feat/csip

go.mod

@@ -46,7 +46,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.847
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.711
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.849
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.692
@@ -108,7 +108,7 @@ require (
 require (
 	github.com/hashicorp/go-uuid v1.0.3
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdwpg v1.0.772
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.849
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.853
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dasb v1.0.798
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/oceanus v1.0.831
 	github.com/wI2L/jsondiff v0.3.0

go.sum

@@ -956,8 +956,12 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.847 h1:ITZm
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.847/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.849 h1:ieRAJU2lnAcaDK25W29C9R7iyR5IR4E+5DujRfu5wls=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.849/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853 h1:TNYjF1jDLLNTirAkq7zRT9iF9xC2ZjgwpXsVSEBQvgQ=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.849 h1:Q48wD8VMYTjasH0yAqCIoSkiIwtge3Gzem5pmJx9h54=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.849/go.mod h1:lTyS8mn+Au4aWFFHFsTmyAFYW5mxylw366QBJ0040eU=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.853 h1:Ofgedv4BWvDYX1Ff/5H2wYShan8mC1OtaHQJq+rG0pE=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.853/go.mod h1:iDYmWmDEfR74RzWU5kO1UWFsWu/c0pMtEtnoWRMvaJQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624 h1:nEZqsoqt1pEoaP9JjkHQy3/H00suCfzlHW1qOm2nYD8=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624/go.mod h1:+TXSVyeKwt1IhZRqKPbTREteBcP+K07Q846/ilNzLWA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762 h1:2egy69SP/wPsmnfozcQVZ6tUY6F6N/TpEe/7xtXrc/8=

tencentcloud/services/csip/resource_tc_csip_risk_center.go

@@ -38,14 +38,9 @@ func ResourceTencentCloudCsipRiskCenter() *schema.Resource {
 				Elem:        &schema.Schema{Type: schema.TypeString},
 				Description: "Scan Project. Example: port/poc/weakpass/webcontent/configrisk/exposedserver.",
 			},
-			"scan_plan_type": {
-				Required:     true,
-				Type:         schema.TypeInt,
-				ValidateFunc: tccommon.ValidateAllowedIntValue(SCAN_PLAN_TYPE),
-				Description:  "0- Periodic task,1- immediate scan,2- periodic scan,3- Custom; 0,2, and 3 are required for ScanPlanContent.",
-			},
 			"assets": {
 				Optional:    true,
+				Computed:    true,
 				Type:        schema.TypeList,
 				Description: "Scan the asset information list.",
 				Elem: &schema.Resource{
@@ -95,9 +90,9 @@ func ResourceTencentCloudCsipRiskCenter() *schema.Resource {
 				Description: "Ip/domain/url array.",
 			},
 			"scan_from": {
-				Optional:    true,
+				Computed:    true,
 				Type:        schema.TypeString,
-				Description: "Request origin. The default value vss indicates the vulnerability scanning service. Users of the cloud security center please fill in the csip.",
+				Description: "Request origin.",
 			},
 			"task_advance_cfg": {
 				Optional:    true,
@@ -106,6 +101,35 @@ func ResourceTencentCloudCsipRiskCenter() *schema.Resource {
 				Description: "Advanced configuration.",
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"port_risk": {
+							Type:        schema.TypeList,
+							Optional:    true,
+							Description: "Advanced Port Risk Configuration.",
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"port_sets": {
+										Type:        schema.TypeString,
+										Required:    true,
+										Description: "Port collection, separated by commas.",
+									},
+									"check_type": {
+										Type:        schema.TypeInt,
+										Required:    true,
+										Description: "Detection item type, 0-system defined, 1-user-defined.",
+									},
+									"detail": {
+										Type:        schema.TypeString,
+										Required:    true,
+										Description: "Description of detection items.",
+									},
+									"enable": {
+										Type:        schema.TypeInt,
+										Required:    true,
+										Description: "Whether to enable, 0- No, 1- Enable.",
+									},
+								},
+							},
+						},
 						"vul_risk": {
 							Type:        schema.TypeList,
 							Optional:    true,
@@ -211,9 +235,7 @@ func resourceTencentCloudCsipRiskCenterCreate(d *schema.ResourceData, meta inter
 		}
 	}
 
-	if v, ok := d.GetOkExists("scan_plan_type"); ok {
-		request.ScanPlanType = helper.IntInt64(v.(int))
-	}
+	request.ScanPlanType = helper.IntInt64(1)
 
 	if v, ok := d.GetOk("assets"); ok {
 		for _, item := range v.([]interface{}) {
@@ -261,9 +283,7 @@ func resourceTencentCloudCsipRiskCenterCreate(d *schema.ResourceData, meta inter
 		}
 	}
 
-	if v, ok := d.GetOk("scan_from"); ok {
-		request.ScanFrom = helper.String(v.(string))
-	}
+	request.ScanFrom = helper.String("csip")
 
 	if dMap, ok := helper.InterfacesHeadMap(d, "task_advance_cfg"); ok {
 		taskAdvanceCFG := csip.TaskAdvanceCFG{}
@@ -278,7 +298,6 @@ func resourceTencentCloudCsipRiskCenterCreate(d *schema.ResourceData, meta inter
 				if v, ok := vulRiskMap["enable"]; ok {
 					taskCenterVulRiskInputParam.Enable = helper.IntInt64(v.(int))
 				}
-
 				taskAdvanceCFG.VulRisk = append(taskAdvanceCFG.VulRisk, &taskCenterVulRiskInputParam)
 			}
 		}
@@ -362,7 +381,7 @@ func resourceTencentCloudCsipRiskCenterCreate(d *schema.ResourceData, meta inter
 		},
 	}
 
-	err = resource.Retry(tccommon.ReadRetryTimeout*5, func() *resource.RetryError {
+	err = resource.Retry(tccommon.ReadRetryTimeout*40, func() *resource.RetryError {
 		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseCsipClient().DescribeScanTaskList(waitRequest)
 		if e != nil {
 			return tccommon.RetryError(e)
@@ -424,10 +443,6 @@ func resourceTencentCloudCsipRiskCenterRead(d *schema.ResourceData, meta interfa
 		_ = d.Set("scan_item", riskCenter.ScanItem)
 	}
 
-	if riskCenter.TaskType != nil {
-		_ = d.Set("scan_plan_type", riskCenter.TaskType)
-	}
-
 	if riskCenter.Assets != nil {
 		assetsList := []interface{}{}
 		for _, assets := range riskCenter.Assets {
@@ -493,14 +508,6 @@ func resourceTencentCloudCsipRiskCenterUpdate(d *schema.ResourceData, meta inter
 		taskId  = d.Id()
 	)
 
-	immutableArgs := []string{"scan_from"}
-
-	for _, v := range immutableArgs {
-		if d.HasChange(v) {
-			return fmt.Errorf("argument `%s` cannot be changed", v)
-		}
-	}
-
 	request.TaskId = &taskId
 
 	if v, ok := d.GetOk("task_name"); ok {

tencentcloud/services/csip/resource_tc_csip_risk_center.md

@@ -2,38 +2,75 @@ Provides a resource to create a csip risk_center
 
 Example Usage
 
+If task_mode is 0
+
+```hcl
+resource "tencentcloud_csip_risk_center" "example" {
+  task_name         = "tf_example"
+  scan_asset_type   = 1
+  scan_item         = ["port", "poc", "weakpass"]
+  scan_plan_content = "46 51 16 */1 * * *"
+  task_mode         = 0
+
+  assets {
+    asset_name    = "iac-test"
+    instance_type = "1"
+    asset_type    = "PublicIp"
+    asset         = "49.232.172.248"
+    region        = "ap-beijing"
+  }
+}
+```
+
+If task_mode is 1
+
+```hcl
+resource "tencentcloud_csip_risk_center" "example" {
+  task_name         = "tf_example"
+  scan_asset_type   = 3
+  scan_item         = ["port", "poc"]
+  scan_plan_type    = 0
+  scan_plan_content = "46 51 16 */1 * * *"
+  task_mode         = 1
+}
+```
+
+If task_mode is 2
+
 ```hcl
 resource "tencentcloud_csip_risk_center" "example" {
   task_name       = "tf_example"
-  scan_asset_type = 0
-  scan_item       = []
-  scan_plan_type  = 1
+  scan_asset_type = 2
+  scan_item       = ["port", "poc"]
+  task_mode       = 2
+
+  assets {
+    asset_name    = "iac-test"
+    instance_type = "1"
+    asset_type    = "PublicIp"
+    asset         = "49.232.172.248"
+    region        = "ap-beijing"
+  }
+
   assets {
-    asset_name    = ""
-    instance_type = ""
-    asset_type    = ""
-    asset         = ""
-    region        = ""
-    arn           = ""
+    asset_name    = "iac-test"
+    instance_type = "POSTGRES"
+    asset_type    = "Db"
+    asset         = "postgres-fnexv5bj"
+    region        = "ap-guangzhou"
   }
-  scan_plan_content    = ""
-  self_defining_assets = []
-  scan_from            = ""
+
   task_advance_cfg {
-    vul_risk {
-      risk_id = ""
-      enable  = 0
-    }
-    weak_pwd_risk {
-      check_item_id = ""
-      enable        = 0
+    port_risk {
+      check_type = 0
+      detail     = "22、8080、80、443、3380、3389常见流量端口"
+      port_sets  = "常见端口"
+      enable     = 1
     }
-    cfg_risk {
-      item_id       = ""
-      enable        = 0
-      resource_type = ""
+    vul_risk {
+      risk_id = "b52a4fcc1f24fa323b87cc41f370aa43"
+      enable  = 1
     }
   }
-  task_mode = 0
 }
 ```

tencentcloud/services/csip/resource_tc_csip_risk_center_test.go

@@ -38,36 +38,11 @@ func TestAccTencentCloudCsipRiskCenterResource_basic(t *testing.T) {
 
 const testAccCsipRiskCenter = `
 resource "tencentcloud_csip_risk_center" "example" {
-  task_name       = "tf_example"
-  scan_asset_type = 0
-  scan_item       = []
-  scan_plan_type  = 1
-  assets {
-    asset_name    = ""
-    instance_type = ""
-    asset_type    = ""
-    asset         = ""
-    region        = ""
-    arn           = ""
-  }
-  scan_plan_content    = ""
-  self_defining_assets = []
-  scan_from            = ""
-  task_advance_cfg {
-    vul_risk {
-      risk_id = ""
-      enable  = 0
-    }
-    weak_pwd_risk {
-      check_item_id = ""
-      enable        = 0
-    }
-    cfg_risk {
-      item_id       = ""
-      enable        = 0
-      resource_type = ""
-    }
-  }
-  task_mode = 0
+  task_name         = "tf_example"
+  scan_asset_type   = 3
+  scan_item         = ["port", "poc"]
+  scan_plan_type    = 0
+  scan_plan_content = "46 51 16 */1 * * *"
+  task_mode         = 1
 }
 `

vendor/modules.txt

@@ -1157,15 +1157,15 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit/v20190319
 # github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.711
 ## explicit; go 1.14
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls/v20201016
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.849
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853
 ## explicit; go 1.11
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/regions
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.849
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.853
 ## explicit; go 1.14
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip/v20221121
 # github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624