FAKE_URL_STATUS_1,
+ ValidateFunc: validateAllowedIntValue(ANTI_FAKE_URL_STATUS),
+ Description: "status. 0: Turn off rules and log switches, 1: Turn on the rule switch and Turn off the log switch; 2: Turn off the rule switch and turn on the log switch;3: Turn on the log switch.",
+ },
+ "rule_id": {
+ Computed: true,
+ Type: schema.TypeInt,
+ Description: "rule id.",
+ },
+ "protocol": {
+ Computed: true,
+ Type: schema.TypeString,
+ Description: "protocol.",
+ },
+ },
+ }
+}
+
+func resourceTencentCloudWafAntiFakeCreate(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_fake.create")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ request = waf.NewAddAntiFakeUrlRequest()
+ response = waf.NewAddAntiFakeUrlResponse()
+ id string
+ domain string
+ )
+
+ if v, ok := d.GetOk("domain"); ok {
+ request.Domain = helper.String(v.(string))
+ domain = v.(string)
+ }
+
+ if v, ok := d.GetOk("name"); ok {
+ request.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOk("uri"); ok {
+ request.Uri = helper.String(v.(string))
+ }
+
+ err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().AddAntiFakeUrl(request)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ response = result
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s create waf antiFake failed, reason:%+v", logId, err)
+ return err
+ }
+
+ id = *response.Response.Id
+ d.SetId(strings.Join([]string{id, domain}, FILED_SP))
+
+ // set status
+ if v, ok := d.GetOkExists("status"); ok {
+ status := v.(int)
+ if status != API_SAFE_STATUS_1 {
+ modifyAntiFakeUrlStatusRequest := waf.NewModifyAntiFakeUrlStatusRequest()
+ idUInt, _ := strconv.ParseUint(id, 10, 64)
+ modifyAntiFakeUrlStatusRequest.Ids = common.Uint64Ptrs([]uint64{idUInt})
+ modifyAntiFakeUrlStatusRequest.Domain = &domain
+ modifyAntiFakeUrlStatusRequest.Status = helper.IntUint64(v.(int))
+ err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiFakeUrlStatus(modifyAntiFakeUrlStatusRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiFakeUrlStatusRequest.GetAction(), modifyAntiFakeUrlStatusRequest.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiFake status failed, reason:%+v", logId, err)
+ return err
+ }
+ }
+ }
+
+ return resourceTencentCloudWafAntiFakeRead(d, meta)
+}
+
+func resourceTencentCloudWafAntiFakeRead(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_fake.read")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ ctx = context.WithValue(context.TODO(), logIdKey, logId)
+ service = WafService{client: meta.(*TencentCloudClient).apiV3Conn}
+ )
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ id := idSplit[0]
+ domain := idSplit[1]
+
+ antiFake, err := service.DescribeWafAntiFakeById(ctx, id, domain)
+ if err != nil {
+ return err
+ }
+
+ if antiFake == nil {
+ d.SetId("")
+ log.Printf("[WARN]%s resource `WafAntiFake` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+ return nil
+ }
+
+ if antiFake.Domain != nil {
+ _ = d.Set("domain", antiFake.Domain)
+ }
+
+ if antiFake.Name != nil {
+ _ = d.Set("name", antiFake.Name)
+ }
+
+ if antiFake.Uri != nil {
+ _ = d.Set("uri", antiFake.Uri)
+ }
+
+ if antiFake.Status != nil {
+ _ = d.Set("status", antiFake.Status)
+ }
+
+ if antiFake.Id != nil {
+ _ = d.Set("rule_id", antiFake.Id)
+ }
+
+ if antiFake.Protocol != nil {
+ _ = d.Set("protocol", antiFake.Protocol)
+ }
+
+ return nil
+}
+
+func resourceTencentCloudWafAntiFakeUpdate(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_fake.update")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ modifyAntiFakeUrlRequest = waf.NewModifyAntiFakeUrlRequest()
+ modifyAntiFakeUrlStatusRequest = waf.NewModifyAntiFakeUrlStatusRequest()
+ )
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ id := idSplit[0]
+ domain := idSplit[1]
+
+ immutableArgs := []string{"domain"}
+
+ for _, v := range immutableArgs {
+ if d.HasChange(v) {
+ return fmt.Errorf("argument `%s` cannot be changed", v)
+ }
+ }
+
+ idInt, _ := strconv.ParseInt(id, 10, 64)
+ modifyAntiFakeUrlRequest.Id = &idInt
+ modifyAntiFakeUrlRequest.Domain = &domain
+
+ if v, ok := d.GetOk("name"); ok {
+ modifyAntiFakeUrlRequest.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOk("uri"); ok {
+ modifyAntiFakeUrlRequest.Uri = helper.String(v.(string))
+ }
+
+ err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiFakeUrl(modifyAntiFakeUrlRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiFakeUrlRequest.GetAction(), modifyAntiFakeUrlRequest.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiFake failed, reason:%+v", logId, err)
+ return err
+ }
+
+ if d.HasChange("status") {
+ if v, ok := d.GetOkExists("status"); ok {
+ modifyAntiFakeUrlStatusRequest.Status = helper.IntUint64(v.(int))
+ }
+
+ idUInt, _ := strconv.ParseUint(id, 10, 64)
+ modifyAntiFakeUrlStatusRequest.Ids = common.Uint64Ptrs([]uint64{idUInt})
+ modifyAntiFakeUrlStatusRequest.Domain = &domain
+ err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiFakeUrlStatus(modifyAntiFakeUrlStatusRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiFakeUrlStatusRequest.GetAction(), modifyAntiFakeUrlStatusRequest.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiFake status failed, reason:%+v", logId, err)
+ return err
+ }
+ }
+
+ return resourceTencentCloudWafAntiFakeRead(d, meta)
+}
+
+func resourceTencentCloudWafAntiFakeDelete(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_fake.delete")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ ctx = context.WithValue(context.TODO(), logIdKey, logId)
+ service = WafService{client: meta.(*TencentCloudClient).apiV3Conn}
+ )
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ id := idSplit[0]
+ domain := idSplit[1]
+
+ if err := service.DeleteWafAntiFakeById(ctx, id, domain); err != nil {
+ return err
+ }
+
+ return nil
+}
diff --git a/tencentcloud/resource_tc_waf_anti_fake_test.go b/tencentcloud/resource_tc_waf_anti_fake_test.go
new file mode 100644
index 0000000000..f4f5927f2c
--- /dev/null
+++ b/tencentcloud/resource_tc_waf_anti_fake_test.go
@@ -0,0 +1,63 @@
+package tencentcloud
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudWafAntiFakeResource_basic -v
+func TestAccTencentCloudWafAntiFakeResource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ testAccPreCheck(t)
+ },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccWafAntiFake,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "id"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "domain"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "name"),
+ resource.TestCheckResourceAttr("tencentcloud_waf_anti_fake.example", "uri", "/anti_fake_url.html"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "status"),
+ ),
+ },
+ {
+ ResourceName: "tencentcloud_waf_anti_fake.example",
+ ImportState: true,
+ ImportStateVerify: true,
+ },
+ {
+ Config: testAccWafAntiFakeUpdate,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "id"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "domain"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "name"),
+ resource.TestCheckResourceAttr("tencentcloud_waf_anti_fake.example", "uri", "/anti_fake_url_update.html"),
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_fake.example", "status"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccWafAntiFake = `
+resource "tencentcloud_waf_anti_fake" "example" {
+ domain = "keep.qcloudwaf.com"
+ name = "tf_example"
+ uri = "/anti_fake_url.html"
+ status = 0
+}
+`
+
+const testAccWafAntiFakeUpdate = `
+resource "tencentcloud_waf_anti_fake" "example" {
+ domain = "keep.qcloudwaf.com"
+ name = "tf_example_update"
+ uri = "/anti_fake_url_update.html"
+ status = 3
+}
+`
diff --git a/tencentcloud/resource_tc_waf_anti_info_leak.go b/tencentcloud/resource_tc_waf_anti_info_leak.go
new file mode 100644
index 0000000000..a16c43611d
--- /dev/null
+++ b/tencentcloud/resource_tc_waf_anti_info_leak.go
@@ -0,0 +1,388 @@
+/*
+Provides a resource to create a waf anti_info_leak
+
+Example Usage
+
+```hcl
+resource "tencentcloud_waf_anti_info_leak" "example" {
+ domain = "tf.example.com"
+ name = "tf_example"
+ action_type = 0
+ strategies {
+ field = "information"
+ content = "phone"
+ }
+ uri = "/anti_info_leak_url"
+ status = 1
+}
+```
+
+Import
+
+waf anti_info_leak can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_waf_anti_info_leak.example 3100077499#tf.example.com
+```
+*/
+package tencentcloud
+
+import (
+ "context"
+ "fmt"
+ "log"
+ "strconv"
+ "strings"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ waf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudWafAntiInfoLeak() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceTencentCloudWafAntiInfoLeakCreate,
+ Read: resourceTencentCloudWafAntiInfoLeakRead,
+ Update: resourceTencentCloudWafAntiInfoLeakUpdate,
+ Delete: resourceTencentCloudWafAntiInfoLeakDelete,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+ Schema: map[string]*schema.Schema{
+ "domain": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Domain.",
+ },
+ "name": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Rule Name.",
+ },
+ "action_type": {
+ Required: true,
+ Type: schema.TypeInt,
+ ValidateFunc: validateAllowedIntValue(ANTI_INFO_LEAK_ACTION_TYPE),
+ Description: "Rule Action. 0: alarm; 1: replacement; 2: only displaying the first four digits; 3: only displaying the last four digits; 4: blocking.",
+ },
+ "strategies": {
+ Required: true,
+ Type: schema.TypeList,
+ Description: "Strategies detail.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "field": {
+ Type: schema.TypeString,
+ Required: true,
+ ValidateFunc: validateAllowedStringValue(STRATEGIES_FIELD),
+ Description: "Matching Fields. support: returncode, keywords, information.",
+ },
+ "content": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Matching Content. If field is returncode support: 400, 403, 404, 4xx, 500, 501, 502, 504, 5xx; If field is information support: idcard, phone, bankcard; If field is keywords users input matching content themselves.",
+ },
+ },
+ },
+ },
+ "uri": {
+ Required: true,
+ Type: schema.TypeString,
+ Description: "Uri.",
+ },
+ "status": {
+ Optional: true,
+ Type: schema.TypeInt,
+ Default: ANTI_INFO_LEAK_RULE_STATUS_1,
+ ValidateFunc: validateAllowedIntValue(ANTI_INFO_LEAK_RULE_STATUS),
+ Description: "status.",
+ },
+ },
+ }
+}
+
+func resourceTencentCloudWafAntiInfoLeakCreate(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_info_leak.create")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ request = waf.NewAddAntiInfoLeakRulesRequest()
+ response = waf.NewAddAntiInfoLeakRulesResponse()
+ ruleId string
+ domain string
+ )
+
+ if v, ok := d.GetOk("domain"); ok {
+ request.Domain = helper.String(v.(string))
+ domain = v.(string)
+ }
+
+ if v, ok := d.GetOk("name"); ok {
+ request.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOkExists("action_type"); ok {
+ request.ActionType = helper.IntUint64(v.(int))
+ }
+
+ if v, ok := d.GetOk("strategies"); ok {
+ for _, item := range v.([]interface{}) {
+ dMap := item.(map[string]interface{})
+ strategyForAntiInfoLeak := waf.StrategyForAntiInfoLeak{}
+ if v, ok := dMap["field"]; ok {
+ strategyForAntiInfoLeak.Field = helper.String(v.(string))
+ }
+
+ if v, ok := dMap["content"]; ok {
+ strategyForAntiInfoLeak.Content = helper.String(v.(string))
+ }
+
+ strategyForAntiInfoLeak.CompareFunc = helper.String("contains")
+ request.Strategies = append(request.Strategies, &strategyForAntiInfoLeak)
+ }
+ }
+
+ if v, ok := d.GetOk("uri"); ok {
+ request.Uri = helper.String(v.(string))
+ }
+
+ err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().AddAntiInfoLeakRules(request)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ response = result
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s create waf antiInfoLeak failed, reason:%+v", logId, err)
+ return err
+ }
+
+ ruleIdInt := *response.Response.RuleId
+ ruleId = strconv.FormatInt(ruleIdInt, 10)
+ d.SetId(strings.Join([]string{ruleId, domain}, FILED_SP))
+
+ // set status
+ if v, ok := d.GetOkExists("status"); ok {
+ status := v.(int)
+ if status != ANTI_INFO_LEAK_RULE_STATUS_1 {
+ modifyAntiInfoLeakRuleStatusRequest := waf.NewModifyAntiInfoLeakRuleStatusRequest()
+ idUInt, _ := strconv.ParseUint(ruleId, 10, 64)
+ modifyAntiInfoLeakRuleStatusRequest.Domain = &domain
+ modifyAntiInfoLeakRuleStatusRequest.RuleId = &idUInt
+ modifyAntiInfoLeakRuleStatusRequest.Status = helper.IntUint64(v.(int))
+ err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiInfoLeakRuleStatus(modifyAntiInfoLeakRuleStatusRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiInfoLeakRuleStatusRequest.GetAction(), modifyAntiInfoLeakRuleStatusRequest.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiInfoLeak status failed, reason:%+v", logId, err)
+ return err
+ }
+ }
+ }
+
+ return resourceTencentCloudWafAntiInfoLeakRead(d, meta)
+}
+
+func resourceTencentCloudWafAntiInfoLeakRead(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_info_leak.read")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ ctx = context.WithValue(context.TODO(), logIdKey, logId)
+ service = WafService{client: meta.(*TencentCloudClient).apiV3Conn}
+ )
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ ruleId := idSplit[0]
+ domain := idSplit[1]
+
+ antiInfoLeak, err := service.DescribeWafAntiInfoLeakById(ctx, ruleId, domain)
+ if err != nil {
+ return err
+ }
+
+ if antiInfoLeak == nil {
+ d.SetId("")
+ log.Printf("[WARN]%s resource `WafAntiInfoLeak` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+ return nil
+ }
+
+ _ = d.Set("domain", domain)
+
+ if antiInfoLeak.Name != nil {
+ _ = d.Set("name", antiInfoLeak.Name)
+ }
+
+ if antiInfoLeak.Action != nil {
+ actionInt, _ := strconv.Atoi(*antiInfoLeak.Action)
+ _ = d.Set("action_type", actionInt)
+ }
+
+ if antiInfoLeak.Strategies != nil {
+ strategiesList := []interface{}{}
+ for _, strategies := range antiInfoLeak.Strategies {
+ strategiesMap := map[string]interface{}{}
+
+ if strategies.Field != nil {
+ strategiesMap["field"] = strategies.Field
+ }
+
+ if strategies.Content != nil {
+ strategiesMap["content"] = strategies.Content
+ }
+
+ strategiesList = append(strategiesList, strategiesMap)
+ }
+
+ _ = d.Set("strategies", strategiesList)
+ }
+
+ if antiInfoLeak.Uri != nil {
+ _ = d.Set("uri", antiInfoLeak.Uri)
+ }
+
+ if antiInfoLeak.Status != nil {
+ _ = d.Set("status", antiInfoLeak.Status)
+ }
+
+ return nil
+}
+
+func resourceTencentCloudWafAntiInfoLeakUpdate(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_info_leak.update")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ modifyAntiInfoLeakRulesRequest = waf.NewModifyAntiInfoLeakRulesRequest()
+ modifyAntiInfoLeakRuleStatusRequest = waf.NewModifyAntiInfoLeakRuleStatusRequest()
+ )
+
+ immutableArgs := []string{"domain", "uri"}
+
+ for _, v := range immutableArgs {
+ if d.HasChange(v) {
+ return fmt.Errorf("argument `%s` cannot be changed", v)
+ }
+ }
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ ruleId := idSplit[0]
+ domain := idSplit[1]
+
+ ruleIdUInt, _ := strconv.ParseUint(ruleId, 10, 64)
+ modifyAntiInfoLeakRulesRequest.RuleId = &ruleIdUInt
+ modifyAntiInfoLeakRulesRequest.Domain = &domain
+
+ if v, ok := d.GetOk("name"); ok {
+ modifyAntiInfoLeakRulesRequest.Name = helper.String(v.(string))
+ }
+
+ if v, ok := d.GetOkExists("action_type"); ok {
+ modifyAntiInfoLeakRulesRequest.ActionType = helper.IntUint64(v.(int))
+ }
+
+ if v, ok := d.GetOk("strategies"); ok {
+ for _, item := range v.([]interface{}) {
+ dMap := item.(map[string]interface{})
+ strategyForAntiInfoLeak := waf.StrategyForAntiInfoLeak{}
+ if v, ok := dMap["field"]; ok {
+ strategyForAntiInfoLeak.Field = helper.String(v.(string))
+ }
+
+ if v, ok := dMap["content"]; ok {
+ strategyForAntiInfoLeak.Content = helper.String(v.(string))
+ }
+
+ strategyForAntiInfoLeak.CompareFunc = helper.String("contains")
+ modifyAntiInfoLeakRulesRequest.Strategies = append(modifyAntiInfoLeakRulesRequest.Strategies, &strategyForAntiInfoLeak)
+ }
+ }
+
+ err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiInfoLeakRules(modifyAntiInfoLeakRulesRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiInfoLeakRulesRequest.GetAction(), modifyAntiInfoLeakRulesRequest.ToJsonString(), result.ToJsonString())
+ }
+
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiInfoLeak failed, reason:%+v", logId, err)
+ return err
+ }
+
+ if d.HasChange("status") {
+ if v, ok := d.GetOkExists("status"); ok {
+ modifyAntiInfoLeakRuleStatusRequest.Status = helper.IntUint64(v.(int))
+ }
+
+ modifyAntiInfoLeakRuleStatusRequest.Domain = &domain
+ modifyAntiInfoLeakRuleStatusRequest.RuleId = &ruleIdUInt
+ err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(*TencentCloudClient).apiV3Conn.UseWafClient().ModifyAntiInfoLeakRuleStatus(modifyAntiInfoLeakRuleStatusRequest)
+ if e != nil {
+ return retryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyAntiInfoLeakRuleStatusRequest.GetAction(), modifyAntiInfoLeakRuleStatusRequest.ToJsonString(), result.ToJsonString())
+ }
+ return nil
+ })
+
+ if err != nil {
+ log.Printf("[CRITAL]%s update waf antiFake status failed, reason:%+v", logId, err)
+ return err
+ }
+ }
+
+ return resourceTencentCloudWafAntiInfoLeakRead(d, meta)
+}
+
+func resourceTencentCloudWafAntiInfoLeakDelete(d *schema.ResourceData, meta interface{}) error {
+ defer logElapsed("resource.tencentcloud_waf_anti_info_leak.delete")()
+ defer inconsistentCheck(d, meta)()
+
+ var (
+ logId = getLogId(contextNil)
+ ctx = context.WithValue(context.TODO(), logIdKey, logId)
+ service = WafService{client: meta.(*TencentCloudClient).apiV3Conn}
+ )
+
+ idSplit := strings.Split(d.Id(), FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", idSplit)
+ }
+ ruleId := idSplit[0]
+ domain := idSplit[1]
+
+ if err := service.DeleteWafAntiInfoLeakById(ctx, ruleId, domain); err != nil {
+ return err
+ }
+
+ return nil
+}
diff --git a/tencentcloud/resource_tc_waf_anti_info_leak_test.go b/tencentcloud/resource_tc_waf_anti_info_leak_test.go
new file mode 100644
index 0000000000..6d1bf21e24
--- /dev/null
+++ b/tencentcloud/resource_tc_waf_anti_info_leak_test.go
@@ -0,0 +1,65 @@
+package tencentcloud
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudWafAntiInfoLeakResource_basic -v
+func TestAccTencentCloudWafAntiInfoLeakResource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ testAccPreCheck(t)
+ },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccWafAntiInfoLeak,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_info_leak.example", "id"),
+ ),
+ },
+ {
+ ResourceName: "tencentcloud_waf_anti_info_leak.example",
+ ImportState: true,
+ ImportStateVerify: true,
+ },
+ {
+ Config: testAccWafAntiInfoLeakUpdate,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrSet("tencentcloud_waf_anti_info_leak.example", "id"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccWafAntiInfoLeak = `
+resource "tencentcloud_waf_anti_info_leak" "example" {
+ domain = "keep.qcloudwaf.com"
+ name = "tf_example"
+ action_type = 0
+ strategies {
+ field = "information"
+ content = "phone"
+ }
+ uri = "/anti_info_leak_url"
+ status = 0
+}
+`
+
+const testAccWafAntiInfoLeakUpdate = `
+resource "tencentcloud_waf_anti_info_leak" "example" {
+ domain = "keep.qcloudwaf.com"
+ name = "tf_example_update"
+ action_type = 0
+ strategies {
+ field = "returncode"
+ content = "400"
+ }
+ uri = "/anti_info_leak_url"
+ status = 1
+}
+`
diff --git a/tencentcloud/resource_tc_waf_clb_domain.go b/tencentcloud/resource_tc_waf_clb_domain.go
index 9cbbac51d4..0a620eff7d 100644
--- a/tencentcloud/resource_tc_waf_clb_domain.go
+++ b/tencentcloud/resource_tc_waf_clb_domain.go
@@ -66,6 +66,40 @@ resource "tencentcloud_waf_clb_domain" "example" {
}
```
+Create a complete waf tsegw domain
+
+```hcl
+resource "tencentcloud_waf_clb_domain" "example" {
+ instance_id = "waf_2kxtlbky00b2v1fn"
+ domain = "xxx.com"
+ is_cdn = 0
+ status = 1
+ engine = 12
+ region = "gz"
+ flow_mode = 0
+ alb_type = "tsegw"
+ bot_status = 0
+ api_safe_status = 0
+}
+```
+
+Create a complete waf apisix domain
+
+```hcl
+resource "tencentcloud_waf_clb_domain" "example" {
+ instance_id = "waf_2kxtlbky00b2v1fn"
+ domain = "xxx.com"
+ is_cdn = 0
+ status = 1
+ engine = 12
+ region = "gz"
+ flow_mode = 0
+ alb_type = "apisix"
+ bot_status = 0
+ api_safe_status = 0
+}
+```
+
Import
waf clb_domain can be imported using the id, e.g.
@@ -133,7 +167,7 @@ func resourceTencentCloudWafClbDomain() *schema.Resource {
},
"load_balancer_set": {
Type: schema.TypeList,
- Required: true,
+ Optional: true,
Description: "List of bound LB.",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
@@ -185,12 +219,12 @@ func resourceTencentCloudWafClbDomain() *schema.Resource {
"numerical_vpc_id": {
Type: schema.TypeInt,
Optional: true,
- Description: "VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditionsNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions.",
},
"load_balancer_type": {
Type: schema.TypeString,
Optional: true,
- Description: "Network type for load balancerNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Network type for load balancer.",
},
},
},
@@ -233,13 +267,13 @@ func resourceTencentCloudWafClbDomain() *schema.Resource {
Optional: true,
Default: ALB_TYPE_CLB,
ValidateFunc: validateAllowedStringValue(ALB_TYPES),
- Description: "Load balancer type: clb or apisix, default clbNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Load balancer type: clb, apisix or tsegw, default clb.",
},
"ip_headers": {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
- Description: "When is_cdn=3, this parameter needs to be filled in to indicate a custom headerNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "When is_cdn=3, this parameter needs to be filled in to indicate a custom header.",
},
"domain_id": {
Type: schema.TypeString,
@@ -286,55 +320,68 @@ func resourceTencentCloudWafClbDomainCreate(d *schema.ResourceData, meta interfa
isCdn = v.(int)
}
- if v, ok := d.GetOk("load_balancer_set"); ok {
- for _, item := range v.([]interface{}) {
- loadBalancerSetMap := item.(map[string]interface{})
- loadBalancer := waf.LoadBalancer{}
- if v, ok := loadBalancerSetMap["load_balancer_id"]; ok {
- loadBalancer.LoadBalancerId = helper.String(v.(string))
- }
+ if v, ok := d.GetOk("alb_type"); ok {
+ hostRecord.AlbType = helper.String(v.(string))
+ albType = v.(string)
- if v, ok := loadBalancerSetMap["load_balancer_name"]; ok {
- loadBalancer.LoadBalancerName = helper.String(v.(string))
- }
+ if albType == ALB_TYPE_CLB {
+ if v, ok := d.GetOk("load_balancer_set"); ok {
+ for _, item := range v.([]interface{}) {
+ loadBalancerSetMap := item.(map[string]interface{})
+ loadBalancer := waf.LoadBalancer{}
+ if v, ok := loadBalancerSetMap["load_balancer_id"]; ok {
+ loadBalancer.LoadBalancerId = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["listener_id"]; ok {
- loadBalancer.ListenerId = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["load_balancer_name"]; ok {
+ loadBalancer.LoadBalancerName = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["listener_name"]; ok {
- loadBalancer.ListenerName = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["listener_id"]; ok {
+ loadBalancer.ListenerId = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["vip"]; ok {
- loadBalancer.Vip = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["listener_name"]; ok {
+ loadBalancer.ListenerName = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["vport"]; ok {
- loadBalancer.Vport = helper.IntUint64(v.(int))
- }
+ if v, ok := loadBalancerSetMap["vip"]; ok {
+ loadBalancer.Vip = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["region"]; ok {
- loadBalancer.Region = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["vport"]; ok {
+ loadBalancer.Vport = helper.IntUint64(v.(int))
+ }
- if v, ok := loadBalancerSetMap["protocol"]; ok {
- loadBalancer.Protocol = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["region"]; ok {
+ loadBalancer.Region = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["zone"]; ok {
- loadBalancer.Zone = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["protocol"]; ok {
+ loadBalancer.Protocol = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["numerical_vpc_id"]; ok {
- loadBalancer.NumericalVpcId = helper.IntInt64(v.(int))
- }
+ if v, ok := loadBalancerSetMap["zone"]; ok {
+ loadBalancer.Zone = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["load_balancer_type"]; ok {
- loadBalancer.LoadBalancerType = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["numerical_vpc_id"]; ok {
+ loadBalancer.NumericalVpcId = helper.IntInt64(v.(int))
+ }
- hostRecord.LoadBalancerSet = append(hostRecord.LoadBalancerSet, &loadBalancer)
+ if v, ok := loadBalancerSetMap["load_balancer_type"]; ok {
+ loadBalancer.LoadBalancerType = helper.String(v.(string))
+ }
+
+ hostRecord.LoadBalancerSet = append(hostRecord.LoadBalancerSet, &loadBalancer)
+ }
+ } else {
+ return fmt.Errorf("If `alb_type` is clb, `load_balancer_set` is required.")
+ }
+ } else {
+ if _, ok := d.GetOk("load_balancer_set"); ok {
+ return fmt.Errorf("If `alb_type` is apisix or tsegw, `load_balancer_set` is not supported.")
+ }
}
}
@@ -346,11 +393,6 @@ func resourceTencentCloudWafClbDomainCreate(d *schema.ResourceData, meta interfa
hostRecord.FlowMode = helper.IntUint64(v.(int))
}
- if v, ok := d.GetOk("alb_type"); ok {
- hostRecord.AlbType = helper.String(v.(string))
- albType = v.(string)
- }
-
if v, ok := d.GetOk("ip_headers"); ok {
if isCdn == ISCDN_3 {
ipHeadersSet := v.([]interface{})
@@ -614,59 +656,65 @@ func resourceTencentCloudWafClbDomainRead(d *schema.ResourceData, meta interface
_ = d.Set("engine", domainInfo.Engine)
}
- if domainInfo.LoadBalancerSet != nil {
- loadBalancerSetList := []interface{}{}
- for _, loadBalancerSet := range domainInfo.LoadBalancerSet {
- loadBalancerSetMap := map[string]interface{}{}
+ if domainInfo.AlbType != nil {
+ _ = d.Set("alb_type", domainInfo.AlbType)
- if loadBalancerSet.LoadBalancerId != nil {
- loadBalancerSetMap["load_balancer_id"] = loadBalancerSet.LoadBalancerId
- }
+ if *domainInfo.AlbType == ALB_TYPE_CLB {
+ if domainInfo.LoadBalancerSet != nil {
+ loadBalancerSetList := []interface{}{}
+ for _, loadBalancerSet := range domainInfo.LoadBalancerSet {
+ loadBalancerSetMap := map[string]interface{}{}
- if loadBalancerSet.LoadBalancerName != nil {
- loadBalancerSetMap["load_balancer_name"] = loadBalancerSet.LoadBalancerName
- }
+ if loadBalancerSet.LoadBalancerId != nil {
+ loadBalancerSetMap["load_balancer_id"] = loadBalancerSet.LoadBalancerId
+ }
- if loadBalancerSet.ListenerId != nil {
- loadBalancerSetMap["listener_id"] = loadBalancerSet.ListenerId
- }
+ if loadBalancerSet.LoadBalancerName != nil {
+ loadBalancerSetMap["load_balancer_name"] = loadBalancerSet.LoadBalancerName
+ }
- if loadBalancerSet.ListenerName != nil {
- loadBalancerSetMap["listener_name"] = loadBalancerSet.ListenerName
- }
+ if loadBalancerSet.ListenerId != nil {
+ loadBalancerSetMap["listener_id"] = loadBalancerSet.ListenerId
+ }
- if loadBalancerSet.Vip != nil {
- loadBalancerSetMap["vip"] = loadBalancerSet.Vip
- }
+ if loadBalancerSet.ListenerName != nil {
+ loadBalancerSetMap["listener_name"] = loadBalancerSet.ListenerName
+ }
- if loadBalancerSet.Vport != nil {
- loadBalancerSetMap["vport"] = loadBalancerSet.Vport
- }
+ if loadBalancerSet.Vip != nil {
+ loadBalancerSetMap["vip"] = loadBalancerSet.Vip
+ }
- if loadBalancerSet.Region != nil {
- loadBalancerSetMap["region"] = loadBalancerSet.Region
- }
+ if loadBalancerSet.Vport != nil {
+ loadBalancerSetMap["vport"] = loadBalancerSet.Vport
+ }
- if loadBalancerSet.Protocol != nil {
- loadBalancerSetMap["protocol"] = loadBalancerSet.Protocol
- }
+ if loadBalancerSet.Region != nil {
+ loadBalancerSetMap["region"] = loadBalancerSet.Region
+ }
- if loadBalancerSet.Zone != nil {
- loadBalancerSetMap["zone"] = loadBalancerSet.Zone
- }
+ if loadBalancerSet.Protocol != nil {
+ loadBalancerSetMap["protocol"] = loadBalancerSet.Protocol
+ }
- if loadBalancerSet.NumericalVpcId != nil {
- loadBalancerSetMap["numerical_vpc_id"] = loadBalancerSet.NumericalVpcId
- }
+ if loadBalancerSet.Zone != nil {
+ loadBalancerSetMap["zone"] = loadBalancerSet.Zone
+ }
- if loadBalancerSet.LoadBalancerType != nil {
- loadBalancerSetMap["load_balancer_type"] = loadBalancerSet.LoadBalancerType
- }
+ if loadBalancerSet.NumericalVpcId != nil {
+ loadBalancerSetMap["numerical_vpc_id"] = loadBalancerSet.NumericalVpcId
+ }
- loadBalancerSetList = append(loadBalancerSetList, loadBalancerSetMap)
- }
+ if loadBalancerSet.LoadBalancerType != nil {
+ loadBalancerSetMap["load_balancer_type"] = loadBalancerSet.LoadBalancerType
+ }
- _ = d.Set("load_balancer_set", loadBalancerSetList)
+ loadBalancerSetList = append(loadBalancerSetList, loadBalancerSetMap)
+ }
+
+ _ = d.Set("load_balancer_set", loadBalancerSetList)
+ }
+ }
}
if domainInfo.Region != nil {
@@ -689,10 +737,6 @@ func resourceTencentCloudWafClbDomainRead(d *schema.ResourceData, meta interface
_ = d.Set("api_safe_status", domainInfo.ApiStatus)
}
- if domainInfo.AlbType != nil {
- _ = d.Set("alb_type", domainInfo.AlbType)
- }
-
if domainInfo.DomainId != nil {
_ = d.Set("domain_id", domainInfo.DomainId)
}
@@ -743,7 +787,7 @@ func resourceTencentCloudWafClbDomainUpdate(d *schema.ResourceData, meta interfa
domain := idSplit[1]
domainId := idSplit[2]
- immutableArgs := []string{"instance_id", "domain"}
+ immutableArgs := []string{"instance_id", "domain", "alb_type"}
for _, v := range immutableArgs {
if d.HasChange(v) {
@@ -798,55 +842,68 @@ func resourceTencentCloudWafClbDomainUpdate(d *schema.ResourceData, meta interfa
isCdn = v.(int)
}
- if v, ok := d.GetOk("load_balancer_set"); ok {
- for _, item := range v.([]interface{}) {
- loadBalancerSetMap := item.(map[string]interface{})
- loadBalancer := waf.LoadBalancer{}
- if v, ok := loadBalancerSetMap["load_balancer_id"]; ok {
- loadBalancer.LoadBalancerId = helper.String(v.(string))
- }
+ if v, ok := d.GetOk("alb_type"); ok {
+ hostRecord.AlbType = helper.String(v.(string))
+ albType := v.(string)
+
+ if albType == ALB_TYPE_CLB {
+ if v, ok := d.GetOk("load_balancer_set"); ok {
+ for _, item := range v.([]interface{}) {
+ loadBalancerSetMap := item.(map[string]interface{})
+ loadBalancer := waf.LoadBalancer{}
+ if v, ok := loadBalancerSetMap["load_balancer_id"]; ok {
+ loadBalancer.LoadBalancerId = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["load_balancer_name"]; ok {
- loadBalancer.LoadBalancerName = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["load_balancer_name"]; ok {
+ loadBalancer.LoadBalancerName = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["listener_id"]; ok {
- loadBalancer.ListenerId = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["listener_id"]; ok {
+ loadBalancer.ListenerId = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["listener_name"]; ok {
- loadBalancer.ListenerName = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["listener_name"]; ok {
+ loadBalancer.ListenerName = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["vip"]; ok {
- loadBalancer.Vip = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["vip"]; ok {
+ loadBalancer.Vip = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["vport"]; ok {
- loadBalancer.Vport = helper.IntUint64(v.(int))
- }
+ if v, ok := loadBalancerSetMap["vport"]; ok {
+ loadBalancer.Vport = helper.IntUint64(v.(int))
+ }
- if v, ok := loadBalancerSetMap["region"]; ok {
- loadBalancer.Region = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["region"]; ok {
+ loadBalancer.Region = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["protocol"]; ok {
- loadBalancer.Protocol = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["protocol"]; ok {
+ loadBalancer.Protocol = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["zone"]; ok {
- loadBalancer.Zone = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["zone"]; ok {
+ loadBalancer.Zone = helper.String(v.(string))
+ }
- if v, ok := loadBalancerSetMap["numerical_vpc_id"]; ok {
- loadBalancer.NumericalVpcId = helper.IntInt64(v.(int))
- }
+ if v, ok := loadBalancerSetMap["numerical_vpc_id"]; ok {
+ loadBalancer.NumericalVpcId = helper.IntInt64(v.(int))
+ }
- if v, ok := loadBalancerSetMap["load_balancer_type"]; ok {
- loadBalancer.LoadBalancerType = helper.String(v.(string))
- }
+ if v, ok := loadBalancerSetMap["load_balancer_type"]; ok {
+ loadBalancer.LoadBalancerType = helper.String(v.(string))
+ }
- hostRecord.LoadBalancerSet = append(hostRecord.LoadBalancerSet, &loadBalancer)
+ hostRecord.LoadBalancerSet = append(hostRecord.LoadBalancerSet, &loadBalancer)
+ }
+ } else {
+ return fmt.Errorf("If `alb_type` is clb, `load_balancer_set` is required.")
+ }
+ } else {
+ if _, ok := d.GetOk("load_balancer_set"); ok {
+ return fmt.Errorf("If `alb_type` is apisix or tsegw, `load_balancer_set` is not supported.")
+ }
}
}
@@ -854,10 +911,6 @@ func resourceTencentCloudWafClbDomainUpdate(d *schema.ResourceData, meta interfa
hostRecord.Region = helper.String(v.(string))
}
- if v, ok := d.GetOk("alb_type"); ok {
- hostRecord.AlbType = helper.String(v.(string))
- }
-
if v, ok := d.GetOk("ip_headers"); ok {
if isCdn == ISCDN_3 {
ipHeadersSet := v.([]interface{})
diff --git a/tencentcloud/resource_tc_waf_custom_rule.go b/tencentcloud/resource_tc_waf_custom_rule.go
index e6db226ac7..542f06da14 100644
--- a/tencentcloud/resource_tc_waf_custom_rule.go
+++ b/tencentcloud/resource_tc_waf_custom_rule.go
@@ -85,22 +85,22 @@ func resourceTencentCloudWafCustomRule() *schema.Resource {
"field": {
Type: schema.TypeString,
Required: true,
- Description: "Matching FieldsNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching Fields.",
},
"compare_func": {
Type: schema.TypeString,
Required: true,
- Description: "Logical symbolNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Logical symbol.",
},
"content": {
Type: schema.TypeString,
Required: true,
- Description: "Matching ContentNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching Content.",
},
"arg": {
Type: schema.TypeString,
Required: true,
- Description: "Matching parametersNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching parameters.",
},
},
},
diff --git a/tencentcloud/resource_tc_waf_custom_white_rule.go b/tencentcloud/resource_tc_waf_custom_white_rule.go
index 9dc72df778..d394e74572 100644
--- a/tencentcloud/resource_tc_waf_custom_white_rule.go
+++ b/tencentcloud/resource_tc_waf_custom_white_rule.go
@@ -79,22 +79,22 @@ func resourceTencentCloudWafCustomWhiteRule() *schema.Resource {
"field": {
Type: schema.TypeString,
Required: true,
- Description: "Matching FieldsNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching Fields.",
},
"compare_func": {
Type: schema.TypeString,
Required: true,
- Description: "Logical symbolNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Logical symbol.",
},
"content": {
Type: schema.TypeString,
Required: true,
- Description: "Matching ContentNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching Content.",
},
"arg": {
Type: schema.TypeString,
Required: true,
- Description: "Matching parametersNote: This field may return null, indicating that a valid value cannot be obtained.",
+ Description: "Matching parameters.",
},
},
},
diff --git a/tencentcloud/service_tencentcloud_waf.go b/tencentcloud/service_tencentcloud_waf.go
index 162b287cb9..2b1d3fe576 100644
--- a/tencentcloud/service_tencentcloud_waf.go
+++ b/tencentcloud/service_tencentcloud_waf.go
@@ -905,3 +905,173 @@ func (me *WafService) DescribeWafPeakPointsByFilter(ctx context.Context, param m
PeakPoints = response.Response.Points
return
}
+
+func (me *WafService) DescribeWafAntiFakeById(ctx context.Context, id, domain string) (antiFake *waf.CacheUrlItems, errRet error) {
+ logId := getLogId(ctx)
+
+ request := waf.NewDescribeAntiFakeRulesRequest()
+ request.Domain = &domain
+ request.Offset = common.Uint64Ptr(0)
+ request.Limit = common.Uint64Ptr(10)
+ request.Filters = []*waf.FiltersItemNew{
+ {
+ Name: common.StringPtr("RuleID"),
+ Values: common.StringPtrs([]string{id}),
+ ExactMatch: common.BoolPtr(true),
+ },
+ }
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseWafClient().DescribeAntiFakeRules(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ if len(response.Response.Data) < 1 {
+ return
+ }
+
+ antiFake = response.Response.Data[0]
+ return
+}
+
+func (me *WafService) DeleteWafAntiFakeById(ctx context.Context, id, domain string) (errRet error) {
+ logId := getLogId(ctx)
+
+ request := waf.NewDeleteAntiFakeUrlRequest()
+ idInt, _ := strconv.ParseUint(id, 10, 64)
+ request.Id = common.Uint64Ptr(idInt)
+ request.Domain = common.StringPtr(domain)
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseWafClient().DeleteAntiFakeUrl(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ return
+}
+
+func (me *WafService) DescribeWafAntiInfoLeakById(ctx context.Context, ruleId, domain string) (antiInfoLeak *waf.DescribeAntiLeakageItem, errRet error) {
+ logId := getLogId(ctx)
+
+ request := waf.NewDescribeAntiInfoLeakageRulesRequest()
+ request.Domain = &domain
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseWafClient().DescribeAntiInfoLeakageRules(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ if len(response.Response.RuleList) < 1 {
+ return
+ }
+
+ ruleIdInt, _ := strconv.ParseUint(ruleId, 10, 64)
+ for _, item := range response.Response.RuleList {
+ if *item.RuleId == ruleIdInt {
+ antiInfoLeak = item
+ break
+ }
+ }
+
+ return
+}
+
+func (me *WafService) DeleteWafAntiInfoLeakById(ctx context.Context, ruleId, domain string) (errRet error) {
+ logId := getLogId(ctx)
+
+ request := waf.NewDeleteAntiInfoLeakRuleRequest()
+ ruleIdInt, _ := strconv.ParseUint(ruleId, 10, 64)
+ request.Domain = &domain
+ request.RuleId = &ruleIdInt
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseWafClient().DeleteAntiInfoLeakRule(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ return
+}
+
+func (me *WafService) DescribeWafInstanceQpsLimitByFilter(ctx context.Context, param map[string]interface{}) (instanceQpsLimit *waf.QpsData, errRet error) {
+ var (
+ logId = getLogId(ctx)
+ request = waf.NewGetInstanceQpsLimitRequest()
+ )
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ for k, v := range param {
+ if k == "InstanceId" {
+ request.InstanceId = v.(*string)
+ }
+
+ if k == "Type" {
+ request.Type = v.(*string)
+ }
+ }
+
+ ratelimit.Check(request.GetAction())
+
+ response, err := me.client.UseWafClient().GetInstanceQpsLimit(request)
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+ if response == nil {
+ return
+ }
+
+ instanceQpsLimit = response.Response.QpsData
+ return
+}
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/client.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/client.go
index e672cf72dc..b2b4c3110c 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/client.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/client.go
@@ -1223,6 +1223,7 @@ func NewDeleteSessionResponse() (response *DeleteSessionResponse) {
// 删除CC攻击的session设置
//
// 可能返回的错误码:
+// FAILEDOPERATION_SESSIONINUSED = "FailedOperation.SessionInUsed"
// INTERNALERROR = "InternalError"
// UNSUPPORTEDOPERATION = "UnsupportedOperation"
func (c *Client) DeleteSession(request *DeleteSessionRequest) (response *DeleteSessionResponse, err error) {
@@ -1233,6 +1234,7 @@ func (c *Client) DeleteSession(request *DeleteSessionRequest) (response *DeleteS
// 删除CC攻击的session设置
//
// 可能返回的错误码:
+// FAILEDOPERATION_SESSIONINUSED = "FailedOperation.SessionInUsed"
// INTERNALERROR = "InternalError"
// UNSUPPORTEDOPERATION = "UnsupportedOperation"
func (c *Client) DeleteSessionWithContext(ctx context.Context, request *DeleteSessionRequest) (response *DeleteSessionResponse, err error) {
@@ -3643,7 +3645,7 @@ func NewDescribeRuleLimitResponse() (response *DescribeRuleLimitResponse) {
// 可能返回的错误码:
// INTERNALERROR = "InternalError"
// INTERNALERROR_DBERR = "InternalError.DBErr"
-// UNSUPPORTEDOPERATION = "UnsupportedOperation"
+// INVALIDPARAMETER = "InvalidParameter"
func (c *Client) DescribeRuleLimit(request *DescribeRuleLimitRequest) (response *DescribeRuleLimitResponse, err error) {
return c.DescribeRuleLimitWithContext(context.Background(), request)
}
@@ -3654,7 +3656,7 @@ func (c *Client) DescribeRuleLimit(request *DescribeRuleLimitRequest) (response
// 可能返回的错误码:
// INTERNALERROR = "InternalError"
// INTERNALERROR_DBERR = "InternalError.DBErr"
-// UNSUPPORTEDOPERATION = "UnsupportedOperation"
+// INVALIDPARAMETER = "InvalidParameter"
func (c *Client) DescribeRuleLimitWithContext(ctx context.Context, request *DescribeRuleLimitRequest) (response *DescribeRuleLimitResponse, err error) {
if request == nil {
request = NewDescribeRuleLimitRequest()
@@ -6307,6 +6309,7 @@ func NewModifySpartaProtectionResponse() (response *ModifySpartaProtectionRespon
// INVALIDPARAMETER = "InvalidParameter"
// INVALIDPARAMETER_CERTIFICATIONPARAMETERERR = "InvalidParameter.CertificationParameterErr"
// INVALIDPARAMETER_PORTPARAMETERERR = "InvalidParameter.PortParameterErr"
+// INVALIDPARAMETER_PROTECTIONDOMAINPARAMETERERR = "InvalidParameter.ProtectionDomainParameterErr"
// INVALIDPARAMETER_SUPPORTTLSCONFFAILED = "InvalidParameter.SupportTLSConfFailed"
// INVALIDPARAMETER_TLSPARAMETERERR = "InvalidParameter.TLSParameterErr"
// INVALIDPARAMETER_UPSTREAMPARAMETERERR = "InvalidParameter.UpstreamParameterErr"
@@ -6334,6 +6337,7 @@ func (c *Client) ModifySpartaProtection(request *ModifySpartaProtectionRequest)
// INVALIDPARAMETER = "InvalidParameter"
// INVALIDPARAMETER_CERTIFICATIONPARAMETERERR = "InvalidParameter.CertificationParameterErr"
// INVALIDPARAMETER_PORTPARAMETERERR = "InvalidParameter.PortParameterErr"
+// INVALIDPARAMETER_PROTECTIONDOMAINPARAMETERERR = "InvalidParameter.ProtectionDomainParameterErr"
// INVALIDPARAMETER_SUPPORTTLSCONFFAILED = "InvalidParameter.SupportTLSConfFailed"
// INVALIDPARAMETER_TLSPARAMETERERR = "InvalidParameter.TLSParameterErr"
// INVALIDPARAMETER_UPSTREAMPARAMETERERR = "InvalidParameter.UpstreamParameterErr"
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/errors.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/errors.go
index 4defb206f8..a2c7f617e9 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/errors.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/errors.go
@@ -41,6 +41,9 @@ const (
// 操作Redis数据库失败
FAILEDOPERATION_REDISOPERATIONFAILED = "FailedOperation.RedisOperationFailed"
+ // 删除的Session正在被启用
+ FAILEDOPERATION_SESSIONINUSED = "FailedOperation.SessionInUsed"
+
// 黑白名单添加数超过上限
FAILEDOPERATION_THENUMBEROFADDEDBLACKANDWHITELISTEXCEEDSTHEUPPERLIMIT = "FailedOperation.TheNumberOfAddedBlackAndWhiteListExceedsTheUpperLimit"
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/models.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/models.go
index e85a7bb16d..1aa0854735 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/models.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125/models.go
@@ -211,6 +211,9 @@ type AddAntiFakeUrlResponseParams struct {
// 结果
Result *string `json:"Result,omitnil" name:"Result"`
+ // 规则ID
+ Id *string `json:"Id,omitnil" name:"Id"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -236,10 +239,10 @@ type AddAntiInfoLeakRulesRequestParams struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
- // 名称
+ // 规则名称
Name *string `json:"Name,omitnil" name:"Name"`
- // 动作
+ // 动作,0(告警)、1(替换)、2(仅显示前四位)、3(仅显示后四位)、4(阻断)
ActionType *uint64 `json:"ActionType,omitnil" name:"ActionType"`
// 策略详情
@@ -255,10 +258,10 @@ type AddAntiInfoLeakRulesRequest struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
- // 名称
+ // 规则名称
Name *string `json:"Name,omitnil" name:"Name"`
- // 动作
+ // 动作,0(告警)、1(替换)、2(仅显示前四位)、3(仅显示后四位)、4(阻断)
ActionType *uint64 `json:"ActionType,omitnil" name:"ActionType"`
// 策略详情
@@ -293,6 +296,9 @@ func (r *AddAntiInfoLeakRulesRequest) FromJsonString(s string) error {
// Predefined struct for user
type AddAntiInfoLeakRulesResponseParams struct {
+ // 规则ID
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -1030,6 +1036,10 @@ type BatchIpAccessControlData struct {
}
type BatchIpAccessControlItem struct {
+ // mongo表自增Id
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Id *string `json:"Id,omitnil" name:"Id"`
+
// 黑名单42或白名单40
ActionType *int64 `json:"ActionType,omitnil" name:"ActionType"`
@@ -1088,6 +1098,14 @@ type BotPkg struct {
// 续费标志
// 注意:此字段可能返回 null,表示取不到有效值。
RenewFlag *uint64 `json:"RenewFlag,omitnil" name:"RenewFlag"`
+
+ // 购买页bot6折
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BotCPWaf *int64 `json:"BotCPWaf,omitnil" name:"BotCPWaf"`
+
+ // 控制台买bot5折
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BotNPWaf *int64 `json:"BotNPWaf,omitnil" name:"BotNPWaf"`
}
type BotQPS struct {
@@ -1722,6 +1740,9 @@ type DeleteCCRuleRequestParams struct {
// clb-waf或者sparta-waf
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // 规则Id
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
}
type DeleteCCRuleRequest struct {
@@ -1735,6 +1756,9 @@ type DeleteCCRuleRequest struct {
// clb-waf或者sparta-waf
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // 规则Id
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
}
func (r *DeleteCCRuleRequest) ToJsonString() string {
@@ -1752,6 +1776,7 @@ func (r *DeleteCCRuleRequest) FromJsonString(s string) error {
delete(f, "Domain")
delete(f, "Name")
delete(f, "Edition")
+ delete(f, "RuleId")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DeleteCCRuleRequest has unknown keys!", "")
}
@@ -1764,6 +1789,9 @@ type DeleteCCRuleResponseParams struct {
// 注意:此字段可能返回 null,表示取不到有效值。
Data *string `json:"Data,omitnil" name:"Data"`
+ // 操作的规则Id
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -2100,6 +2128,9 @@ type DeleteIpAccessControlRequestParams struct {
// 删除的ip数组
Items []*string `json:"Items,omitnil" name:"Items"`
+ // 若IsId字段为True,则Items列表元素需为Id,否则为IP
+ IsId *bool `json:"IsId,omitnil" name:"IsId"`
+
// 是否删除对应的域名下的所有黑/白IP名单,true表示全部删除,false表示只删除指定ip名单
DeleteAll *bool `json:"DeleteAll,omitnil" name:"DeleteAll"`
@@ -2116,6 +2147,9 @@ type DeleteIpAccessControlRequest struct {
// 删除的ip数组
Items []*string `json:"Items,omitnil" name:"Items"`
+ // 若IsId字段为True,则Items列表元素需为Id,否则为IP
+ IsId *bool `json:"IsId,omitnil" name:"IsId"`
+
// 是否删除对应的域名下的所有黑/白IP名单,true表示全部删除,false表示只删除指定ip名单
DeleteAll *bool `json:"DeleteAll,omitnil" name:"DeleteAll"`
@@ -2137,6 +2171,7 @@ func (r *DeleteIpAccessControlRequest) FromJsonString(s string) error {
}
delete(f, "Domain")
delete(f, "Items")
+ delete(f, "IsId")
delete(f, "DeleteAll")
delete(f, "SourceType")
if len(f) > 0 {
@@ -2182,6 +2217,9 @@ type DeleteSessionRequestParams struct {
// clb-waf 或者 sprta-waf
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // 要删除的SessionID
+ SessionID *int64 `json:"SessionID,omitnil" name:"SessionID"`
}
type DeleteSessionRequest struct {
@@ -2192,6 +2230,9 @@ type DeleteSessionRequest struct {
// clb-waf 或者 sprta-waf
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // 要删除的SessionID
+ SessionID *int64 `json:"SessionID,omitnil" name:"SessionID"`
}
func (r *DeleteSessionRequest) ToJsonString() string {
@@ -2208,6 +2249,7 @@ func (r *DeleteSessionRequest) FromJsonString(s string) error {
}
delete(f, "Domain")
delete(f, "Edition")
+ delete(f, "SessionID")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DeleteSessionRequest has unknown keys!", "")
}
@@ -2399,6 +2441,12 @@ type DescribeAccessFastAnalysisRequestParams struct {
// 需要分析统计的字段名
FieldName *string `json:"FieldName,omitnil" name:"FieldName"`
+
+ // 排序字段,升序asc,降序desc,默认降序desc
+ Sort *string `json:"Sort,omitnil" name:"Sort"`
+
+ // 返回的top数,默认返回top5
+ Count *int64 `json:"Count,omitnil" name:"Count"`
}
type DescribeAccessFastAnalysisRequest struct {
@@ -2418,6 +2466,12 @@ type DescribeAccessFastAnalysisRequest struct {
// 需要分析统计的字段名
FieldName *string `json:"FieldName,omitnil" name:"FieldName"`
+
+ // 排序字段,升序asc,降序desc,默认降序desc
+ Sort *string `json:"Sort,omitnil" name:"Sort"`
+
+ // 返回的top数,默认返回top5
+ Count *int64 `json:"Count,omitnil" name:"Count"`
}
func (r *DescribeAccessFastAnalysisRequest) ToJsonString() string {
@@ -2437,6 +2491,8 @@ func (r *DescribeAccessFastAnalysisRequest) FromJsonString(s string) error {
delete(f, "To")
delete(f, "Query")
delete(f, "FieldName")
+ delete(f, "Sort")
+ delete(f, "Count")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DescribeAccessFastAnalysisRequest has unknown keys!", "")
}
@@ -3060,6 +3116,18 @@ type DescribeAttackOverviewResponseParams struct {
// 注意:此字段可能返回 null,表示取不到有效值。
ApiRiskEventCount *uint64 `json:"ApiRiskEventCount,omitnil" name:"ApiRiskEventCount"`
+ // 黑名单总数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ IPBlackCount *uint64 `json:"IPBlackCount,omitnil" name:"IPBlackCount"`
+
+ // 防篡改总数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ TamperCount *uint64 `json:"TamperCount,omitnil" name:"TamperCount"`
+
+ // 信息泄露总数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ LeakCount *uint64 `json:"LeakCount,omitnil" name:"LeakCount"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -4672,6 +4740,9 @@ type DescribeIpAccessControlRequestParams struct {
// ip
Ip *string `json:"Ip,omitnil" name:"Ip"`
+
+ // 生效状态
+ ValidStatus *int64 `json:"ValidStatus,omitnil" name:"ValidStatus"`
}
type DescribeIpAccessControlRequest struct {
@@ -4712,6 +4783,9 @@ type DescribeIpAccessControlRequest struct {
// ip
Ip *string `json:"Ip,omitnil" name:"Ip"`
+
+ // 生效状态
+ ValidStatus *int64 `json:"ValidStatus,omitnil" name:"ValidStatus"`
}
func (r *DescribeIpAccessControlRequest) ToJsonString() string {
@@ -4738,6 +4812,7 @@ func (r *DescribeIpAccessControlRequest) FromJsonString(s string) error {
delete(f, "Source")
delete(f, "Sort")
delete(f, "Ip")
+ delete(f, "ValidStatus")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DescribeIpAccessControlRequest has unknown keys!", "")
}
@@ -4922,20 +4997,18 @@ type DescribePeakPointsRequestParams struct {
// WAF实例ID,不传则不过滤
InstanceID *string `json:"InstanceID,omitnil" name:"InstanceID"`
- // 十三个值可选:
+ // 十一个值可选:
// access-峰值qps趋势图
// botAccess- bot峰值qps趋势图
// down-下行峰值带宽趋势图
// up-上行峰值带宽趋势图
// attack-Web攻击总数趋势图
// cc-CC攻击总数趋势图
- // StatusServerError-WAF返回给客户端状态码次数趋势图
- // StatusClientError-WAF返回给客户端状态码次数趋势图
- // StatusRedirect-WAF返回给客户端状态码次数趋势图
- // StatusOk-WAF返回给客户端状态码次数趋势图
- // UpstreamServerError-源站返回给WAF状态码次数趋势图
- // UpstreamClientError-源站返回给WAF状态码次数趋势图
- // UpstreamRedirect-源站返回给WAF状态码次数趋势图
+ // bw-黑IP攻击总数趋势图
+ // tamper-防篡改攻击总数趋势图
+ // leak-防泄露攻击总数趋势图
+ // acl-访问控制攻击总数趋势图
+ // http_status-状态码各次数趋势图
MetricName *string `json:"MetricName,omitnil" name:"MetricName"`
}
@@ -4957,20 +5030,18 @@ type DescribePeakPointsRequest struct {
// WAF实例ID,不传则不过滤
InstanceID *string `json:"InstanceID,omitnil" name:"InstanceID"`
- // 十三个值可选:
+ // 十一个值可选:
// access-峰值qps趋势图
// botAccess- bot峰值qps趋势图
// down-下行峰值带宽趋势图
// up-上行峰值带宽趋势图
// attack-Web攻击总数趋势图
// cc-CC攻击总数趋势图
- // StatusServerError-WAF返回给客户端状态码次数趋势图
- // StatusClientError-WAF返回给客户端状态码次数趋势图
- // StatusRedirect-WAF返回给客户端状态码次数趋势图
- // StatusOk-WAF返回给客户端状态码次数趋势图
- // UpstreamServerError-源站返回给WAF状态码次数趋势图
- // UpstreamClientError-源站返回给WAF状态码次数趋势图
- // UpstreamRedirect-源站返回给WAF状态码次数趋势图
+ // bw-黑IP攻击总数趋势图
+ // tamper-防篡改攻击总数趋势图
+ // leak-防泄露攻击总数趋势图
+ // acl-访问控制攻击总数趋势图
+ // http_status-状态码各次数趋势图
MetricName *string `json:"MetricName,omitnil" name:"MetricName"`
}
@@ -5275,6 +5346,9 @@ func (r *DescribePortsResponse) FromJsonString(s string) error {
type DescribeRuleLimitRequestParams struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
+
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
}
type DescribeRuleLimitRequest struct {
@@ -5282,6 +5356,9 @@ type DescribeRuleLimitRequest struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
+
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
}
func (r *DescribeRuleLimitRequest) ToJsonString() string {
@@ -5297,6 +5374,7 @@ func (r *DescribeRuleLimitRequest) FromJsonString(s string) error {
return err
}
delete(f, "Domain")
+ delete(f, "InstanceId")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DescribeRuleLimitRequest has unknown keys!", "")
}
@@ -5672,6 +5750,9 @@ func (r *DescribeVipInfoResponse) FromJsonString(s string) error {
type DescribeWafAutoDenyRulesRequestParams struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
+
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
}
type DescribeWafAutoDenyRulesRequest struct {
@@ -5679,6 +5760,9 @@ type DescribeWafAutoDenyRulesRequest struct {
// 域名
Domain *string `json:"Domain,omitnil" name:"Domain"`
+
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
}
func (r *DescribeWafAutoDenyRulesRequest) ToJsonString() string {
@@ -5694,6 +5778,7 @@ func (r *DescribeWafAutoDenyRulesRequest) FromJsonString(s string) error {
return err
}
delete(f, "Domain")
+ delete(f, "InstanceId")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "DescribeWafAutoDenyRulesRequest has unknown keys!", "")
}
@@ -5714,6 +5799,9 @@ type DescribeWafAutoDenyRulesResponseParams struct {
// 自动封禁状态
DefenseStatus *int64 `json:"DefenseStatus,omitnil" name:"DefenseStatus"`
+ // 重保护网域名状态
+ HWState *int64 `json:"HWState,omitnil" name:"HWState"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -5933,10 +6021,10 @@ type DomainInfo struct {
// waf开关,0关闭 1开启
Status *uint64 `json:"Status,omitnil" name:"Status"`
- // 规则防御模式,0观察模式 1拦截模式
+ // 规则引擎防护模式,0观察模式 1拦截模式
Mode *uint64 `json:"Mode,omitnil" name:"Mode"`
- // AI防御模式,10规则引擎观察&&AI引擎关闭模式 11规则引擎观察&&AI引擎观察模式 12规则引擎观察&&AI引擎拦截模式 20规则引擎拦截&&AI引擎关闭模式 21规则引擎拦截&&AI引擎观察模式 22规则引擎拦截&&AI引擎拦截模式
+ // 规则引擎和AI引擎防护模式联合状态,10规则引擎观察&&AI引擎关闭模式 11规则引擎观察&&AI引擎观察模式 12规则引擎观察&&AI引擎拦截模式 20规则引擎拦截&&AI引擎关闭模式 21规则引擎拦截&&AI引擎观察模式 22规则引擎拦截&&AI引擎拦截模式
Engine *uint64 `json:"Engine,omitnil" name:"Engine"`
// CC列表
@@ -5994,6 +6082,10 @@ type DomainInfo struct {
// 安全组状态的详细解释
// 注意:此字段可能返回 null,表示取不到有效值。
SgDetail *string `json:"SgDetail,omitnil" name:"SgDetail"`
+
+ // 域名类型:hybrid表示混合云域名,public表示公有云域名
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ CloudType *string `json:"CloudType,omitnil" name:"CloudType"`
}
type DomainPackageNew struct {
@@ -6924,6 +7016,40 @@ type HostStatus struct {
InstanceID *string `json:"InstanceID,omitnil" name:"InstanceID"`
}
+type HybridPkg struct {
+ // 资源id
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ ResourceIds *string `json:"ResourceIds,omitnil" name:"ResourceIds"`
+
+ // 状态
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Status *int64 `json:"Status,omitnil" name:"Status"`
+
+ // 地域
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Region *int64 `json:"Region,omitnil" name:"Region"`
+
+ // 开始时间
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BeginTime *string `json:"BeginTime,omitnil" name:"BeginTime"`
+
+ // 结束时间
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ EndTime *string `json:"EndTime,omitnil" name:"EndTime"`
+
+ // 申请数量
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ InquireNum *int64 `json:"InquireNum,omitnil" name:"InquireNum"`
+
+ // 使用数量
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ UsedNum *int64 `json:"UsedNum,omitnil" name:"UsedNum"`
+
+ // 续费标志
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ RenewFlag *uint64 `json:"RenewFlag,omitnil" name:"RenewFlag"`
+}
+
type InstanceInfo struct {
// id
InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
@@ -7028,6 +7154,14 @@ type InstanceInfo struct {
// 是否api 安全试用
// 注意:此字段可能返回 null,表示取不到有效值。
IsAPISecurityTrial *uint64 `json:"IsAPISecurityTrial,omitnil" name:"IsAPISecurityTrial"`
+
+ // 重保包
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ MajorEventsPkg *MajorEventsPkg `json:"MajorEventsPkg,omitnil" name:"MajorEventsPkg"`
+
+ // 混合云子节点包
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ HybridPkg *HybridPkg `json:"HybridPkg,omitnil" name:"HybridPkg"`
}
type IpAccessControlData struct {
@@ -7040,6 +7174,10 @@ type IpAccessControlData struct {
}
type IpAccessControlItem struct {
+ // mongo表自增Id
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Id *string `json:"Id,omitnil" name:"Id"`
+
// 动作
ActionType *uint64 `json:"ActionType,omitnil" name:"ActionType"`
@@ -7058,6 +7196,10 @@ type IpAccessControlItem struct {
// 有效截止时间戳
ValidTs *uint64 `json:"ValidTs,omitnil" name:"ValidTs"`
+
+ // 生效状态
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ ValidStatus *int64 `json:"ValidStatus,omitnil" name:"ValidStatus"`
}
type IpHitItem struct {
@@ -7187,6 +7329,48 @@ type LogHistogramInfo struct {
TimeStamp *int64 `json:"TimeStamp,omitnil" name:"TimeStamp"`
}
+type MajorEventsPkg struct {
+ // 资源id
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ ResourceIds *string `json:"ResourceIds,omitnil" name:"ResourceIds"`
+
+ // 状态
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Status *int64 `json:"Status,omitnil" name:"Status"`
+
+ // 地域
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Region *int64 `json:"Region,omitnil" name:"Region"`
+
+ // 开始时间
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BeginTime *string `json:"BeginTime,omitnil" name:"BeginTime"`
+
+ // 结束时间
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ EndTime *string `json:"EndTime,omitnil" name:"EndTime"`
+
+ // 申请数量
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ InquireNum *int64 `json:"InquireNum,omitnil" name:"InquireNum"`
+
+ // 使用数量
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ UsedNum *int64 `json:"UsedNum,omitnil" name:"UsedNum"`
+
+ // 续费标志
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ RenewFlag *uint64 `json:"RenewFlag,omitnil" name:"RenewFlag"`
+
+ // 计费项
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BillingItem *string `json:"BillingItem,omitnil" name:"BillingItem"`
+
+ // 护网包状态
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ HWState *int64 `json:"HWState,omitnil" name:"HWState"`
+}
+
// Predefined struct for user
type ModifyAccessPeriodRequestParams struct {
// 访问日志保存期限,范围为[1, 30]
@@ -8167,7 +8351,7 @@ type ModifyDomainIpv6StatusRequestParams struct {
// 需要修改的域名ID
DomainId *string `json:"DomainId,omitnil" name:"DomainId"`
- // 修改域名的Ipv6开关为Status (0:关闭 1:开启)
+ // 修改域名的Ipv6开关为Status (1:开启 2:关闭)
Status *int64 `json:"Status,omitnil" name:"Status"`
}
@@ -8183,7 +8367,7 @@ type ModifyDomainIpv6StatusRequest struct {
// 需要修改的域名ID
DomainId *string `json:"DomainId,omitnil" name:"DomainId"`
- // 修改域名的Ipv6开关为Status (0:关闭 1:开启)
+ // 修改域名的Ipv6开关为Status (1:开启 2:关闭)
Status *int64 `json:"Status,omitnil" name:"Status"`
}
@@ -9588,33 +9772,49 @@ type PeakPointsItem struct {
// Bot qps
BotAccess *uint64 `json:"BotAccess,omitnil" name:"BotAccess"`
- // WAF返回给客户端状态码次数
+ // WAF返回给客户端状态码5xx次数
// 注意:此字段可能返回 null,表示取不到有效值。
StatusServerError *uint64 `json:"StatusServerError,omitnil" name:"StatusServerError"`
- // WAF返回给客户端状态码次数
+ // WAF返回给客户端状态码4xx次数
// 注意:此字段可能返回 null,表示取不到有效值。
StatusClientError *uint64 `json:"StatusClientError,omitnil" name:"StatusClientError"`
- // WAF返回给客户端状态码次数
+ // WAF返回给客户端状态码302次数
// 注意:此字段可能返回 null,表示取不到有效值。
StatusRedirect *uint64 `json:"StatusRedirect,omitnil" name:"StatusRedirect"`
- // WAF返回给客户端状态码次数
+ // WAF返回给客户端状态码202次数
// 注意:此字段可能返回 null,表示取不到有效值。
StatusOk *uint64 `json:"StatusOk,omitnil" name:"StatusOk"`
- // 源站返回给WAF状态码次数
+ // 源站返回给WAF状态码5xx次数
// 注意:此字段可能返回 null,表示取不到有效值。
UpstreamServerError *uint64 `json:"UpstreamServerError,omitnil" name:"UpstreamServerError"`
- // 源站返回给WAF状态码次数
+ // 源站返回给WAF状态码4xx次数
// 注意:此字段可能返回 null,表示取不到有效值。
UpstreamClientError *uint64 `json:"UpstreamClientError,omitnil" name:"UpstreamClientError"`
- // 源站返回给WAF状态码次数
+ // 源站返回给WAF状态码302次数
// 注意:此字段可能返回 null,表示取不到有效值。
UpstreamRedirect *uint64 `json:"UpstreamRedirect,omitnil" name:"UpstreamRedirect"`
+
+ // 黑名单次数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ BlackIP *uint64 `json:"BlackIP,omitnil" name:"BlackIP"`
+
+ // 防篡改次数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Tamper *uint64 `json:"Tamper,omitnil" name:"Tamper"`
+
+ // 信息防泄露次数
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ Leak *uint64 `json:"Leak,omitnil" name:"Leak"`
+
+ // 访问控制
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ ACL *uint64 `json:"ACL,omitnil" name:"ACL"`
}
type PortInfo struct {
@@ -10474,6 +10674,12 @@ type UpsertCCRuleRequestParams struct {
// 添加规则的来源事件id
EventId *string `json:"EventId,omitnil" name:"EventId"`
+
+ // 规则需要启用的SessionID
+ SessionApplied []*int64 `json:"SessionApplied,omitnil" name:"SessionApplied"`
+
+ // 规则ID,新增时填0
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
}
type UpsertCCRuleRequest struct {
@@ -10523,6 +10729,12 @@ type UpsertCCRuleRequest struct {
// 添加规则的来源事件id
EventId *string `json:"EventId,omitnil" name:"EventId"`
+
+ // 规则需要启用的SessionID
+ SessionApplied []*int64 `json:"SessionApplied,omitnil" name:"SessionApplied"`
+
+ // 规则ID,新增时填0
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
}
func (r *UpsertCCRuleRequest) ToJsonString() string {
@@ -10552,6 +10764,8 @@ func (r *UpsertCCRuleRequest) FromJsonString(s string) error {
delete(f, "Edition")
delete(f, "Type")
delete(f, "EventId")
+ delete(f, "SessionApplied")
+ delete(f, "RuleId")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "UpsertCCRuleRequest has unknown keys!", "")
}
@@ -10564,6 +10778,9 @@ type UpsertCCRuleResponseParams struct {
// 注意:此字段可能返回 null,表示取不到有效值。
Data *string `json:"Data,omitnil" name:"Data"`
+ // 操作的RuleId
+ RuleId *int64 `json:"RuleId,omitnil" name:"RuleId"`
+
// 唯一请求 ID,每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
RequestId *string `json:"RequestId,omitnil" name:"RequestId"`
}
@@ -10592,6 +10809,9 @@ type UpsertIpAccessControlRequestParams struct {
// ip 参数列表,json数组由ip,source,note,action,valid_ts组成。ip对应配置的ip地址,source固定为custom值,note为注释,action值42为黑名单,40为白名单,valid_ts为有效日期,值为秒级时间戳((如1680570420代表2023-04-04 09:07:00))
Items []*string `json:"Items,omitnil" name:"Items"`
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
+
// WAF实例类型,sparta-waf表示SAAS型WAF,clb-waf表示负载均衡型WAF
Edition *string `json:"Edition,omitnil" name:"Edition"`
@@ -10608,6 +10828,9 @@ type UpsertIpAccessControlRequest struct {
// ip 参数列表,json数组由ip,source,note,action,valid_ts组成。ip对应配置的ip地址,source固定为custom值,note为注释,action值42为黑名单,40为白名单,valid_ts为有效日期,值为秒级时间戳((如1680570420代表2023-04-04 09:07:00))
Items []*string `json:"Items,omitnil" name:"Items"`
+ // 实例Id
+ InstanceId *string `json:"InstanceId,omitnil" name:"InstanceId"`
+
// WAF实例类型,sparta-waf表示SAAS型WAF,clb-waf表示负载均衡型WAF
Edition *string `json:"Edition,omitnil" name:"Edition"`
@@ -10629,6 +10852,7 @@ func (r *UpsertIpAccessControlRequest) FromJsonString(s string) error {
}
delete(f, "Domain")
delete(f, "Items")
+ delete(f, "InstanceId")
delete(f, "Edition")
delete(f, "SourceType")
if len(f) > 0 {
@@ -10692,6 +10916,12 @@ type UpsertSessionRequestParams struct {
// 版本
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // Session名
+ SessionName *string `json:"SessionName,omitnil" name:"SessionName"`
+
+ // Session对应ID
+ SessionID *int64 `json:"SessionID,omitnil" name:"SessionID"`
}
type UpsertSessionRequest struct {
@@ -10720,6 +10950,12 @@ type UpsertSessionRequest struct {
// 版本
Edition *string `json:"Edition,omitnil" name:"Edition"`
+
+ // Session名
+ SessionName *string `json:"SessionName,omitnil" name:"SessionName"`
+
+ // Session对应ID
+ SessionID *int64 `json:"SessionID,omitnil" name:"SessionID"`
}
func (r *UpsertSessionRequest) ToJsonString() string {
@@ -10742,6 +10978,8 @@ func (r *UpsertSessionRequest) FromJsonString(s string) error {
delete(f, "StartOffset")
delete(f, "EndOffset")
delete(f, "Edition")
+ delete(f, "SessionName")
+ delete(f, "SessionID")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "UpsertSessionRequest has unknown keys!", "")
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index aaa360ad8d..12178c0170 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1252,7 +1252,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717
# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.755
## explicit; go 1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc/v20170312
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.754
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.759
## explicit; go 1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125
# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.725
diff --git a/website/docs/d/waf_instance_qps_limit.html.markdown b/website/docs/d/waf_instance_qps_limit.html.markdown
new file mode 100644
index 0000000000..07898c7eab
--- /dev/null
+++ b/website/docs/d/waf_instance_qps_limit.html.markdown
@@ -0,0 +1,41 @@
+---
+subcategory: "Waf"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_waf_instance_qps_limit"
+sidebar_current: "docs-tencentcloud-datasource-waf_instance_qps_limit"
+description: |-
+ Use this data source to query detailed information of waf instance_qps_limit
+---
+
+# tencentcloud_waf_instance_qps_limit
+
+Use this data source to query detailed information of waf instance_qps_limit
+
+## Example Usage
+
+```hcl
+data "tencentcloud_waf_instance_qps_limit" "example" {
+ instance_id = "waf_2kxtlbky00b3b4qz"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `instance_id` - (Required, String) Unique ID of Instance.
+* `result_output_file` - (Optional, String) Used to save results.
+* `type` - (Optional, String) Instance type.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `qps_data` - Qps info.
+ * `elastic_billing_default` - Elastic qps default value.
+ * `elastic_billing_max` - Maximum elastic qps.
+ * `elastic_billing_min` - Minimum elastic qps.
+ * `qps_extend_intl_max` - Maximum qps of extend package for overseas.
+ * `qps_extend_max` - Maximum qps of extend package.
+
+
diff --git a/website/docs/r/waf_anti_fake.html.markdown b/website/docs/r/waf_anti_fake.html.markdown
new file mode 100644
index 0000000000..f1c58752e4
--- /dev/null
+++ b/website/docs/r/waf_anti_fake.html.markdown
@@ -0,0 +1,52 @@
+---
+subcategory: "Waf"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_waf_anti_fake"
+sidebar_current: "docs-tencentcloud-resource-waf_anti_fake"
+description: |-
+ Provides a resource to create a waf anti_fake
+---
+
+# tencentcloud_waf_anti_fake
+
+Provides a resource to create a waf anti_fake
+
+~> **NOTE:** Uri: Please configure static resources such as. html,. shtml,. txt,. js,. css,. jpg,. png, or access paths for static resources..
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_waf_anti_fake" "example" {
+ domain = "www.waf.com"
+ name = "tf_example"
+ uri = "/anti_fake_url.html"
+ status = 1
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `domain` - (Required, String) Domain.
+* `name` - (Required, String) Name.
+* `uri` - (Required, String) Uri.
+* `status` - (Optional, Int) status. 0: Turn off rules and log switches, 1: Turn on the rule switch and Turn off the log switch; 2: Turn off the rule switch and turn on the log switch;3: Turn on the log switch.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+* `protocol` - protocol.
+* `rule_id` - rule id.
+
+
+## Import
+
+waf anti_fake can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_waf_anti_fake.example 3200035516#www.waf.com
+```
+
diff --git a/website/docs/r/waf_anti_info_leak.html.markdown b/website/docs/r/waf_anti_info_leak.html.markdown
new file mode 100644
index 0000000000..b60049c6f6
--- /dev/null
+++ b/website/docs/r/waf_anti_info_leak.html.markdown
@@ -0,0 +1,61 @@
+---
+subcategory: "Waf"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_waf_anti_info_leak"
+sidebar_current: "docs-tencentcloud-resource-waf_anti_info_leak"
+description: |-
+ Provides a resource to create a waf anti_info_leak
+---
+
+# tencentcloud_waf_anti_info_leak
+
+Provides a resource to create a waf anti_info_leak
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_waf_anti_info_leak" "example" {
+ domain = "tf.example.com"
+ name = "tf_example"
+ action_type = 0
+ strategies {
+ field = "information"
+ content = "phone"
+ }
+ uri = "/anti_info_leak_url"
+ status = 1
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `action_type` - (Required, Int) Rule Action. 0: alarm; 1: replacement; 2: only displaying the first four digits; 3: only displaying the last four digits; 4: blocking.
+* `domain` - (Required, String) Domain.
+* `name` - (Required, String) Rule Name.
+* `strategies` - (Required, List) Strategies detail.
+* `uri` - (Required, String) Uri.
+* `status` - (Optional, Int) status.
+
+The `strategies` object supports the following:
+
+* `content` - (Required, String) Matching Content. If field is returncode support: 400, 403, 404, 4xx, 500, 501, 502, 504, 5xx; If field is information support: idcard, phone, bankcard; If field is keywords users input matching content themselves.
+* `field` - (Required, String) Matching Fields. support: returncode, keywords, information.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+
+
+
+## Import
+
+waf anti_info_leak can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_waf_anti_info_leak.example 3100077499#tf.example.com
+```
+
diff --git a/website/docs/r/waf_clb_domain.html.markdown b/website/docs/r/waf_clb_domain.html.markdown
index 972e3d5c66..f403821a52 100644
--- a/website/docs/r/waf_clb_domain.html.markdown
+++ b/website/docs/r/waf_clb_domain.html.markdown
@@ -76,21 +76,55 @@ resource "tencentcloud_waf_clb_domain" "example" {
}
```
+### Create a complete waf tsegw domain
+
+```hcl
+resource "tencentcloud_waf_clb_domain" "example" {
+ instance_id = "waf_2kxtlbky00b2v1fn"
+ domain = "xxx.com"
+ is_cdn = 0
+ status = 1
+ engine = 12
+ region = "gz"
+ flow_mode = 0
+ alb_type = "tsegw"
+ bot_status = 0
+ api_safe_status = 0
+}
+```
+
+### Create a complete waf apisix domain
+
+```hcl
+resource "tencentcloud_waf_clb_domain" "example" {
+ instance_id = "waf_2kxtlbky00b2v1fn"
+ domain = "xxx.com"
+ is_cdn = 0
+ status = 1
+ engine = 12
+ region = "gz"
+ flow_mode = 0
+ alb_type = "apisix"
+ bot_status = 0
+ api_safe_status = 0
+}
+```
+
## Argument Reference
The following arguments are supported:
* `domain` - (Required, String) Domain name.
* `instance_id` - (Required, String) Instance unique ID.
-* `load_balancer_set` - (Required, List) List of bound LB.
* `region` - (Required, String) Regions of LB bound by domain.
-* `alb_type` - (Optional, String) Load balancer type: clb or apisix, default clbNote: This field may return null, indicating that a valid value cannot be obtained.
+* `alb_type` - (Optional, String) Load balancer type: clb, apisix or tsegw, default clb.
* `api_safe_status` - (Optional, Int) Whether to enable api safe, 1 enable, 0 disable.
* `bot_status` - (Optional, Int) Whether to enable bot, 1 enable, 0 disable.
* `engine` - (Optional, Int) Protection Status: 10: Rule Observation&&AI Off Mode, 11: Rule Observation&&AI Observation Mode, 12: Rule Observation&&AI Interception Mode, 20: Rule Interception&&AI Off Mode, 21: Rule Interception&&AI Observation Mode, 22: Rule Interception&&AI Interception Mode, Default 20.
* `flow_mode` - (Optional, Int) WAF traffic mode, 1 cleaning mode, 0 mirroring mode.
-* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom headerNote: This field may return null, indicating that a valid value cannot be obtained.
+* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom header.
* `is_cdn` - (Optional, Int) Whether a proxy has been enabled before WAF, 0 no deployment, 1 deployment and use first IP in X-Forwarded-For as client IP, 2 deployment and use remote_addr as client IP, 3 deployment and use values of custom headers as client IP.
+* `load_balancer_set` - (Optional, List) List of bound LB.
* `status` - (Optional, Int) Binding status between waf and LB, 0:not bind, 1:binding.
The `load_balancer_set` object supports the following:
@@ -104,8 +138,8 @@ The `load_balancer_set` object supports the following:
* `vip` - (Required, String) LoadBalancer IP.
* `vport` - (Required, Int) LoadBalancer port.
* `zone` - (Required, String) LoadBalancer zone.
-* `load_balancer_type` - (Optional, String) Network type for load balancerNote: This field may return null, indicating that a valid value cannot be obtained.
-* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditionsNote: This field may return null, indicating that a valid value cannot be obtained.
+* `load_balancer_type` - (Optional, String) Network type for load balancer.
+* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions.
## Attributes Reference
diff --git a/website/docs/r/waf_custom_rule.html.markdown b/website/docs/r/waf_custom_rule.html.markdown
index c70e27f89c..bf782263c1 100644
--- a/website/docs/r/waf_custom_rule.html.markdown
+++ b/website/docs/r/waf_custom_rule.html.markdown
@@ -48,10 +48,10 @@ The following arguments are supported:
The `strategies` object supports the following:
-* `arg` - (Required, String) Matching parametersNote: This field may return null, indicating that a valid value cannot be obtained.
-* `compare_func` - (Required, String) Logical symbolNote: This field may return null, indicating that a valid value cannot be obtained.
-* `content` - (Required, String) Matching ContentNote: This field may return null, indicating that a valid value cannot be obtained.
-* `field` - (Required, String) Matching FieldsNote: This field may return null, indicating that a valid value cannot be obtained.
+* `arg` - (Required, String) Matching parameters.
+* `compare_func` - (Required, String) Logical symbol.
+* `content` - (Required, String) Matching Content.
+* `field` - (Required, String) Matching Fields.
## Attributes Reference
diff --git a/website/docs/r/waf_custom_white_rule.html.markdown b/website/docs/r/waf_custom_white_rule.html.markdown
index 199cfea64b..bac4b79813 100644
--- a/website/docs/r/waf_custom_white_rule.html.markdown
+++ b/website/docs/r/waf_custom_white_rule.html.markdown
@@ -46,10 +46,10 @@ The following arguments are supported:
The `strategies` object supports the following:
-* `arg` - (Required, String) Matching parametersNote: This field may return null, indicating that a valid value cannot be obtained.
-* `compare_func` - (Required, String) Logical symbolNote: This field may return null, indicating that a valid value cannot be obtained.
-* `content` - (Required, String) Matching ContentNote: This field may return null, indicating that a valid value cannot be obtained.
-* `field` - (Required, String) Matching FieldsNote: This field may return null, indicating that a valid value cannot be obtained.
+* `arg` - (Required, String) Matching parameters.
+* `compare_func` - (Required, String) Logical symbol.
+* `content` - (Required, String) Matching Content.
+* `field` - (Required, String) Matching Fields.
## Attributes Reference
diff --git a/website/tencentcloud.erb b/website/tencentcloud.erb
index e62975f342..a033ddf8b4 100644
--- a/website/tencentcloud.erb
+++ b/website/tencentcloud.erb
@@ -4955,6 +4955,9 @@
tencentcloud_waf_peak_points
+
+ tencentcloud_waf_instance_qps_limit
+
@@ -4978,6 +4981,12 @@
tencentcloud_waf_saas_instance
+
+ tencentcloud_waf_anti_fake
+
+
+ tencentcloud_waf_anti_info_leak
+