diff --git a/.changelog/3366.txt b/.changelog/3366.txt new file mode 100644 index 0000000000..162f1b0b45 --- /dev/null +++ b/.changelog/3366.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/tencentcloud_waf_cc: support `limit_method` +``` diff --git a/tencentcloud/services/waf/resource_tc_waf_cc.go b/tencentcloud/services/waf/resource_tc_waf_cc.go index 00db8bed6c..f7c70577c8 100644 --- a/tencentcloud/services/waf/resource_tc_waf_cc.go +++ b/tencentcloud/services/waf/resource_tc_waf_cc.go @@ -114,6 +114,11 @@ func ResourceTencentCloudWafCc() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeInt}, Description: "Session ID that needs to be enabled for the rule.", }, + "limit_method": { + Optional: true, + Type: schema.TypeString, + Description: "Frequency limiting method.", + }, "rule_id": { Computed: true, Type: schema.TypeString, @@ -201,11 +206,17 @@ func resourceTencentCloudWafCcCreate(d *schema.ResourceData, meta interface{}) e if v, ok := d.GetOk("session_applied"); ok { sessionAppliedSet := v.(*schema.Set).List() for i := range sessionAppliedSet { - sessionApplied := sessionAppliedSet[i].(int) - request.SessionApplied = append(request.SessionApplied, helper.IntInt64(sessionApplied)) + if sessionAppliedSet[i] != nil { + sessionApplied := sessionAppliedSet[i].(int) + request.SessionApplied = append(request.SessionApplied, helper.IntInt64(sessionApplied)) + } } } + if v, ok := d.GetOk("limit_method"); ok { + request.LimitMethod = helper.String(v.(string)) + } + request.RuleId = helper.IntInt64(0) err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().UpsertCCRule(request) @@ -215,9 +226,8 @@ func resourceTencentCloudWafCcCreate(d *schema.ResourceData, meta interface{}) e log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) } - if result == nil || result.Response.RuleId == nil { - e = fmt.Errorf("waf cc failed not exists") - return resource.NonRetryableError(e) + if result == nil || result.Response == nil || result.Response.RuleId == nil { + return resource.NonRetryableError(fmt.Errorf("Create waf cc failed, Response is nil.")) } response = result @@ -313,14 +323,6 @@ func resourceTencentCloudWafCcRead(d *schema.ResourceData, meta interface{}) err if cc.Options != nil { _ = d.Set("options_arr", cc.Options) } - // - //if cc.Edition != nil { - // _ = d.Set("edition", cc.Edition) - //} - // - //if cc.Type != nil { - // _ = d.Set("type", cc.Type) - //} if cc.EventId != nil { _ = d.Set("event_id", cc.EventId) @@ -330,6 +332,10 @@ func resourceTencentCloudWafCcRead(d *schema.ResourceData, meta interface{}) err _ = d.Set("session_applied", cc.SessionApplied) } + if cc.LimitMethod != nil { + _ = d.Set("limit_method", cc.LimitMethod) + } + if cc.RuleId != nil { ruleIdStr := strconv.FormatUint(*cc.RuleId, 10) _ = d.Set("rule_id", ruleIdStr) @@ -428,6 +434,10 @@ func resourceTencentCloudWafCcUpdate(d *schema.ResourceData, meta interface{}) e } } + if v, ok := d.GetOk("limit_method"); ok { + request.LimitMethod = helper.String(v.(string)) + } + err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().UpsertCCRule(request) if e != nil { diff --git a/tencentcloud/services/waf/resource_tc_waf_cc.md b/tencentcloud/services/waf/resource_tc_waf_cc.md index a8e694eb1f..8a19d59b49 100644 --- a/tencentcloud/services/waf/resource_tc_waf_cc.md +++ b/tencentcloud/services/waf/resource_tc_waf_cc.md @@ -1,4 +1,4 @@ -Provides a resource to create a waf cc +Provides a resource to create a WAF cc Example Usage diff --git a/tencentcloud/services/waf/service_tencentcloud_waf.go b/tencentcloud/services/waf/service_tencentcloud_waf.go index 823768ace3..486a2bca24 100644 --- a/tencentcloud/services/waf/service_tencentcloud_waf.go +++ b/tencentcloud/services/waf/service_tencentcloud_waf.go @@ -1259,6 +1259,7 @@ func (me *WafService) DescribeWafCcById(ctx context.Context, domain, ruleId stri logId := tccommon.GetLogId(ctx) request := waf.NewDescribeCCRuleListRequest() + response := waf.NewDescribeCCRuleListResponse() request.Domain = &domain request.Filters = []*waf.FiltersItemNew{ { @@ -1277,17 +1278,29 @@ func (me *WafService) DescribeWafCcById(ctx context.Context, domain, ruleId stri } }() - ratelimit.Check(request.GetAction()) + err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError { + ratelimit.Check(request.GetAction()) + result, e := me.client.UseWafClient().DescribeCCRuleList(request) + if e != nil { + return tccommon.RetryError(e) + } else { + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) + } + + if result == nil || result.Response == nil || result.Response.Data == nil { + return resource.NonRetryableError(fmt.Errorf("Response is nil.")) + } + + response = result + return nil + }) - response, err := me.client.UseWafClient().DescribeCCRuleList(request) if err != nil { errRet = err return } - log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString()) - - if response == nil || len(response.Response.Data.Res) != 1 { + if len(response.Response.Data.Res) != 1 { return } @@ -1310,16 +1323,23 @@ func (me *WafService) DeleteWafCcById(ctx context.Context, domain, ruleId, name } }() - ratelimit.Check(request.GetAction()) + err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError { + ratelimit.Check(request.GetAction()) + result, e := me.client.UseWafClient().DeleteCCRule(request) + if e != nil { + return tccommon.RetryError(e) + } else { + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) + } + + return nil + }) - response, err := me.client.UseWafClient().DeleteCCRule(request) if err != nil { errRet = err return } - log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString()) - return } diff --git a/website/docs/r/waf_cc.html.markdown b/website/docs/r/waf_cc.html.markdown index cd050b1357..41f9f549a2 100644 --- a/website/docs/r/waf_cc.html.markdown +++ b/website/docs/r/waf_cc.html.markdown @@ -4,12 +4,12 @@ layout: "tencentcloud" page_title: "TencentCloud: tencentcloud_waf_cc" sidebar_current: "docs-tencentcloud-resource-waf_cc" description: |- - Provides a resource to create a waf cc + Provides a resource to create a WAF cc --- # tencentcloud_waf_cc -Provides a resource to create a waf cc +Provides a resource to create a WAF cc ## Example Usage @@ -58,6 +58,7 @@ The following arguments are supported: * `url` - (Required, String) Detection URL. * `valid_time` - (Required, Int) Action ValidTime, minute unit. Min: 60, Max: 604800. * `event_id` - (Optional, String) Event ID. +* `limit_method` - (Optional, String) Frequency limiting method. * `options_arr` - (Optional, String) JSON serialized string of CC matching conditions, example:[{\"key\":\"Method\",\"args\":[\"=R0VU\"],\"match\":\"0\",\"encodeflag\":true}] Key optional values are Method, Post, Referer, Cookie, User-Agent, CustomHeader Match optional values are, when Key is Method, optional values are 0 (equal), 3 (not equal).