Docs Home
tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack
tencentcloud.TeoSecurityPolicyConfig
Explore with Pulumi AI
tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack
Provides a resource to create a teo security policy
NOTE: If the user’s EO version is the personal version,
managed_rule_groupsneeds to set one; If the user’s EO version is a non personal version,managed_rule_groupsneeds to set 17. If the user does not set themanaged_rule_groupsparameter, the system will generate it by default.
Example Usage
If entity is ZoneDefaultPolicy
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
entity: "ZoneDefaultPolicy",
securityPolicy: {
customRules: {
basicAccessRules: [{
action: {
name: "Deny",
},
condition: "${http.request.ip} in ['119.28.103.58']",
enabled: "off",
name: "rule2",
}],
preciseMatchRules: [{
action: {
blockIpActionParameters: {
duration: "120s",
},
name: "BlockIP",
},
condition: "${http.request.host} contain ['abc']",
enabled: "on",
name: "rule1",
priority: 50,
}],
},
managedRules: {
autoUpdate: {
autoUpdateToLatestVersion: "off",
},
detectionOnly: "off",
enabled: "on",
managedRuleGroups: [
{
action: {
name: "Deny",
},
groupId: "wafgroup-webshell-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xxe-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-non-compliant-protocol-usages",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-file-upload-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-command-and-code-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ldap-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssrf-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xss-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-vulnerability-scanners",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-cms-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-other-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-sql-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-file-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-oa-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssti-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-shiro-vulnerabilities",
sensitivityLevel: "strict",
},
],
semanticAnalysis: "off",
},
},
zoneId: "zone-37u62pwxfo8s",
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.TeoSecurityPolicyConfig("example",
entity="ZoneDefaultPolicy",
security_policy={
"custom_rules": {
"basic_access_rules": [{
"action": {
"name": "Deny",
},
"condition": "${http.request.ip} in ['119.28.103.58']",
"enabled": "off",
"name": "rule2",
}],
"precise_match_rules": [{
"action": {
"block_ip_action_parameters": {
"duration": "120s",
},
"name": "BlockIP",
},
"condition": "${http.request.host} contain ['abc']",
"enabled": "on",
"name": "rule1",
"priority": 50,
}],
},
"managed_rules": {
"auto_update": {
"auto_update_to_latest_version": "off",
},
"detection_only": "off",
"enabled": "on",
"managed_rule_groups": [
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-webshell-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xxe-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-non-compliant-protocol-usages",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-file-upload-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-command-and-code-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ldap-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssrf-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xss-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-vulnerability-scanners",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-cms-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-other-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-sql-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-file-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-oa-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssti-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-shiro-vulnerabilities",
"sensitivity_level": "strict",
},
],
"semantic_analysis": "off",
},
},
zone_id="zone-37u62pwxfo8s")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
Entity: pulumi.String("ZoneDefaultPolicy"),
SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
BasicAccessRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs{
Name: pulumi.String("Deny"),
},
Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
Enabled: pulumi.String("off"),
Name: pulumi.String("rule2"),
},
},
PreciseMatchRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs{
BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs{
Duration: pulumi.String("120s"),
},
Name: pulumi.String("BlockIP"),
},
Condition: pulumi.String("${http.request.host} contain ['abc']"),
Enabled: pulumi.String("on"),
Name: pulumi.String("rule1"),
Priority: pulumi.Float64(50),
},
},
},
ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
AutoUpdateToLatestVersion: pulumi.String("off"),
},
DetectionOnly: pulumi.String("off"),
Enabled: pulumi.String("on"),
ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-webshell-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xxe-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-non-compliant-protocol-usages"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-file-upload-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-command-and-code-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ldap-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssrf-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xss-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-vulnerability-scanners"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-cms-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-other-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-sql-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-file-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-oa-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssti-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-shiro-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
},
SemanticAnalysis: pulumi.String("off"),
},
},
ZoneId: pulumi.String("zone-37u62pwxfo8s"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
{
Entity = "ZoneDefaultPolicy",
SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
{
CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
{
BasicAccessRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
{
Name = "Deny",
},
Condition = "${http.request.ip} in ['119.28.103.58']",
Enabled = "off",
Name = "rule2",
},
},
PreciseMatchRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
{
BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
{
Duration = "120s",
},
Name = "BlockIP",
},
Condition = "${http.request.host} contain ['abc']",
Enabled = "on",
Name = "rule1",
Priority = 50,
},
},
},
ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
{
AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
{
AutoUpdateToLatestVersion = "off",
},
DetectionOnly = "off",
Enabled = "on",
ManagedRuleGroups = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-webshell-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xxe-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-non-compliant-protocol-usages",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-file-upload-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-command-and-code-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ldap-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssrf-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xss-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-vulnerability-scanners",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-cms-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-other-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-sql-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-file-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-oa-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssti-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-shiro-vulnerabilities",
SensitivityLevel = "strict",
},
},
SemanticAnalysis = "off",
},
},
ZoneId = "zone-37u62pwxfo8s",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("ZoneDefaultPolicy")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['abc']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.build())
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: ZoneDefaultPolicy
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['abc']
enabled: on
name: rule1
priority: 50
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
zoneId: zone-37u62pwxfo8s
If entity is Host
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
entity: "Host",
host: "www.example.com",
securityPolicy: {
customRules: {
basicAccessRules: [{
action: {
name: "Deny",
},
condition: "${http.request.ip} in ['119.28.103.58']",
enabled: "off",
name: "rule2",
}],
preciseMatchRules: [{
action: {
blockIpActionParameters: {
duration: "120s",
},
name: "BlockIP",
},
condition: "${http.request.host} contain ['abc']",
enabled: "on",
name: "rule1",
priority: 50,
}],
},
managedRules: {
autoUpdate: {
autoUpdateToLatestVersion: "off",
},
detectionOnly: "off",
enabled: "on",
managedRuleGroups: [
{
action: {
name: "Deny",
},
groupId: "wafgroup-webshell-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xxe-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-non-compliant-protocol-usages",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-file-upload-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-command-and-code-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ldap-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssrf-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xss-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-vulnerability-scanners",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-cms-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-other-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-sql-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-file-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-oa-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssti-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-shiro-vulnerabilities",
sensitivityLevel: "strict",
},
],
semanticAnalysis: "off",
},
},
zoneId: "zone-37u62pwxfo8s",
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.TeoSecurityPolicyConfig("example",
entity="Host",
host="www.example.com",
security_policy={
"custom_rules": {
"basic_access_rules": [{
"action": {
"name": "Deny",
},
"condition": "${http.request.ip} in ['119.28.103.58']",
"enabled": "off",
"name": "rule2",
}],
"precise_match_rules": [{
"action": {
"block_ip_action_parameters": {
"duration": "120s",
},
"name": "BlockIP",
},
"condition": "${http.request.host} contain ['abc']",
"enabled": "on",
"name": "rule1",
"priority": 50,
}],
},
"managed_rules": {
"auto_update": {
"auto_update_to_latest_version": "off",
},
"detection_only": "off",
"enabled": "on",
"managed_rule_groups": [
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-webshell-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xxe-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-non-compliant-protocol-usages",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-file-upload-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-command-and-code-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ldap-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssrf-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xss-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-vulnerability-scanners",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-cms-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-other-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-sql-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-file-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-oa-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssti-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-shiro-vulnerabilities",
"sensitivity_level": "strict",
},
],
"semantic_analysis": "off",
},
},
zone_id="zone-37u62pwxfo8s")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
Entity: pulumi.String("Host"),
Host: pulumi.String("www.example.com"),
SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
BasicAccessRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs{
Name: pulumi.String("Deny"),
},
Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
Enabled: pulumi.String("off"),
Name: pulumi.String("rule2"),
},
},
PreciseMatchRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs{
BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs{
Duration: pulumi.String("120s"),
},
Name: pulumi.String("BlockIP"),
},
Condition: pulumi.String("${http.request.host} contain ['abc']"),
Enabled: pulumi.String("on"),
Name: pulumi.String("rule1"),
Priority: pulumi.Float64(50),
},
},
},
ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
AutoUpdateToLatestVersion: pulumi.String("off"),
},
DetectionOnly: pulumi.String("off"),
Enabled: pulumi.String("on"),
ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-webshell-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xxe-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-non-compliant-protocol-usages"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-file-upload-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-command-and-code-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ldap-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssrf-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xss-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-vulnerability-scanners"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-cms-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-other-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-sql-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-file-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-oa-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssti-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-shiro-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
},
SemanticAnalysis: pulumi.String("off"),
},
},
ZoneId: pulumi.String("zone-37u62pwxfo8s"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
{
Entity = "Host",
Host = "www.example.com",
SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
{
CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
{
BasicAccessRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
{
Name = "Deny",
},
Condition = "${http.request.ip} in ['119.28.103.58']",
Enabled = "off",
Name = "rule2",
},
},
PreciseMatchRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
{
BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
{
Duration = "120s",
},
Name = "BlockIP",
},
Condition = "${http.request.host} contain ['abc']",
Enabled = "on",
Name = "rule1",
Priority = 50,
},
},
},
ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
{
AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
{
AutoUpdateToLatestVersion = "off",
},
DetectionOnly = "off",
Enabled = "on",
ManagedRuleGroups = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-webshell-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xxe-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-non-compliant-protocol-usages",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-file-upload-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-command-and-code-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ldap-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssrf-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xss-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-vulnerability-scanners",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-cms-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-other-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-sql-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-file-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-oa-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssti-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-shiro-vulnerabilities",
SensitivityLevel = "strict",
},
},
SemanticAnalysis = "off",
},
},
ZoneId = "zone-37u62pwxfo8s",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("Host")
.host("www.example.com")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['abc']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.build())
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: Host
host: www.example.com
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['abc']
enabled: on
name: rule1
priority: 50
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
zoneId: zone-37u62pwxfo8s
If entity is Template
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
entity: "Template",
securityPolicy: {
customRules: {
basicAccessRules: [{
action: {
name: "Deny",
},
condition: "${http.request.ip} in ['119.28.103.58']",
enabled: "off",
name: "rule2",
}],
preciseMatchRules: [{
action: {
blockIpActionParameters: {
duration: "120s",
},
name: "BlockIP",
},
condition: "${http.request.host} contain ['abc']",
enabled: "on",
name: "rule1",
priority: 50,
}],
},
managedRules: {
autoUpdate: {
autoUpdateToLatestVersion: "off",
},
detectionOnly: "off",
enabled: "on",
managedRuleGroups: [
{
action: {
name: "Deny",
},
groupId: "wafgroup-webshell-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xxe-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-non-compliant-protocol-usages",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-file-upload-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-command-and-code-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ldap-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssrf-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xss-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-vulnerability-scanners",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-cms-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-other-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-sql-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-file-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-oa-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssti-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-shiro-vulnerabilities",
sensitivityLevel: "strict",
},
],
semanticAnalysis: "off",
},
},
templateId: "temp-05dtxkyw",
zoneId: "zone-37u62pwxfo8s",
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.TeoSecurityPolicyConfig("example",
entity="Template",
security_policy={
"custom_rules": {
"basic_access_rules": [{
"action": {
"name": "Deny",
},
"condition": "${http.request.ip} in ['119.28.103.58']",
"enabled": "off",
"name": "rule2",
}],
"precise_match_rules": [{
"action": {
"block_ip_action_parameters": {
"duration": "120s",
},
"name": "BlockIP",
},
"condition": "${http.request.host} contain ['abc']",
"enabled": "on",
"name": "rule1",
"priority": 50,
}],
},
"managed_rules": {
"auto_update": {
"auto_update_to_latest_version": "off",
},
"detection_only": "off",
"enabled": "on",
"managed_rule_groups": [
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-webshell-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xxe-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-non-compliant-protocol-usages",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-file-upload-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-command-and-code-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ldap-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssrf-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xss-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-vulnerability-scanners",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-cms-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-other-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-sql-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-file-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-oa-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssti-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-shiro-vulnerabilities",
"sensitivity_level": "strict",
},
],
"semantic_analysis": "off",
},
},
template_id="temp-05dtxkyw",
zone_id="zone-37u62pwxfo8s")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
Entity: pulumi.String("Template"),
SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
BasicAccessRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs{
Name: pulumi.String("Deny"),
},
Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
Enabled: pulumi.String("off"),
Name: pulumi.String("rule2"),
},
},
PreciseMatchRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs{
BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs{
Duration: pulumi.String("120s"),
},
Name: pulumi.String("BlockIP"),
},
Condition: pulumi.String("${http.request.host} contain ['abc']"),
Enabled: pulumi.String("on"),
Name: pulumi.String("rule1"),
Priority: pulumi.Float64(50),
},
},
},
ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
AutoUpdateToLatestVersion: pulumi.String("off"),
},
DetectionOnly: pulumi.String("off"),
Enabled: pulumi.String("on"),
ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-webshell-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xxe-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-non-compliant-protocol-usages"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-file-upload-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-command-and-code-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ldap-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssrf-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xss-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-vulnerability-scanners"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-cms-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-other-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-sql-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-file-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-oa-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssti-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-shiro-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
},
SemanticAnalysis: pulumi.String("off"),
},
},
TemplateId: pulumi.String("temp-05dtxkyw"),
ZoneId: pulumi.String("zone-37u62pwxfo8s"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
{
Entity = "Template",
SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
{
CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
{
BasicAccessRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
{
Name = "Deny",
},
Condition = "${http.request.ip} in ['119.28.103.58']",
Enabled = "off",
Name = "rule2",
},
},
PreciseMatchRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
{
BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
{
Duration = "120s",
},
Name = "BlockIP",
},
Condition = "${http.request.host} contain ['abc']",
Enabled = "on",
Name = "rule1",
Priority = 50,
},
},
},
ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
{
AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
{
AutoUpdateToLatestVersion = "off",
},
DetectionOnly = "off",
Enabled = "on",
ManagedRuleGroups = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-webshell-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xxe-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-non-compliant-protocol-usages",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-file-upload-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-command-and-code-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ldap-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssrf-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xss-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-vulnerability-scanners",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-cms-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-other-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-sql-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-file-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-oa-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssti-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-shiro-vulnerabilities",
SensitivityLevel = "strict",
},
},
SemanticAnalysis = "off",
},
},
TemplateId = "temp-05dtxkyw",
ZoneId = "zone-37u62pwxfo8s",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("Template")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['abc']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.build())
.templateId("temp-05dtxkyw")
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: Template
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['abc']
enabled: on
name: rule1
priority: 50
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
templateId: temp-05dtxkyw
zoneId: zone-37u62pwxfo8s
Create TeoSecurityPolicyConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TeoSecurityPolicyConfig(name: string, args: TeoSecurityPolicyConfigArgs, opts?: CustomResourceOptions);@overload
def TeoSecurityPolicyConfig(resource_name: str,
args: TeoSecurityPolicyConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TeoSecurityPolicyConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
zone_id: Optional[str] = None,
entity: Optional[str] = None,
host: Optional[str] = None,
security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
template_id: Optional[str] = None,
teo_security_policy_config_id: Optional[str] = None)func NewTeoSecurityPolicyConfig(ctx *Context, name string, args TeoSecurityPolicyConfigArgs, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)public TeoSecurityPolicyConfig(string name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions? opts = null)
public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args)
public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions options)
type: tencentcloud:TeoSecurityPolicyConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
TeoSecurityPolicyConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TeoSecurityPolicyConfig resource accepts the following input properties:
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id string - Zone ID.
- entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security stringPolicy Config Id - ID of the resource.
- zone_
id str - Zone ID.
- entity str
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host str
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security_
policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template_
id str - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo_
security_ strpolicy_ config_ id - ID of the resource.
- zone
Id String - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy Property Map - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the TeoSecurityPolicyConfig resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing TeoSecurityPolicyConfig Resource
Get an existing TeoSecurityPolicyConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TeoSecurityPolicyConfigState, opts?: CustomResourceOptions): TeoSecurityPolicyConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
entity: Optional[str] = None,
host: Optional[str] = None,
security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
template_id: Optional[str] = None,
teo_security_policy_config_id: Optional[str] = None,
zone_id: Optional[str] = None) -> TeoSecurityPolicyConfigfunc GetTeoSecurityPolicyConfig(ctx *Context, name string, id IDInput, state *TeoSecurityPolicyConfigState, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)public static TeoSecurityPolicyConfig Get(string name, Input<string> id, TeoSecurityPolicyConfigState? state, CustomResourceOptions? opts = null)public static TeoSecurityPolicyConfig get(String name, Output<String> id, TeoSecurityPolicyConfigState state, CustomResourceOptions options)resources: _: type: tencentcloud:TeoSecurityPolicyConfig get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
- entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security stringPolicy Config Id - ID of the resource.
- zone
Id string - Zone ID.
- entity str
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host str
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security_
policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template_
id str - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo_
security_ strpolicy_ config_ id - ID of the resource.
- zone_
id str - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy Property Map - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
Supporting Types
TeoSecurityPolicyConfigSecurityPolicy, TeoSecurityPolicyConfigSecurityPolicyArgs
- Custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- Managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- Custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- Managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- custom_
rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- managed_
rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- custom
Rules Property Map - Custom rule configuration.
- managed
Rules Property Map - Managed rule configuration.
TeoSecurityPolicyConfigSecurityPolicyCustomRules, TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
- Basic
Access List<TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Precise
Match List<TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Rules
List<Teo
Security Policy Config Security Policy Custom Rules Rule> - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Basic
Access []TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Precise
Match []TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Rules
[]Teo
Security Policy Config Security Policy Custom Rules Rule - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access List<TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match List<TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
List<Teo
Security Policy Config Security Policy Custom Rules Rule> - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule[] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule[] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
Teo
Security Policy Config Security Policy Custom Rules Rule[] - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic_
access_ Sequence[Teorules Security Policy Config Security Policy Custom Rules Basic Access Rule] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise_
match_ Sequence[Teorules Security Policy Config Security Policy Custom Rules Precise Match Rule] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
Sequence[Teo
Security Policy Config Security Policy Custom Rules Rule] - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access List<Property Map>Rules - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match List<Property Map>Rules - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules List<Property Map>
- It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority float64
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name string
- The name of the custom rule.
- id string
- ID of the resource.
- priority number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition str
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled str
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name str
- The name of the custom rule.
- id str
- ID of the resource.
- priority float
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name string
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name str
- Specific actions for safe execution. valid values:.
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip Property MapAction Parameters - Additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameter when Name is Redirect.
- return
Custom Property MapPage Action Parameters - Additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionBlockIpActionParametersArgs
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration str
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionRedirectActionParametersArgs
- Url string
- Redirect URL.
- Url string
- Redirect URL.
- url String
- Redirect URL.
- url string
- Redirect URL.
- url str
- Redirect URL.
- url String
- Redirect URL.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
- error
Page stringId - Response custom page ID.
- response
Code string - Response status code.
- error_
page_ strid - Response custom page ID.
- response_
code str - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority float64
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name string
- The name of the custom rule.
- id string
- ID of the resource.
- priority number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition str
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled str
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name str
- The name of the custom rule.
- id str
- ID of the resource.
- priority float
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name string
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name str
- Specific actions for safe execution. valid values:.
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip Property MapAction Parameters - Additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameter when Name is Redirect.
- return
Custom Property MapPage Action Parameters - Additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration str
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionRedirectActionParametersArgs
- Url string
- Redirect URL.
- Url string
- Redirect URL.
- url String
- Redirect URL.
- url string
- Redirect URL.
- url str
- Redirect URL.
- url String
- Redirect URL.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
- error
Page stringId - Response custom page ID.
- response
Code string - Response status code.
- error_
page_ strid - Response custom page ID.
- response_
code str - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- Priority double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- Priority float64
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- priority Double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name string
- The name of the custom rule.
- id string
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- priority number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition str
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled str
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name str
- The name of the custom rule.
- id str
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- priority float
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
- priority Number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name string
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name str
- Specific actions for safe execution. valid values:.
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip Property MapAction Parameters - Additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameter when Name is Redirect.
- return
Custom Property MapPage Action Parameters - Additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration str
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParametersArgs
- Url string
- Redirect URL.
- Url string
- Redirect URL.
- url String
- Redirect URL.
- url string
- Redirect URL.
- url str
- Redirect URL.
- url String
- Redirect URL.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
- error
Page stringId - Response custom page ID.
- response
Code string - Response status code.
- error_
page_ strid - Response custom page ID.
- response_
code str - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyManagedRules, TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
- Detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- Enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- Auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- Managed
Rule List<TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group> - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- Semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- Detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- Enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- Auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- Managed
Rule []TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- Semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only String - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled String
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed
Rule List<TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group> - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis String - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed
Rule TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group[] - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection_
only str - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled str
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto_
update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed_
rule_ Sequence[Teogroups Security Policy Config Security Policy Managed Rules Managed Rule Group] - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic_
analysis str - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only String - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled String
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update Property Map - Managed rule automatic update option.
- managed
Rule List<Property Map>Groups - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis String - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate, TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
- Auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- Ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- Auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- Ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update StringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version String - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto_
update_ strto_ latest_ version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset_
version str - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update StringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version String - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- Sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- Meta
Datas List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data> - Managed rule group information, for output only.
- Rule
Actions List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- Sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- Meta
Datas []TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data - Managed rule group information, for output only.
- Rule
Actions []TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id String - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level String - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data> - Managed rule group information, for output only.
- rule
Actions List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data[] - Managed rule group information, for output only.
- rule
Actions TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action[] - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group_
id str - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity_
level str - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta_
datas Sequence[TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data] - Managed rule group information, for output only.
- rule_
actions Sequence[TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action] - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action Property Map
- Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id String - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level String - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas List<Property Map> - Managed rule group information, for output only.
- rule
Actions List<Property Map> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name string
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name str
- Specific actions for safe execution. valid values:.
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip Property MapAction Parameters - Additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameter when Name is Redirect.
- return
Custom Property MapPage Action Parameters - Additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParametersArgs
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration str
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParametersArgs
- Url string
- Redirect URL.
- Url string
- Redirect URL.
- url String
- Redirect URL.
- url string
- Redirect URL.
- url str
- Redirect URL.
- url String
- Redirect URL.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParametersArgs
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
- error
Page stringId - Response custom page ID.
- response
Code string - Response status code.
- error_
page_ strid - Response custom page ID.
- response_
code str - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataArgs
- group
Detail String - group
Name String - rule
Details List<Property Map>
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetailArgs
- Description string
- Risk
Level string - Rule
Id string - Rule
Version string - List<string>
- Description string
- Risk
Level string - Rule
Id string - Rule
Version string - []string
- description String
- risk
Level String - rule
Id String - rule
Version String - List<String>
- description string
- risk
Level string - rule
Id string - rule
Version string - string[]
- description str
- risk_
level str - rule_
id str - rule_
version str - Sequence[str]
- description String
- risk
Level String - rule
Id String - rule
Version String - List<String>
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionArgs
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id String - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule_
id str - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action Property Map
- Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id String - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionArgs
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- Name string
- Specific actions for safe execution. valid values:.
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name string
- Specific actions for safe execution. valid values:.
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name str
- Specific actions for safe execution. valid values:.
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - Additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameter when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - Additional parameter when Name is ReturnCustomPage.
- name String
- Specific actions for safe execution. valid values:.
- block
Ip Property MapAction Parameters - Additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameter when Name is Redirect.
- return
Custom Property MapPage Action Parameters - Additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParametersArgs
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- Duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration string
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration str
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
- duration String
- Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParametersArgs
- Url string
- Redirect URL.
- Url string
- Redirect URL.
- url String
- Redirect URL.
- url string
- Redirect URL.
- url str
- Redirect URL.
- url String
- Redirect URL.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParametersArgs
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- Error
Page stringId - Response custom page ID.
- Response
Code string - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
- error
Page stringId - Response custom page ID.
- response
Code string - Response status code.
- error_
page_ strid - Response custom page ID.
- response_
code str - Response status code.
- error
Page StringId - Response custom page ID.
- response
Code String - Response status code.
Import
teo security policy can be imported using the id, e.g.
If entity is ZoneDefaultPolicy
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#ZoneDefaultPolicy
If entity is Host
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Host#www.example.com
If entity is Template
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Template#temp-05dtxkyw
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- tencentcloud tencentcloudstack/terraform-provider-tencentcloud
- License
- Notes
- This Pulumi package is based on the
tencentcloudTerraform Provider.
tencentcloud 1.81.189 published on Wednesday, Apr 30, 2025 by tencentcloudstack