Docs Home
flexibleengine 1.46.0 published on Monday, Apr 14, 2025 by flexibleenginecloud
flexibleengine.WafDomain
Explore with Pulumi AI
flexibleengine 1.46.0 published on Monday, Apr 14, 2025 by flexibleenginecloud
Manages a WAF domain resource within FlexibleEngine.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as flexibleengine from "@pulumi/flexibleengine";
const certificate1 = new flexibleengine.WafCertificate("certificate1", {
certificate: `-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
`,
privateKey: `-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
`,
});
const domain1 = new flexibleengine.WafDomain("domain1", {
domain: "www.example.com",
certificateId: certificate1.wafCertificateId,
proxy: true,
sipHeaderName: "default",
sipHeaderLists: ["X-Forwarded-For"],
servers: [{
clientProtocol: "HTTPS",
serverProtocol: "HTTP",
address: "90.84.181.77",
port: 8080,
}],
});
import pulumi
import pulumi_flexibleengine as flexibleengine
certificate1 = flexibleengine.WafCertificate("certificate1",
certificate="""-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
""",
private_key="""-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
""")
domain1 = flexibleengine.WafDomain("domain1",
domain="www.example.com",
certificate_id=certificate1.waf_certificate_id,
proxy=True,
sip_header_name="default",
sip_header_lists=["X-Forwarded-For"],
servers=[{
"client_protocol": "HTTPS",
"server_protocol": "HTTP",
"address": "90.84.181.77",
"port": 8080,
}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/flexibleengine/flexibleengine"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
certificate1, err := flexibleengine.NewWafCertificate(ctx, "certificate1", &flexibleengine.WafCertificateArgs{
Certificate: pulumi.String(`-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
`),
PrivateKey: pulumi.String(`-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
`),
})
if err != nil {
return err
}
_, err = flexibleengine.NewWafDomain(ctx, "domain1", &flexibleengine.WafDomainArgs{
Domain: pulumi.String("www.example.com"),
CertificateId: certificate1.WafCertificateId,
Proxy: pulumi.Bool(true),
SipHeaderName: pulumi.String("default"),
SipHeaderLists: pulumi.StringArray{
pulumi.String("X-Forwarded-For"),
},
Servers: flexibleengine.WafDomainServerArray{
&flexibleengine.WafDomainServerArgs{
ClientProtocol: pulumi.String("HTTPS"),
ServerProtocol: pulumi.String("HTTP"),
Address: pulumi.String("90.84.181.77"),
Port: pulumi.Float64(8080),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Flexibleengine = Pulumi.Flexibleengine;
return await Deployment.RunAsync(() =>
{
var certificate1 = new Flexibleengine.WafCertificate("certificate1", new()
{
Certificate = @"-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
",
PrivateKey = @"-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
",
});
var domain1 = new Flexibleengine.WafDomain("domain1", new()
{
Domain = "www.example.com",
CertificateId = certificate1.WafCertificateId,
Proxy = true,
SipHeaderName = "default",
SipHeaderLists = new[]
{
"X-Forwarded-For",
},
Servers = new[]
{
new Flexibleengine.Inputs.WafDomainServerArgs
{
ClientProtocol = "HTTPS",
ServerProtocol = "HTTP",
Address = "90.84.181.77",
Port = 8080,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.flexibleengine.WafCertificate;
import com.pulumi.flexibleengine.WafCertificateArgs;
import com.pulumi.flexibleengine.WafDomain;
import com.pulumi.flexibleengine.WafDomainArgs;
import com.pulumi.flexibleengine.inputs.WafDomainServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var certificate1 = new WafCertificate("certificate1", WafCertificateArgs.builder()
.certificate("""
-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
""")
.privateKey("""
-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
""")
.build());
var domain1 = new WafDomain("domain1", WafDomainArgs.builder()
.domain("www.example.com")
.certificateId(certificate1.wafCertificateId())
.proxy(true)
.sipHeaderName("default")
.sipHeaderLists("X-Forwarded-For")
.servers(WafDomainServerArgs.builder()
.clientProtocol("HTTPS")
.serverProtocol("HTTP")
.address("90.84.181.77")
.port("8080")
.build())
.build());
}
}
resources:
certificate1:
type: flexibleengine:WafCertificate
properties:
certificate: |
-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUN3w1KX8/T/HWVxZIOdHXPhUOnsAwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
...
dKvZbPEsygYRIjwyhHHUh/YXH8KDI/uu6u6AxDckQ3rP1BkkKXr5NPBGjVgM3ZI=
-----END CERTIFICATE-----
privateKey: |
-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC+9uwFVenCdPD9
5LWSWMuy4riZW718wxBpYV5Y9N8nM7N0qZLLdpImZrzBbaBldTI+AZGI3Nupuurw
...
s9urs/Kk/tbQhsEvu0X8FyGwo0zH6rG8apTFTlac+v4mJ4vlpxSvT5+FW2lgLISE
+4sM7kp0qO3/p+45HykwBY5iHq3H
-----END PRIVATE KEY-----
domain1:
type: flexibleengine:WafDomain
properties:
domain: www.example.com
certificateId: ${certificate1.wafCertificateId}
proxy: true
sipHeaderName: default
sipHeaderLists:
- X-Forwarded-For
servers:
- clientProtocol: HTTPS
serverProtocol: HTTP
address: 90.84.181.77
port: '8080'
Create WafDomain Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new WafDomain(name: string, args: WafDomainArgs, opts?: CustomResourceOptions);@overload
def WafDomain(resource_name: str,
args: WafDomainArgs,
opts: Optional[ResourceOptions] = None)
@overload
def WafDomain(resource_name: str,
opts: Optional[ResourceOptions] = None,
domain: Optional[str] = None,
servers: Optional[Sequence[WafDomainServerArgs]] = None,
certificate_id: Optional[str] = None,
keep_policy: Optional[bool] = None,
policy_id: Optional[str] = None,
proxy: Optional[bool] = None,
region: Optional[str] = None,
sip_header_lists: Optional[Sequence[str]] = None,
sip_header_name: Optional[str] = None,
timeouts: Optional[WafDomainTimeoutsArgs] = None,
waf_domain_id: Optional[str] = None)func NewWafDomain(ctx *Context, name string, args WafDomainArgs, opts ...ResourceOption) (*WafDomain, error)public WafDomain(string name, WafDomainArgs args, CustomResourceOptions? opts = null)
public WafDomain(String name, WafDomainArgs args)
public WafDomain(String name, WafDomainArgs args, CustomResourceOptions options)
type: flexibleengine:WafDomain
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args WafDomainArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WafDomainArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WafDomainArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WafDomainArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WafDomainArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var wafDomainResource = new Flexibleengine.WafDomain("wafDomainResource", new()
{
Domain = "string",
Servers = new[]
{
new Flexibleengine.Inputs.WafDomainServerArgs
{
Address = "string",
Port = 0,
ClientProtocol = "string",
ServerProtocol = "string",
},
},
CertificateId = "string",
KeepPolicy = false,
PolicyId = "string",
Proxy = false,
Region = "string",
SipHeaderLists = new[]
{
"string",
},
SipHeaderName = "string",
Timeouts = new Flexibleengine.Inputs.WafDomainTimeoutsArgs
{
Create = "string",
Delete = "string",
},
WafDomainId = "string",
});
example, err := flexibleengine.NewWafDomain(ctx, "wafDomainResource", &flexibleengine.WafDomainArgs{
Domain: pulumi.String("string"),
Servers: flexibleengine.WafDomainServerArray{
&flexibleengine.WafDomainServerArgs{
Address: pulumi.String("string"),
Port: pulumi.Float64(0),
ClientProtocol: pulumi.String("string"),
ServerProtocol: pulumi.String("string"),
},
},
CertificateId: pulumi.String("string"),
KeepPolicy: pulumi.Bool(false),
PolicyId: pulumi.String("string"),
Proxy: pulumi.Bool(false),
Region: pulumi.String("string"),
SipHeaderLists: pulumi.StringArray{
pulumi.String("string"),
},
SipHeaderName: pulumi.String("string"),
Timeouts: &flexibleengine.WafDomainTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
},
WafDomainId: pulumi.String("string"),
})
var wafDomainResource = new WafDomain("wafDomainResource", WafDomainArgs.builder()
.domain("string")
.servers(WafDomainServerArgs.builder()
.address("string")
.port(0)
.clientProtocol("string")
.serverProtocol("string")
.build())
.certificateId("string")
.keepPolicy(false)
.policyId("string")
.proxy(false)
.region("string")
.sipHeaderLists("string")
.sipHeaderName("string")
.timeouts(WafDomainTimeoutsArgs.builder()
.create("string")
.delete("string")
.build())
.wafDomainId("string")
.build());
waf_domain_resource = flexibleengine.WafDomain("wafDomainResource",
domain="string",
servers=[{
"address": "string",
"port": 0,
"client_protocol": "string",
"server_protocol": "string",
}],
certificate_id="string",
keep_policy=False,
policy_id="string",
proxy=False,
region="string",
sip_header_lists=["string"],
sip_header_name="string",
timeouts={
"create": "string",
"delete": "string",
},
waf_domain_id="string")
const wafDomainResource = new flexibleengine.WafDomain("wafDomainResource", {
domain: "string",
servers: [{
address: "string",
port: 0,
clientProtocol: "string",
serverProtocol: "string",
}],
certificateId: "string",
keepPolicy: false,
policyId: "string",
proxy: false,
region: "string",
sipHeaderLists: ["string"],
sipHeaderName: "string",
timeouts: {
create: "string",
"delete": "string",
},
wafDomainId: "string",
});
type: flexibleengine:WafDomain
properties:
certificateId: string
domain: string
keepPolicy: false
policyId: string
proxy: false
region: string
servers:
- address: string
clientProtocol: string
port: 0
serverProtocol: string
sipHeaderLists:
- string
sipHeaderName: string
timeouts:
create: string
delete: string
wafDomainId: string
WafDomain Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The WafDomain resource accepts the following input properties:
- Domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - Servers
List<Waf
Domain Server> - Specifies an array of origin web servers. The server object structure is documented below.
- Certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - Keep
Policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- Policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- Proxy bool
- Specifies whether a proxy is configured.
- Region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- Sip
Header List<string>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- Sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- Timeouts
Waf
Domain Timeouts - Waf
Domain stringId - ID of the domain.
- Domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - Servers
[]Waf
Domain Server Args - Specifies an array of origin web servers. The server object structure is documented below.
- Certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - Keep
Policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- Policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- Proxy bool
- Specifies whether a proxy is configured.
- Region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- Sip
Header []stringLists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- Sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- Timeouts
Waf
Domain Timeouts Args - Waf
Domain stringId - ID of the domain.
- domain String
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - servers
List<Waf
Domain Server> - Specifies an array of origin web servers. The server object structure is documented below.
- certificate
Id String - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - keep
Policy Boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id String - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- proxy Boolean
- Specifies whether a proxy is configured.
- region String
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- sip
Header List<String>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header StringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- timeouts
Waf
Domain Timeouts - waf
Domain StringId - ID of the domain.
- domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - servers
Waf
Domain Server[] - Specifies an array of origin web servers. The server object structure is documented below.
- certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - keep
Policy boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- proxy boolean
- Specifies whether a proxy is configured.
- region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- sip
Header string[]Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- timeouts
Waf
Domain Timeouts - waf
Domain stringId - ID of the domain.
- domain str
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - servers
Sequence[Waf
Domain Server Args] - Specifies an array of origin web servers. The server object structure is documented below.
- certificate_
id str - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - keep_
policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy_
id str - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- proxy bool
- Specifies whether a proxy is configured.
- region str
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- sip_
header_ Sequence[str]lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip_
header_ strname - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- timeouts
Waf
Domain Timeouts Args - waf_
domain_ strid - ID of the domain.
- domain String
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - servers List<Property Map>
- Specifies an array of origin web servers. The server object structure is documented below.
- certificate
Id String - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - keep
Policy Boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id String - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- proxy Boolean
- Specifies whether a proxy is configured.
- region String
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- sip
Header List<String>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header StringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- timeouts Property Map
- waf
Domain StringId - ID of the domain.
Outputs
All input properties are implicitly available as output properties. Additionally, the WafDomain resource produces the following output properties:
- Access
Status double - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- Cname string
- The CNAME value.
- Id string
- The provider-assigned unique ID for this managed resource.
- Protect
Status double - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- Protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- Sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- Txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- Access
Status float64 - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- Cname string
- The CNAME value.
- Id string
- The provider-assigned unique ID for this managed resource.
- Protect
Status float64 - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- Protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- Sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- Txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- access
Status Double - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- cname String
- The CNAME value.
- id String
- The provider-assigned unique ID for this managed resource.
- protect
Status Double - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol String
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- sub
Domain String - The subdomain name. This attribute is returned only when proxy is set to true.
- txt
Code String - The TXT record. This attribute is returned only when proxy is set to true.
- access
Status number - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- cname string
- The CNAME value.
- id string
- The provider-assigned unique ID for this managed resource.
- protect
Status number - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- access_
status float - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- cname str
- The CNAME value.
- id str
- The provider-assigned unique ID for this managed resource.
- protect_
status float - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol str
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- sub_
domain str - The subdomain name. This attribute is returned only when proxy is set to true.
- txt_
code str - The TXT record. This attribute is returned only when proxy is set to true.
- access
Status Number - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- cname String
- The CNAME value.
- id String
- The provider-assigned unique ID for this managed resource.
- protect
Status Number - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol String
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- sub
Domain String - The subdomain name. This attribute is returned only when proxy is set to true.
- txt
Code String - The TXT record. This attribute is returned only when proxy is set to true.
Look up Existing WafDomain Resource
Get an existing WafDomain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WafDomainState, opts?: CustomResourceOptions): WafDomain@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_status: Optional[float] = None,
certificate_id: Optional[str] = None,
cname: Optional[str] = None,
domain: Optional[str] = None,
keep_policy: Optional[bool] = None,
policy_id: Optional[str] = None,
protect_status: Optional[float] = None,
protocol: Optional[str] = None,
proxy: Optional[bool] = None,
region: Optional[str] = None,
servers: Optional[Sequence[WafDomainServerArgs]] = None,
sip_header_lists: Optional[Sequence[str]] = None,
sip_header_name: Optional[str] = None,
sub_domain: Optional[str] = None,
timeouts: Optional[WafDomainTimeoutsArgs] = None,
txt_code: Optional[str] = None,
waf_domain_id: Optional[str] = None) -> WafDomainfunc GetWafDomain(ctx *Context, name string, id IDInput, state *WafDomainState, opts ...ResourceOption) (*WafDomain, error)public static WafDomain Get(string name, Input<string> id, WafDomainState? state, CustomResourceOptions? opts = null)public static WafDomain get(String name, Output<String> id, WafDomainState state, CustomResourceOptions options)resources: _: type: flexibleengine:WafDomain get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Status double - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- Certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - Cname string
- The CNAME value.
- Domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - Keep
Policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- Policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- Protect
Status double - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- Protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- Proxy bool
- Specifies whether a proxy is configured.
- Region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- Servers
List<Waf
Domain Server> - Specifies an array of origin web servers. The server object structure is documented below.
- Sip
Header List<string>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- Sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- Sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- Timeouts
Waf
Domain Timeouts - Txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- Waf
Domain stringId - ID of the domain.
- Access
Status float64 - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- Certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - Cname string
- The CNAME value.
- Domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - Keep
Policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- Policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- Protect
Status float64 - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- Protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- Proxy bool
- Specifies whether a proxy is configured.
- Region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- Servers
[]Waf
Domain Server Args - Specifies an array of origin web servers. The server object structure is documented below.
- Sip
Header []stringLists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- Sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- Sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- Timeouts
Waf
Domain Timeouts Args - Txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- Waf
Domain stringId - ID of the domain.
- access
Status Double - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- certificate
Id String - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - cname String
- The CNAME value.
- domain String
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - keep
Policy Boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id String - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- protect
Status Double - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol String
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- proxy Boolean
- Specifies whether a proxy is configured.
- region String
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- servers
List<Waf
Domain Server> - Specifies an array of origin web servers. The server object structure is documented below.
- sip
Header List<String>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header StringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- sub
Domain String - The subdomain name. This attribute is returned only when proxy is set to true.
- timeouts
Waf
Domain Timeouts - txt
Code String - The TXT record. This attribute is returned only when proxy is set to true.
- waf
Domain StringId - ID of the domain.
- access
Status number - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- certificate
Id string - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - cname string
- The CNAME value.
- domain string
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - keep
Policy boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id string - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- protect
Status number - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol string
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- proxy boolean
- Specifies whether a proxy is configured.
- region string
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- servers
Waf
Domain Server[] - Specifies an array of origin web servers. The server object structure is documented below.
- sip
Header string[]Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header stringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- sub
Domain string - The subdomain name. This attribute is returned only when proxy is set to true.
- timeouts
Waf
Domain Timeouts - txt
Code string - The TXT record. This attribute is returned only when proxy is set to true.
- waf
Domain stringId - ID of the domain.
- access_
status float - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- certificate_
id str - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - cname str
- The CNAME value.
- domain str
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - keep_
policy bool - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy_
id str - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- protect_
status float - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol str
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- proxy bool
- Specifies whether a proxy is configured.
- region str
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- servers
Sequence[Waf
Domain Server Args] - Specifies an array of origin web servers. The server object structure is documented below.
- sip_
header_ Sequence[str]lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip_
header_ strname - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- sub_
domain str - The subdomain name. This attribute is returned only when proxy is set to true.
- timeouts
Waf
Domain Timeouts Args - txt_
code str - The TXT record. This attribute is returned only when proxy is set to true.
- waf_
domain_ strid - ID of the domain.
- access
Status Number - Whether a domain name is connected to WAF.
- 0: The domain name is not connected to WAF;
- 1: The domain name is connected to WAF.
- certificate
Id String - Specifies the certificate ID.
This parameter is mandatory when
client_protocolis set to HTTPS. - cname String
- The CNAME value.
- domain String
- Specifies the domain name to be protected. For example,
www.example.comor*.example.com. Changing this creates a new domain. - keep
Policy Boolean - Specifies whether to retain the policy when deleting a domain name. Defaults to true.
- policy
Id String - Specifies the policy ID associated with the domain. If not specified, a new policy will be created automatically. Changing this create a new domain.
- protect
Status Number - The WAF mode. -1: bypassed, 0: disabled, 1: enabled.
- protocol String
- The protocol type of the client. The options are HTTP, HTTPS, and HTTP&HTTPS.
- proxy Boolean
- Specifies whether a proxy is configured.
- region String
- Specifies the region in which to create the domain resource. If omitted, the provider-level region will be used. Changing this will create a new domain resource.
- servers List<Property Map>
- Specifies an array of origin web servers. The server object structure is documented below.
- sip
Header List<String>Lists Specifies an array of HTTP request header for identifying the real source IP address. This parameter is required only when proxy is set to true.
- If
sip_header_nameis default, the value is ["X-Forwarded-For"]. - If
sip_header_nameis cloudflare, the value is ["CF-Connecting-IP", "X-Forwarded-For"]. - If
sip_header_nameis akamai, the value is ["True-Client-IP"]. - If
sip_header_nameis custom, you can customize a value.
The
serverblock supports:- If
- sip
Header StringName - Specifies the type of the source IP header. This parameter is required only when proxy is set to true. The options are as follows: default, cloudflare, akamai, and custom.
- sub
Domain String - The subdomain name. This attribute is returned only when proxy is set to true.
- timeouts Property Map
- txt
Code String - The TXT record. This attribute is returned only when proxy is set to true.
- waf
Domain StringId - ID of the domain.
Supporting Types
WafDomainServer, WafDomainServerArgs
- Address string
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - Port double
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- Client
Protocol string - Protocol type of the client. The options are HTTP and HTTPS.
- Server
Protocol string - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
- Address string
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - Port float64
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- Client
Protocol string - Protocol type of the client. The options are HTTP and HTTPS.
- Server
Protocol string - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
- address String
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - port Double
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- client
Protocol String - Protocol type of the client. The options are HTTP and HTTPS.
- server
Protocol String - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
- address string
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - port number
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- client
Protocol string - Protocol type of the client. The options are HTTP and HTTPS.
- server
Protocol string - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
- address str
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - port float
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- client_
protocol str - Protocol type of the client. The options are HTTP and HTTPS.
- server_
protocol str - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
- address String
- IP address or domain name of the web server that the client accesses.
For example,
192.168.1.1orwww.a.com. - port Number
- Port number used by the web server. The value ranges from 0 to 65535, for example, 8080.
- client
Protocol String - Protocol type of the client. The options are HTTP and HTTPS.
- server
Protocol String - Protocol used by WAF to forward client requests to the server. The options are HTTP and HTTPS.
WafDomainTimeouts, WafDomainTimeoutsArgs
Import
Domains can be imported using the id, e.g.
$ pulumi import flexibleengine:index/wafDomain:WafDomain dom_1 7117d38e-4c8f-4624-a505-bd96b97d024c
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- flexibleengine flexibleenginecloud/terraform-provider-flexibleengine
- License
- Notes
- This Pulumi package is based on the
flexibleengineTerraform Provider.
flexibleengine 1.46.0 published on Monday, Apr 14, 2025 by flexibleenginecloud