From c91fc5b14c1fa02f8767cba51ac21f071c09a3f6 Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Wed, 19 Feb 2025 17:33:50 +0800 Subject: [PATCH 1/5] add --- tencentcloud/provider.go | 6 +-- .../cfw/resource_tc_cfw_edge_policy.go | 13 ++++++ .../cfw/resource_tc_cfw_edge_policy.md | 6 +-- .../cfw/resource_tc_cfw_nat_policy.go | 36 +++++++++++++++ .../cfw/resource_tc_cfw_nat_policy.md | 7 +-- website/docs/r/cfw_edge_policy.html.markdown | 10 ++--- website/docs/r/cfw_nat_policy.html.markdown | 13 +++--- website/docs/r/waf_clb_domain.html.markdown | 44 +++++++------------ website/docs/r/waf_custom_rule.html.markdown | 5 +-- .../r/waf_custom_white_rule.html.markdown | 43 +++++++++++------- 10 files changed, 118 insertions(+), 65 deletions(-) diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go index 5704ecbe36..d75586aa93 100644 --- a/tencentcloud/provider.go +++ b/tencentcloud/provider.go @@ -2117,9 +2117,9 @@ func Provider() *schema.Provider { "tencentcloud_dlc_bind_work_groups_to_user_attachment": dlc.ResourceTencentCloudDlcBindWorkGroupsToUserAttachment(), "tencentcloud_dlc_update_row_filter_operation": dlc.ResourceTencentCloudDlcUpdateRowFilterOperation(), "tencentcloud_dlc_user_data_engine_config": dlc.ResourceTencentCloudDlcUserDataEngineConfig(), - "tencentcloud_waf_custom_rule": waf.ResourceTencentCloudWafCustomRule(), - "tencentcloud_waf_custom_white_rule": waf.ResourceTencentCloudWafCustomWhiteRule(), - "tencentcloud_waf_clb_domain": waf.ResourceTencentCloudWafClbDomain(), + "tencentcloud_waf_custom_rule": waf.ResourceTencentCloudWafCustomWhiteRule(), + "tencentcloud_waf_clb_domain": waf.ResourceTencentCloudWafCustomRule(), + "tencentcloud_waf_custom_white_rule": waf.ResourceTencentCloudWafClbDomain(), "tencentcloud_waf_saas_domain": waf.ResourceTencentCloudWafSaasDomain(), "tencentcloud_waf_clb_instance": waf.ResourceTencentCloudWafClbInstance(), "tencentcloud_waf_saas_instance": waf.ResourceTencentCloudWafSaasInstance(), diff --git a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go index 9f76ad94c1..817b711c99 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go +++ b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go @@ -94,6 +94,7 @@ func ResourceTencentCloudCfwEdgePolicy() *schema.Resource { }, "param_template_id": { Type: schema.TypeString, + Optional: true, Computed: true, Description: "Parameter template id.", }, @@ -157,6 +158,10 @@ func resourceTencentCloudCfwEdgePolicyCreate(d *schema.ResourceData, meta interf createRuleItem.Scope = helper.String(v.(string)) } + if v, ok := d.GetOk("param_template_id"); ok { + createRuleItem.ParamTemplateId = helper.String(v.(string)) + } + request.Rules = append(request.Rules, &createRuleItem) err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { @@ -251,6 +256,10 @@ func resourceTencentCloudCfwEdgePolicyRead(d *schema.ResourceData, meta interfac _ = d.Set("protocol", edgePolicy.Protocol) } + if edgePolicy.RuleAction != nil { + _ = d.Set("rule_action", edgePolicy.RuleAction) + } + if edgePolicy.Port != nil { _ = d.Set("port", edgePolicy.Port) } @@ -348,6 +357,10 @@ func resourceTencentCloudCfwEdgePolicyUpdate(d *schema.ResourceData, meta interf modifyRuleItem.Scope = helper.String(v.(string)) } + if v, ok := d.GetOk("param_template_id"); ok { + modifyRuleItem.ParamTemplateId = helper.String(v.(string)) + } + request.Rules = append(request.Rules, &modifyRuleItem) err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { diff --git a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.md b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.md index 212f7a96d0..d3238937e7 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.md +++ b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.md @@ -1,4 +1,4 @@ -Provides a resource to create a cfw edge_policy +Provides a resource to create a CFW edge policy Example Usage @@ -38,8 +38,8 @@ resource "tencentcloud_cfw_edge_policy" "example" { Import -cfw edge_policy can be imported using the id, e.g. +CFW edge policy can be imported using the id, e.g. ``` -terraform import tencentcloud_cfw_edge_policy.example edge_policy_id +terraform import tencentcloud_cfw_edge_policy.example 1859582 ``` \ No newline at end of file diff --git a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go index 36ba09d7fc..d3b09d4a7c 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go +++ b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go @@ -85,9 +85,21 @@ func ResourceTencentCloudCfwNatPolicy() *schema.Resource { }, "param_template_id": { Type: schema.TypeString, + Optional: true, Computed: true, Description: "Parameter template id. Note: This field may return null, indicating that no valid value can be obtained.", }, + "internal_uuid": { + Type: schema.TypeInt, + Computed: true, + Description: "Internal ID.", + }, + "scope": { + Type: schema.TypeString, + Optional: true, + Default: "ALL", + Description: "Scope of effective rules. ALL: Global effectiveness; ap-guangzhou: Effective territory; cfwnat-xxx: Effectiveness based on instance dimension.", + }, }, } } @@ -144,6 +156,14 @@ func resourceTencentCloudCfwNatPolicyCreate(d *schema.ResourceData, meta interfa createNatRuleItem.Description = helper.String(v.(string)) } + if v, ok := d.GetOk("param_template_id"); ok { + createNatRuleItem.ParamTemplateId = helper.String(v.(string)) + } + + if v, ok := d.GetOk("scope"); ok { + createNatRuleItem.Scope = helper.String(v.(string)) + } + request.Rules = append(request.Rules, &createNatRuleItem) err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { @@ -212,6 +232,10 @@ func resourceTencentCloudCfwNatPolicyRead(d *schema.ResourceData, meta interface _ = d.Set("protocol", natPolicy.Protocol) } + if natPolicy.RuleAction != nil { + _ = d.Set("rule_action", natPolicy.RuleAction) + } + if natPolicy.Port != nil { _ = d.Set("port", natPolicy.Port) } @@ -240,6 +264,10 @@ func resourceTencentCloudCfwNatPolicyRead(d *schema.ResourceData, meta interface _ = d.Set("param_template_id", natPolicy.ParamTemplateId) } + if natPolicy.InternalUuid != nil { + _ = d.Set("internal_uuid", natPolicy.InternalUuid) + } + return nil } @@ -305,6 +333,14 @@ func resourceTencentCloudCfwNatPolicyUpdate(d *schema.ResourceData, meta interfa modifyRuleItem.Description = helper.String(v.(string)) } + if v, ok := d.GetOk("param_template_id"); ok { + modifyRuleItem.ParamTemplateId = helper.String(v.(string)) + } + + if v, ok := d.GetOk("scope"); ok { + modifyRuleItem.Scope = helper.String(v.(string)) + } + request.Rules = append(request.Rules, &modifyRuleItem) err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { diff --git a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.md b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.md index f32550a666..630267c93c 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.md +++ b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.md @@ -1,4 +1,4 @@ -Provides a resource to create a cfw nat_policy +Provides a resource to create a CFW nat policy Example Usage @@ -14,13 +14,14 @@ resource "tencentcloud_cfw_nat_policy" "example" { direction = 1 enable = "true" description = "policy description." + scope = "ALL" } ``` Import -cfw nat_policy can be imported using the id, e.g. +CFW nat policy can be imported using the id, e.g. ``` -terraform import tencentcloud_cfw_nat_policy.example nat_policy_id +terraform import tencentcloud_cfw_nat_policy.example 134123 ``` \ No newline at end of file diff --git a/website/docs/r/cfw_edge_policy.html.markdown b/website/docs/r/cfw_edge_policy.html.markdown index 3a357bc000..e4e814e821 100644 --- a/website/docs/r/cfw_edge_policy.html.markdown +++ b/website/docs/r/cfw_edge_policy.html.markdown @@ -4,12 +4,12 @@ layout: "tencentcloud" page_title: "TencentCloud: tencentcloud_cfw_edge_policy" sidebar_current: "docs-tencentcloud-resource-cfw_edge_policy" description: |- - Provides a resource to create a cfw edge_policy + Provides a resource to create a CFW edge policy --- # tencentcloud_cfw_edge_policy -Provides a resource to create a cfw edge_policy +Provides a resource to create a CFW edge policy ## Example Usage @@ -61,6 +61,7 @@ The following arguments are supported: * `target_type` - (Required, String) Access purpose type: For inbound rules, the type can be net, instance, tag, template, group; for outbound rules, it can be net, location, vendor, template. * `description` - (Optional, String) Description. * `enable` - (Optional, String) Rule status, true means enabled, false means disabled. Default is true. +* `param_template_id` - (Optional, String) Parameter template id. * `scope` - (Optional, String) Effective range. serial: serial; side: bypass; all: global, Default is all. ## Attributes Reference @@ -68,15 +69,14 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `param_template_id` - Parameter template id. * `uuid` - The unique id corresponding to the rule, no need to fill in when creating the rule. ## Import -cfw edge_policy can be imported using the id, e.g. +CFW edge policy can be imported using the id, e.g. ``` -terraform import tencentcloud_cfw_edge_policy.example edge_policy_id +terraform import tencentcloud_cfw_edge_policy.example 1859582 ``` diff --git a/website/docs/r/cfw_nat_policy.html.markdown b/website/docs/r/cfw_nat_policy.html.markdown index 683ee2dae7..e742cedeb6 100644 --- a/website/docs/r/cfw_nat_policy.html.markdown +++ b/website/docs/r/cfw_nat_policy.html.markdown @@ -4,12 +4,12 @@ layout: "tencentcloud" page_title: "TencentCloud: tencentcloud_cfw_nat_policy" sidebar_current: "docs-tencentcloud-resource-cfw_nat_policy" description: |- - Provides a resource to create a cfw nat_policy + Provides a resource to create a CFW nat policy --- # tencentcloud_cfw_nat_policy -Provides a resource to create a cfw nat_policy +Provides a resource to create a CFW nat policy ## Example Usage @@ -25,6 +25,7 @@ resource "tencentcloud_cfw_nat_policy" "example" { direction = 1 enable = "true" description = "policy description." + scope = "ALL" } ``` @@ -42,21 +43,23 @@ The following arguments are supported: * `target_type` - (Required, String) Access purpose type: For inbound rules, the type can be net, instance, tag, template, group; for outbound rules, it can be net, location, vendor, template. * `description` - (Optional, String) Description. * `enable` - (Optional, String) Rule status, true means enabled, false means disabled. Default is true. +* `param_template_id` - (Optional, String) Parameter template id. Note: This field may return null, indicating that no valid value can be obtained. +* `scope` - (Optional, String) Scope of effective rules. ALL: Global effectiveness; ap-guangzhou: Effective territory; cfwnat-xxx: Effectiveness based on instance dimension. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `param_template_id` - Parameter template id. Note: This field may return null, indicating that no valid value can be obtained. +* `internal_uuid` - Internal ID. * `uuid` - The unique id corresponding to the rule, no need to fill in when creating the rule. ## Import -cfw nat_policy can be imported using the id, e.g. +CFW nat policy can be imported using the id, e.g. ``` -terraform import tencentcloud_cfw_nat_policy.example nat_policy_id +terraform import tencentcloud_cfw_nat_policy.example 134123 ``` diff --git a/website/docs/r/waf_clb_domain.html.markdown b/website/docs/r/waf_clb_domain.html.markdown index 255a9cd028..c0ca49ec70 100644 --- a/website/docs/r/waf_clb_domain.html.markdown +++ b/website/docs/r/waf_clb_domain.html.markdown @@ -114,40 +114,28 @@ resource "tencentcloud_waf_clb_domain" "example" { The following arguments are supported: -* `domain` - (Required, String) Domain name. -* `instance_id` - (Required, String) Instance unique ID. -* `region` - (Required, String) Regions of LB bound by domain. -* `alb_type` - (Optional, String) Load balancer type: clb, apisix or tsegw, default clb. -* `api_safe_status` - (Optional, Int) Whether to enable api safe, 1 enable, 0 disable. -* `bot_status` - (Optional, Int) Whether to enable bot, 1 enable, 0 disable. -* `cls_status` - (Optional, Int) Whether to enable access logs, 1 enable, 0 disable. -* `engine` - (Optional, Int) Protection Status: 10: Rule Observation&&AI Off Mode, 11: Rule Observation&&AI Observation Mode, 12: Rule Observation&&AI Interception Mode, 20: Rule Interception&&AI Off Mode, 21: Rule Interception&&AI Observation Mode, 22: Rule Interception&&AI Interception Mode, Default 20. -* `flow_mode` - (Optional, Int) WAF traffic mode, 1 cleaning mode, 0 mirroring mode. -* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom header. -* `is_cdn` - (Optional, Int) Whether a proxy has been enabled before WAF, 0 no deployment, 1 deployment and use first IP in X-Forwarded-For as client IP, 2 deployment and use remote_addr as client IP, 3 deployment and use values of custom headers as client IP. -* `load_balancer_set` - (Optional, List) List of bound LB. -* `status` - (Optional, Int) Binding status between waf and LB, 0:not bind, 1:binding. - -The `load_balancer_set` object supports the following: - -* `listener_id` - (Required, String) Unique ID of listener in LB. -* `listener_name` - (Required, String) Listener name. -* `load_balancer_id` - (Required, String) LoadBalancer unique ID. -* `load_balancer_name` - (Required, String) LoadBalancer name. -* `protocol` - (Required, String) Protocol of listener, http or https. -* `region` - (Required, String) LoadBalancer region. -* `vip` - (Required, String) LoadBalancer IP. -* `vport` - (Required, Int) LoadBalancer port. -* `zone` - (Required, String) LoadBalancer zone. -* `load_balancer_type` - (Optional, String) Network type for load balancer. -* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions. +* `action_type` - (Required, String) Action type, 1 represents blocking, 2 represents captcha, 3 represents observation, and 4 represents redirection. +* `domain` - (Required, String) Domain name that needs to add policy. +* `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. +* `name` - (Required, String) Rule Name. +* `sort_id` - (Required, String) Priority, value range 0-100. +* `strategies` - (Required, List) Strategies detail. +* `redirect` - (Optional, String) If the action is a redirect, it represents the redirect address; Other situations can be left blank. +* `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. + +The `strategies` object supports the following: + +* `arg` - (Required, String) Matching parameters. +* `compare_func` - (Required, String) Logical symbol. +* `content` - (Required, String) Matching Content. +* `field` - (Required, String) Matching Fields. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `domain_id` - Domain id. +* `rule_id` - rule ID. ## Import diff --git a/website/docs/r/waf_custom_rule.html.markdown b/website/docs/r/waf_custom_rule.html.markdown index e6041c67bd..17c87ddf9d 100644 --- a/website/docs/r/waf_custom_rule.html.markdown +++ b/website/docs/r/waf_custom_rule.html.markdown @@ -37,13 +37,12 @@ resource "tencentcloud_waf_custom_rule" "example" { The following arguments are supported: -* `action_type` - (Required, String) Action type, 1 represents blocking, 2 represents captcha, 3 represents observation, and 4 represents redirection. +* `bypass` - (Required, String) Details of bypass. * `domain` - (Required, String) Domain name that needs to add policy. * `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. * `name` - (Required, String) Rule Name. -* `sort_id` - (Required, String) Priority, value range 0-100. +* `sort_id` - (Required, String) Priority, value range 1-100, The smaller the number, the higher the execution priority of this rule. * `strategies` - (Required, List) Strategies detail. -* `redirect` - (Optional, String) If the action is a redirect, it represents the redirect address; Other situations can be left blank. * `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. The `strategies` object supports the following: diff --git a/website/docs/r/waf_custom_white_rule.html.markdown b/website/docs/r/waf_custom_white_rule.html.markdown index bc76f8b42c..52f6cdabb8 100644 --- a/website/docs/r/waf_custom_white_rule.html.markdown +++ b/website/docs/r/waf_custom_white_rule.html.markdown @@ -36,27 +36,40 @@ resource "tencentcloud_waf_custom_white_rule" "example" { The following arguments are supported: -* `bypass` - (Required, String) Details of bypass. -* `domain` - (Required, String) Domain name that needs to add policy. -* `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. -* `name` - (Required, String) Rule Name. -* `sort_id` - (Required, String) Priority, value range 1-100, The smaller the number, the higher the execution priority of this rule. -* `strategies` - (Required, List) Strategies detail. -* `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. - -The `strategies` object supports the following: - -* `arg` - (Required, String) Matching parameters. -* `compare_func` - (Required, String) Logical symbol. -* `content` - (Required, String) Matching Content. -* `field` - (Required, String) Matching Fields. +* `domain` - (Required, String) Domain name. +* `instance_id` - (Required, String) Instance unique ID. +* `region` - (Required, String) Regions of LB bound by domain. +* `alb_type` - (Optional, String) Load balancer type: clb, apisix or tsegw, default clb. +* `api_safe_status` - (Optional, Int) Whether to enable api safe, 1 enable, 0 disable. +* `bot_status` - (Optional, Int) Whether to enable bot, 1 enable, 0 disable. +* `cls_status` - (Optional, Int) Whether to enable access logs, 1 enable, 0 disable. +* `engine` - (Optional, Int) Protection Status: 10: Rule Observation&&AI Off Mode, 11: Rule Observation&&AI Observation Mode, 12: Rule Observation&&AI Interception Mode, 20: Rule Interception&&AI Off Mode, 21: Rule Interception&&AI Observation Mode, 22: Rule Interception&&AI Interception Mode, Default 20. +* `flow_mode` - (Optional, Int) WAF traffic mode, 1 cleaning mode, 0 mirroring mode. +* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom header. +* `is_cdn` - (Optional, Int) Whether a proxy has been enabled before WAF, 0 no deployment, 1 deployment and use first IP in X-Forwarded-For as client IP, 2 deployment and use remote_addr as client IP, 3 deployment and use values of custom headers as client IP. +* `load_balancer_set` - (Optional, List) List of bound LB. +* `status` - (Optional, Int) Binding status between waf and LB, 0:not bind, 1:binding. + +The `load_balancer_set` object supports the following: + +* `listener_id` - (Required, String) Unique ID of listener in LB. +* `listener_name` - (Required, String) Listener name. +* `load_balancer_id` - (Required, String) LoadBalancer unique ID. +* `load_balancer_name` - (Required, String) LoadBalancer name. +* `protocol` - (Required, String) Protocol of listener, http or https. +* `region` - (Required, String) LoadBalancer region. +* `vip` - (Required, String) LoadBalancer IP. +* `vport` - (Required, Int) LoadBalancer port. +* `zone` - (Required, String) LoadBalancer zone. +* `load_balancer_type` - (Optional, String) Network type for load balancer. +* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `rule_id` - rule ID. +* `domain_id` - Domain id. ## Import From 7cee9ecfd813ccb61e41df8c07c22d3df485bf68 Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Wed, 19 Feb 2025 17:37:23 +0800 Subject: [PATCH 2/5] add --- .changelog/3142.txt | 3 +++ tencentcloud/provider.go | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 .changelog/3142.txt diff --git a/.changelog/3142.txt b/.changelog/3142.txt new file mode 100644 index 0000000000..5362b03039 --- /dev/null +++ b/.changelog/3142.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/tencentcloud_clb_target_group_instance_attachment: operation increases status query +``` diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go index d75586aa93..5704ecbe36 100644 --- a/tencentcloud/provider.go +++ b/tencentcloud/provider.go @@ -2117,9 +2117,9 @@ func Provider() *schema.Provider { "tencentcloud_dlc_bind_work_groups_to_user_attachment": dlc.ResourceTencentCloudDlcBindWorkGroupsToUserAttachment(), "tencentcloud_dlc_update_row_filter_operation": dlc.ResourceTencentCloudDlcUpdateRowFilterOperation(), "tencentcloud_dlc_user_data_engine_config": dlc.ResourceTencentCloudDlcUserDataEngineConfig(), - "tencentcloud_waf_custom_rule": waf.ResourceTencentCloudWafCustomWhiteRule(), - "tencentcloud_waf_clb_domain": waf.ResourceTencentCloudWafCustomRule(), - "tencentcloud_waf_custom_white_rule": waf.ResourceTencentCloudWafClbDomain(), + "tencentcloud_waf_custom_rule": waf.ResourceTencentCloudWafCustomRule(), + "tencentcloud_waf_custom_white_rule": waf.ResourceTencentCloudWafCustomWhiteRule(), + "tencentcloud_waf_clb_domain": waf.ResourceTencentCloudWafClbDomain(), "tencentcloud_waf_saas_domain": waf.ResourceTencentCloudWafSaasDomain(), "tencentcloud_waf_clb_instance": waf.ResourceTencentCloudWafClbInstance(), "tencentcloud_waf_saas_instance": waf.ResourceTencentCloudWafSaasInstance(), From 9caec128fb5d7203fcceb29be7837c99af3364d4 Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Wed, 19 Feb 2025 17:38:48 +0800 Subject: [PATCH 3/5] add --- .changelog/3142.txt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.changelog/3142.txt b/.changelog/3142.txt index 5362b03039..baa243986f 100644 --- a/.changelog/3142.txt +++ b/.changelog/3142.txt @@ -1,3 +1,7 @@ ```release-note:enhancement -resource/tencentcloud_clb_target_group_instance_attachment: operation increases status query +resource/tencentcloud_cfw_edge_policy: Update resource fields and code logic ``` + +```release-note:enhancement +resource/tencentcloud_cfw_nat_policy: Update resource fields and code logic +``` \ No newline at end of file From de557f7ed2307c93376cb1279b8fdaea0b735cdc Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Wed, 19 Feb 2025 17:46:34 +0800 Subject: [PATCH 4/5] add --- website/docs/r/waf_clb_domain.html.markdown | 44 ++++++++++++------- website/docs/r/waf_custom_rule.html.markdown | 5 ++- .../r/waf_custom_white_rule.html.markdown | 43 +++++++----------- 3 files changed, 46 insertions(+), 46 deletions(-) diff --git a/website/docs/r/waf_clb_domain.html.markdown b/website/docs/r/waf_clb_domain.html.markdown index c0ca49ec70..255a9cd028 100644 --- a/website/docs/r/waf_clb_domain.html.markdown +++ b/website/docs/r/waf_clb_domain.html.markdown @@ -114,28 +114,40 @@ resource "tencentcloud_waf_clb_domain" "example" { The following arguments are supported: -* `action_type` - (Required, String) Action type, 1 represents blocking, 2 represents captcha, 3 represents observation, and 4 represents redirection. -* `domain` - (Required, String) Domain name that needs to add policy. -* `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. -* `name` - (Required, String) Rule Name. -* `sort_id` - (Required, String) Priority, value range 0-100. -* `strategies` - (Required, List) Strategies detail. -* `redirect` - (Optional, String) If the action is a redirect, it represents the redirect address; Other situations can be left blank. -* `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. - -The `strategies` object supports the following: - -* `arg` - (Required, String) Matching parameters. -* `compare_func` - (Required, String) Logical symbol. -* `content` - (Required, String) Matching Content. -* `field` - (Required, String) Matching Fields. +* `domain` - (Required, String) Domain name. +* `instance_id` - (Required, String) Instance unique ID. +* `region` - (Required, String) Regions of LB bound by domain. +* `alb_type` - (Optional, String) Load balancer type: clb, apisix or tsegw, default clb. +* `api_safe_status` - (Optional, Int) Whether to enable api safe, 1 enable, 0 disable. +* `bot_status` - (Optional, Int) Whether to enable bot, 1 enable, 0 disable. +* `cls_status` - (Optional, Int) Whether to enable access logs, 1 enable, 0 disable. +* `engine` - (Optional, Int) Protection Status: 10: Rule Observation&&AI Off Mode, 11: Rule Observation&&AI Observation Mode, 12: Rule Observation&&AI Interception Mode, 20: Rule Interception&&AI Off Mode, 21: Rule Interception&&AI Observation Mode, 22: Rule Interception&&AI Interception Mode, Default 20. +* `flow_mode` - (Optional, Int) WAF traffic mode, 1 cleaning mode, 0 mirroring mode. +* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom header. +* `is_cdn` - (Optional, Int) Whether a proxy has been enabled before WAF, 0 no deployment, 1 deployment and use first IP in X-Forwarded-For as client IP, 2 deployment and use remote_addr as client IP, 3 deployment and use values of custom headers as client IP. +* `load_balancer_set` - (Optional, List) List of bound LB. +* `status` - (Optional, Int) Binding status between waf and LB, 0:not bind, 1:binding. + +The `load_balancer_set` object supports the following: + +* `listener_id` - (Required, String) Unique ID of listener in LB. +* `listener_name` - (Required, String) Listener name. +* `load_balancer_id` - (Required, String) LoadBalancer unique ID. +* `load_balancer_name` - (Required, String) LoadBalancer name. +* `protocol` - (Required, String) Protocol of listener, http or https. +* `region` - (Required, String) LoadBalancer region. +* `vip` - (Required, String) LoadBalancer IP. +* `vport` - (Required, Int) LoadBalancer port. +* `zone` - (Required, String) LoadBalancer zone. +* `load_balancer_type` - (Optional, String) Network type for load balancer. +* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `rule_id` - rule ID. +* `domain_id` - Domain id. ## Import diff --git a/website/docs/r/waf_custom_rule.html.markdown b/website/docs/r/waf_custom_rule.html.markdown index 17c87ddf9d..e6041c67bd 100644 --- a/website/docs/r/waf_custom_rule.html.markdown +++ b/website/docs/r/waf_custom_rule.html.markdown @@ -37,12 +37,13 @@ resource "tencentcloud_waf_custom_rule" "example" { The following arguments are supported: -* `bypass` - (Required, String) Details of bypass. +* `action_type` - (Required, String) Action type, 1 represents blocking, 2 represents captcha, 3 represents observation, and 4 represents redirection. * `domain` - (Required, String) Domain name that needs to add policy. * `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. * `name` - (Required, String) Rule Name. -* `sort_id` - (Required, String) Priority, value range 1-100, The smaller the number, the higher the execution priority of this rule. +* `sort_id` - (Required, String) Priority, value range 0-100. * `strategies` - (Required, List) Strategies detail. +* `redirect` - (Optional, String) If the action is a redirect, it represents the redirect address; Other situations can be left blank. * `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. The `strategies` object supports the following: diff --git a/website/docs/r/waf_custom_white_rule.html.markdown b/website/docs/r/waf_custom_white_rule.html.markdown index 52f6cdabb8..bc76f8b42c 100644 --- a/website/docs/r/waf_custom_white_rule.html.markdown +++ b/website/docs/r/waf_custom_white_rule.html.markdown @@ -36,40 +36,27 @@ resource "tencentcloud_waf_custom_white_rule" "example" { The following arguments are supported: -* `domain` - (Required, String) Domain name. -* `instance_id` - (Required, String) Instance unique ID. -* `region` - (Required, String) Regions of LB bound by domain. -* `alb_type` - (Optional, String) Load balancer type: clb, apisix or tsegw, default clb. -* `api_safe_status` - (Optional, Int) Whether to enable api safe, 1 enable, 0 disable. -* `bot_status` - (Optional, Int) Whether to enable bot, 1 enable, 0 disable. -* `cls_status` - (Optional, Int) Whether to enable access logs, 1 enable, 0 disable. -* `engine` - (Optional, Int) Protection Status: 10: Rule Observation&&AI Off Mode, 11: Rule Observation&&AI Observation Mode, 12: Rule Observation&&AI Interception Mode, 20: Rule Interception&&AI Off Mode, 21: Rule Interception&&AI Observation Mode, 22: Rule Interception&&AI Interception Mode, Default 20. -* `flow_mode` - (Optional, Int) WAF traffic mode, 1 cleaning mode, 0 mirroring mode. -* `ip_headers` - (Optional, List: [`String`]) When is_cdn=3, this parameter needs to be filled in to indicate a custom header. -* `is_cdn` - (Optional, Int) Whether a proxy has been enabled before WAF, 0 no deployment, 1 deployment and use first IP in X-Forwarded-For as client IP, 2 deployment and use remote_addr as client IP, 3 deployment and use values of custom headers as client IP. -* `load_balancer_set` - (Optional, List) List of bound LB. -* `status` - (Optional, Int) Binding status between waf and LB, 0:not bind, 1:binding. - -The `load_balancer_set` object supports the following: - -* `listener_id` - (Required, String) Unique ID of listener in LB. -* `listener_name` - (Required, String) Listener name. -* `load_balancer_id` - (Required, String) LoadBalancer unique ID. -* `load_balancer_name` - (Required, String) LoadBalancer name. -* `protocol` - (Required, String) Protocol of listener, http or https. -* `region` - (Required, String) LoadBalancer region. -* `vip` - (Required, String) LoadBalancer IP. -* `vport` - (Required, Int) LoadBalancer port. -* `zone` - (Required, String) LoadBalancer zone. -* `load_balancer_type` - (Optional, String) Network type for load balancer. -* `numerical_vpc_id` - (Optional, Int) VPCID for load balancer, public network is -1, and internal network is filled in according to actual conditions. +* `bypass` - (Required, String) Details of bypass. +* `domain` - (Required, String) Domain name that needs to add policy. +* `expire_time` - (Required, String) Expiration time, measured in seconds, such as 1677254399, which means the expiration time is 2023-02-24 23:59:59 0 means never expires. +* `name` - (Required, String) Rule Name. +* `sort_id` - (Required, String) Priority, value range 1-100, The smaller the number, the higher the execution priority of this rule. +* `strategies` - (Required, List) Strategies detail. +* `status` - (Optional, String) The status of the switch, 1 is on, 0 is off, default 1. + +The `strategies` object supports the following: + +* `arg` - (Required, String) Matching parameters. +* `compare_func` - (Required, String) Logical symbol. +* `content` - (Required, String) Matching Content. +* `field` - (Required, String) Matching Fields. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `id` - ID of the resource. -* `domain_id` - Domain id. +* `rule_id` - rule ID. ## Import From fab61e4b3800bc226552c045c5d303d52d182e9c Mon Sep 17 00:00:00 2001 From: SevenEarth <391613297@qq.com> Date: Fri, 21 Feb 2025 18:40:30 +0800 Subject: [PATCH 5/5] add --- tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go | 2 +- tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go index 817b711c99..6c6de3e1b6 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go +++ b/tencentcloud/services/cfw/resource_tc_cfw_edge_policy.go @@ -88,7 +88,7 @@ func ResourceTencentCloudCfwEdgePolicy() *schema.Resource { "scope": { Type: schema.TypeString, Optional: true, - Default: POLICY_SCOPE_ALL, + Computed: true, ValidateFunc: tccommon.ValidateAllowedStringValue(POLICY_SCOPE), Description: "Effective range. serial: serial; side: bypass; all: global, Default is all.", }, diff --git a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go index d3b09d4a7c..e6cdbc262e 100644 --- a/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go +++ b/tencentcloud/services/cfw/resource_tc_cfw_nat_policy.go @@ -97,7 +97,7 @@ func ResourceTencentCloudCfwNatPolicy() *schema.Resource { "scope": { Type: schema.TypeString, Optional: true, - Default: "ALL", + Computed: true, Description: "Scope of effective rules. ALL: Global effectiveness; ap-guangzhou: Effective territory; cfwnat-xxx: Effectiveness based on instance dimension.", }, },