Docs Home
tencentcloud 1.82.1 published on Monday, Jun 16, 2025 by tencentcloudstack
tencentcloud.TeoSecurityPolicyConfig
Explore with Pulumi AI
tencentcloud 1.82.1 published on Monday, Jun 16, 2025 by tencentcloudstack
Provides a resource to create a teo security policy
NOTE: If the user’s EO version is the personal version,
managed_rule_groupsneeds to set one; If the user’s EO version is a non personal version,managed_rule_groupsneeds to set 17. If the user does not set themanaged_rule_groupsparameter, the system will generate it by default.
Example Usage
If entity is ZoneDefaultPolicy
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyExceptionRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionChallengeActionParametersArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionChallengeActionParametersArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseMinimalRequestBodyTransferRateArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseRequestBodyTransferTimeoutArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("ZoneDefaultPolicy")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['test']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.exceptionRules(TeoSecurityPolicyConfigSecurityPolicyExceptionRulesArgs.builder()
.rules(TeoSecurityPolicyConfigSecurityPolicyExceptionRulesRuleArgs.builder()
.condition("${http.request.method} in ['POST'] and ${http.request.uri.path} in ['/api/EventLogUpload']")
.enabled("off")
.name("High-frequency API bypasses rate limits")
.skipOption("SkipOnAllRequestFields")
.skipScope("WebSecurityModules")
.webSecurityModulesForException("websec-mod-adaptive-control")
.build())
.build())
.httpDdosProtection(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionArgs.builder()
.adaptiveFrequencyControl(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionArgs.builder()
.challengeActionParameters(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionChallengeActionParametersArgs.builder()
.challengeOption("JSChallenge")
.build())
.name("Challenge")
.build())
.enabled("on")
.sensitivity("Loose")
.build())
.bandwidthAbuseDefense(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionArgs.builder()
.name("Deny")
.build())
.enabled("on")
.build())
.clientFiltering(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionArgs.builder()
.challengeActionParameters(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionChallengeActionParametersArgs.builder()
.challengeOption("JSChallenge")
.build())
.name("Challenge")
.build())
.enabled("on")
.build())
.slowAttackDefense(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionArgs.builder()
.name("Deny")
.build())
.enabled("on")
.minimalRequestBodyTransferRate(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseMinimalRequestBodyTransferRateArgs.builder()
.countingPeriod("60s")
.enabled("on")
.minimalAvgTransferRateThreshold("80bps")
.build())
.requestBodyTransferTimeout(TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseRequestBodyTransferTimeoutArgs.builder()
.enabled("on")
.idleTimeout("5s")
.build())
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.rateLimitingRules(TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesArgs.builder()
.rules(TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionArgs.builder()
.challengeActionParameters(TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionChallengeActionParametersArgs.builder()
.challengeOption("JSChallenge")
.build())
.name("Challenge")
.build())
.actionDuration("30m")
.condition("${http.request.uri.path} contain ['/checkout/submit']")
.countBy("http.request.ip")
.countingPeriod("60s")
.enabled("on")
.maxRequestThreshold(300)
.name("Single IP request rate limit")
.priority(50)
.build())
.build())
.build())
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: ZoneDefaultPolicy
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['test']
enabled: on
name: rule1
priority: 50
exceptionRules:
rules:
- condition: $${http.request.method} in ['POST'] and $${http.request.uri.path} in ['/api/EventLogUpload']
enabled: off
name: High-frequency API bypasses rate limits
skipOption: SkipOnAllRequestFields
skipScope: WebSecurityModules
webSecurityModulesForException:
- websec-mod-adaptive-control
httpDdosProtection:
adaptiveFrequencyControl:
action:
challengeActionParameters:
challengeOption: JSChallenge
name: Challenge
enabled: on
sensitivity: Loose
bandwidthAbuseDefense:
action:
name: Deny
enabled: on
clientFiltering:
action:
challengeActionParameters:
challengeOption: JSChallenge
name: Challenge
enabled: on
slowAttackDefense:
action:
name: Deny
enabled: on
minimalRequestBodyTransferRate:
countingPeriod: 60s
enabled: on
minimalAvgTransferRateThreshold: 80bps
requestBodyTransferTimeout:
enabled: on
idleTimeout: 5s
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
rateLimitingRules:
rules:
- action:
challengeActionParameters:
challengeOption: JSChallenge
name: Challenge
actionDuration: 30m
condition: $${http.request.uri.path} contain ['/checkout/submit']
countBy:
- http.request.ip
countingPeriod: 60s
enabled: on
maxRequestThreshold: 300
name: Single IP request rate limit
priority: 50
zoneId: zone-37u62pwxfo8s
If entity is Host
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
entity: "Host",
host: "www.example.com",
securityPolicy: {
customRules: {
basicAccessRules: [{
action: {
name: "Deny",
},
condition: "${http.request.ip} in ['119.28.103.58']",
enabled: "off",
name: "rule2",
}],
preciseMatchRules: [{
action: {
blockIpActionParameters: {
duration: "120s",
},
name: "BlockIP",
},
condition: "${http.request.host} contain ['abc']",
enabled: "on",
name: "rule1",
priority: 50,
}],
},
managedRules: {
autoUpdate: {
autoUpdateToLatestVersion: "off",
},
detectionOnly: "off",
enabled: "on",
managedRuleGroups: [
{
action: {
name: "Deny",
},
groupId: "wafgroup-webshell-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xxe-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-non-compliant-protocol-usages",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-file-upload-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-command-and-code-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ldap-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssrf-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xss-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-vulnerability-scanners",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-cms-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-other-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-sql-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-file-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-oa-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssti-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-shiro-vulnerabilities",
sensitivityLevel: "strict",
},
],
semanticAnalysis: "off",
},
},
zoneId: "zone-37u62pwxfo8s",
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.TeoSecurityPolicyConfig("example",
entity="Host",
host="www.example.com",
security_policy={
"custom_rules": {
"basic_access_rules": [{
"action": {
"name": "Deny",
},
"condition": "${http.request.ip} in ['119.28.103.58']",
"enabled": "off",
"name": "rule2",
}],
"precise_match_rules": [{
"action": {
"block_ip_action_parameters": {
"duration": "120s",
},
"name": "BlockIP",
},
"condition": "${http.request.host} contain ['abc']",
"enabled": "on",
"name": "rule1",
"priority": 50,
}],
},
"managed_rules": {
"auto_update": {
"auto_update_to_latest_version": "off",
},
"detection_only": "off",
"enabled": "on",
"managed_rule_groups": [
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-webshell-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xxe-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-non-compliant-protocol-usages",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-file-upload-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-command-and-code-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ldap-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssrf-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xss-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-vulnerability-scanners",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-cms-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-other-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-sql-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-file-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-oa-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssti-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-shiro-vulnerabilities",
"sensitivity_level": "strict",
},
],
"semantic_analysis": "off",
},
},
zone_id="zone-37u62pwxfo8s")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
Entity: pulumi.String("Host"),
Host: pulumi.String("www.example.com"),
SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
BasicAccessRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs{
Name: pulumi.String("Deny"),
},
Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
Enabled: pulumi.String("off"),
Name: pulumi.String("rule2"),
},
},
PreciseMatchRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs{
BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs{
Duration: pulumi.String("120s"),
},
Name: pulumi.String("BlockIP"),
},
Condition: pulumi.String("${http.request.host} contain ['abc']"),
Enabled: pulumi.String("on"),
Name: pulumi.String("rule1"),
Priority: pulumi.Float64(50),
},
},
},
ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
AutoUpdateToLatestVersion: pulumi.String("off"),
},
DetectionOnly: pulumi.String("off"),
Enabled: pulumi.String("on"),
ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-webshell-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xxe-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-non-compliant-protocol-usages"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-file-upload-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-command-and-code-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ldap-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssrf-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xss-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-vulnerability-scanners"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-cms-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-other-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-sql-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-file-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-oa-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssti-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-shiro-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
},
SemanticAnalysis: pulumi.String("off"),
},
},
ZoneId: pulumi.String("zone-37u62pwxfo8s"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
{
Entity = "Host",
Host = "www.example.com",
SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
{
CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
{
BasicAccessRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
{
Name = "Deny",
},
Condition = "${http.request.ip} in ['119.28.103.58']",
Enabled = "off",
Name = "rule2",
},
},
PreciseMatchRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
{
BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
{
Duration = "120s",
},
Name = "BlockIP",
},
Condition = "${http.request.host} contain ['abc']",
Enabled = "on",
Name = "rule1",
Priority = 50,
},
},
},
ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
{
AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
{
AutoUpdateToLatestVersion = "off",
},
DetectionOnly = "off",
Enabled = "on",
ManagedRuleGroups = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-webshell-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xxe-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-non-compliant-protocol-usages",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-file-upload-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-command-and-code-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ldap-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssrf-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xss-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-vulnerability-scanners",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-cms-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-other-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-sql-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-file-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-oa-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssti-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-shiro-vulnerabilities",
SensitivityLevel = "strict",
},
},
SemanticAnalysis = "off",
},
},
ZoneId = "zone-37u62pwxfo8s",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("Host")
.host("www.example.com")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['abc']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.build())
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: Host
host: www.example.com
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['abc']
enabled: on
name: rule1
priority: 50
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
zoneId: zone-37u62pwxfo8s
If entity is Template
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
entity: "Template",
securityPolicy: {
customRules: {
basicAccessRules: [{
action: {
name: "Deny",
},
condition: "${http.request.ip} in ['119.28.103.58']",
enabled: "off",
name: "rule2",
}],
preciseMatchRules: [{
action: {
blockIpActionParameters: {
duration: "120s",
},
name: "BlockIP",
},
condition: "${http.request.host} contain ['abc']",
enabled: "on",
name: "rule1",
priority: 50,
}],
},
managedRules: {
autoUpdate: {
autoUpdateToLatestVersion: "off",
},
detectionOnly: "off",
enabled: "on",
managedRuleGroups: [
{
action: {
name: "Deny",
},
groupId: "wafgroup-webshell-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xxe-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-non-compliant-protocol-usages",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-file-upload-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-command-and-code-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ldap-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssrf-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-xss-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-vulnerability-scanners",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-cms-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-other-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-sql-injections",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-unauthorized-file-accesses",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-oa-vulnerabilities",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-ssti-attacks",
sensitivityLevel: "strict",
},
{
action: {
name: "Deny",
},
groupId: "wafgroup-shiro-vulnerabilities",
sensitivityLevel: "strict",
},
],
semanticAnalysis: "off",
},
},
templateId: "temp-05dtxkyw",
zoneId: "zone-37u62pwxfo8s",
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.TeoSecurityPolicyConfig("example",
entity="Template",
security_policy={
"custom_rules": {
"basic_access_rules": [{
"action": {
"name": "Deny",
},
"condition": "${http.request.ip} in ['119.28.103.58']",
"enabled": "off",
"name": "rule2",
}],
"precise_match_rules": [{
"action": {
"block_ip_action_parameters": {
"duration": "120s",
},
"name": "BlockIP",
},
"condition": "${http.request.host} contain ['abc']",
"enabled": "on",
"name": "rule1",
"priority": 50,
}],
},
"managed_rules": {
"auto_update": {
"auto_update_to_latest_version": "off",
},
"detection_only": "off",
"enabled": "on",
"managed_rule_groups": [
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-webshell-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xxe-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-non-compliant-protocol-usages",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-file-upload-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-command-and-code-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ldap-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssrf-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-xss-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-vulnerability-scanners",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-cms-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-other-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-sql-injections",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-unauthorized-file-accesses",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-oa-vulnerabilities",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-ssti-attacks",
"sensitivity_level": "strict",
},
{
"action": {
"name": "Deny",
},
"group_id": "wafgroup-shiro-vulnerabilities",
"sensitivity_level": "strict",
},
],
"semantic_analysis": "off",
},
},
template_id="temp-05dtxkyw",
zone_id="zone-37u62pwxfo8s")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
Entity: pulumi.String("Template"),
SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
BasicAccessRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs{
Name: pulumi.String("Deny"),
},
Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
Enabled: pulumi.String("off"),
Name: pulumi.String("rule2"),
},
},
PreciseMatchRules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs{
BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs{
Duration: pulumi.String("120s"),
},
Name: pulumi.String("BlockIP"),
},
Condition: pulumi.String("${http.request.host} contain ['abc']"),
Enabled: pulumi.String("on"),
Name: pulumi.String("rule1"),
Priority: pulumi.Float64(50),
},
},
},
ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
AutoUpdateToLatestVersion: pulumi.String("off"),
},
DetectionOnly: pulumi.String("off"),
Enabled: pulumi.String("on"),
ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-webshell-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xxe-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-non-compliant-protocol-usages"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-file-upload-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-command-and-code-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ldap-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssrf-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-xss-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-vulnerability-scanners"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-cms-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-other-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-sql-injections"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-unauthorized-file-accesses"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-oa-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-ssti-attacks"),
SensitivityLevel: pulumi.String("strict"),
},
&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
Name: pulumi.String("Deny"),
},
GroupId: pulumi.String("wafgroup-shiro-vulnerabilities"),
SensitivityLevel: pulumi.String("strict"),
},
},
SemanticAnalysis: pulumi.String("off"),
},
},
TemplateId: pulumi.String("temp-05dtxkyw"),
ZoneId: pulumi.String("zone-37u62pwxfo8s"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
{
Entity = "Template",
SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
{
CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
{
BasicAccessRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
{
Name = "Deny",
},
Condition = "${http.request.ip} in ['119.28.103.58']",
Enabled = "off",
Name = "rule2",
},
},
PreciseMatchRules = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
{
BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
{
Duration = "120s",
},
Name = "BlockIP",
},
Condition = "${http.request.host} contain ['abc']",
Enabled = "on",
Name = "rule1",
Priority = 50,
},
},
},
ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
{
AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
{
AutoUpdateToLatestVersion = "off",
},
DetectionOnly = "off",
Enabled = "on",
ManagedRuleGroups = new[]
{
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-webshell-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xxe-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-non-compliant-protocol-usages",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-file-upload-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-command-and-code-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ldap-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssrf-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-xss-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-vulnerability-scanners",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-cms-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-other-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-sql-injections",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-unauthorized-file-accesses",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-oa-vulnerabilities",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-ssti-attacks",
SensitivityLevel = "strict",
},
new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
{
Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
{
Name = "Deny",
},
GroupId = "wafgroup-shiro-vulnerabilities",
SensitivityLevel = "strict",
},
},
SemanticAnalysis = "off",
},
},
TemplateId = "temp-05dtxkyw",
ZoneId = "zone-37u62pwxfo8s",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
.entity("Template")
.securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
.customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
.basicAccessRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs.builder()
.name("Deny")
.build())
.condition("${http.request.ip} in ['119.28.103.58']")
.enabled("off")
.name("rule2")
.build())
.preciseMatchRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs.builder()
.blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs.builder()
.duration("120s")
.build())
.name("BlockIP")
.build())
.condition("${http.request.host} contain ['abc']")
.enabled("on")
.name("rule1")
.priority(50)
.build())
.build())
.managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
.autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
.autoUpdateToLatestVersion("off")
.build())
.detectionOnly("off")
.enabled("on")
.managedRuleGroups(
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-webshell-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xxe-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-non-compliant-protocol-usages")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-file-upload-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-command-and-code-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ldap-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssrf-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-xss-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-vulnerability-scanners")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-cms-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-other-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-sql-injections")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-unauthorized-file-accesses")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-oa-vulnerabilities")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-ssti-attacks")
.sensitivityLevel("strict")
.build(),
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
.action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
.name("Deny")
.build())
.groupId("wafgroup-shiro-vulnerabilities")
.sensitivityLevel("strict")
.build())
.semanticAnalysis("off")
.build())
.build())
.templateId("temp-05dtxkyw")
.zoneId("zone-37u62pwxfo8s")
.build());
}
}
resources:
example:
type: tencentcloud:TeoSecurityPolicyConfig
properties:
entity: Template
securityPolicy:
customRules:
basicAccessRules:
- action:
name: Deny
condition: $${http.request.ip} in ['119.28.103.58']
enabled: off
name: rule2
preciseMatchRules:
- action:
blockIpActionParameters:
duration: 120s
name: BlockIP
condition: $${http.request.host} contain ['abc']
enabled: on
name: rule1
priority: 50
managedRules:
autoUpdate:
autoUpdateToLatestVersion: off
detectionOnly: off
enabled: on
managedRuleGroups:
- action:
name: Deny
groupId: wafgroup-webshell-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xxe-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-non-compliant-protocol-usages
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-file-upload-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-command-and-code-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ldap-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssrf-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-xss-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-vulnerability-scanners
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-cms-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-other-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-sql-injections
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-unauthorized-file-accesses
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-oa-vulnerabilities
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-ssti-attacks
sensitivityLevel: strict
- action:
name: Deny
groupId: wafgroup-shiro-vulnerabilities
sensitivityLevel: strict
semanticAnalysis: off
templateId: temp-05dtxkyw
zoneId: zone-37u62pwxfo8s
Create TeoSecurityPolicyConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TeoSecurityPolicyConfig(name: string, args: TeoSecurityPolicyConfigArgs, opts?: CustomResourceOptions);@overload
def TeoSecurityPolicyConfig(resource_name: str,
args: TeoSecurityPolicyConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TeoSecurityPolicyConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
zone_id: Optional[str] = None,
entity: Optional[str] = None,
host: Optional[str] = None,
security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
template_id: Optional[str] = None,
teo_security_policy_config_id: Optional[str] = None)func NewTeoSecurityPolicyConfig(ctx *Context, name string, args TeoSecurityPolicyConfigArgs, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)public TeoSecurityPolicyConfig(string name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions? opts = null)
public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args)
public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions options)
type: tencentcloud:TeoSecurityPolicyConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TeoSecurityPolicyConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
TeoSecurityPolicyConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TeoSecurityPolicyConfig resource accepts the following input properties:
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id string - Zone ID.
- entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security stringPolicy Config Id - ID of the resource.
- zone_
id str - Zone ID.
- entity str
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host str
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security_
policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template_
id str - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo_
security_ strpolicy_ config_ id - ID of the resource.
- zone
Id String - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy Property Map - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the TeoSecurityPolicyConfig resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing TeoSecurityPolicyConfig Resource
Get an existing TeoSecurityPolicyConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TeoSecurityPolicyConfigState, opts?: CustomResourceOptions): TeoSecurityPolicyConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
entity: Optional[str] = None,
host: Optional[str] = None,
security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
template_id: Optional[str] = None,
teo_security_policy_config_id: Optional[str] = None,
zone_id: Optional[str] = None) -> TeoSecurityPolicyConfigfunc GetTeoSecurityPolicyConfig(ctx *Context, name string, id IDInput, state *TeoSecurityPolicyConfigState, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)public static TeoSecurityPolicyConfig Get(string name, Input<string> id, TeoSecurityPolicyConfigState? state, CustomResourceOptions? opts = null)public static TeoSecurityPolicyConfig get(String name, Output<String> id, TeoSecurityPolicyConfigState state, CustomResourceOptions options)resources: _: type: tencentcloud:TeoSecurityPolicyConfig get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- Entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- Host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- Security
Policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- Template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- Teo
Security stringPolicy Config Id - ID of the resource.
- Zone
Id string - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
- entity string
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host string
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy TeoSecurity Policy Config Security Policy - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id string - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security stringPolicy Config Id - ID of the resource.
- zone
Id string - Zone ID.
- entity str
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host str
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security_
policy TeoSecurity Policy Config Security Policy Args - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template_
id str - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo_
security_ strpolicy_ config_ id - ID of the resource.
- zone_
id str - Zone ID.
- entity String
- Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
- host String
- Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
- security
Policy Property Map - Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
- template
Id String - Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
- teo
Security StringPolicy Config Id - ID of the resource.
- zone
Id String - Zone ID.
Supporting Types
TeoSecurityPolicyConfigSecurityPolicy, TeoSecurityPolicyConfigSecurityPolicyArgs
- Custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- Exception
Rules TeoSecurity Policy Config Security Policy Exception Rules - Exception rule configuration.
- Http
Ddos TeoProtection Security Policy Config Security Policy Http Ddos Protection - HTTP DDOS protection configuration.
- Managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- Rate
Limiting TeoRules Security Policy Config Security Policy Rate Limiting Rules - Rate limiting rule configuration.
- Custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- Exception
Rules TeoSecurity Policy Config Security Policy Exception Rules - Exception rule configuration.
- Http
Ddos TeoProtection Security Policy Config Security Policy Http Ddos Protection - HTTP DDOS protection configuration.
- Managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- Rate
Limiting TeoRules Security Policy Config Security Policy Rate Limiting Rules - Rate limiting rule configuration.
- custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- exception
Rules TeoSecurity Policy Config Security Policy Exception Rules - Exception rule configuration.
- http
Ddos TeoProtection Security Policy Config Security Policy Http Ddos Protection - HTTP DDOS protection configuration.
- managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- rate
Limiting TeoRules Security Policy Config Security Policy Rate Limiting Rules - Rate limiting rule configuration.
- custom
Rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- exception
Rules TeoSecurity Policy Config Security Policy Exception Rules - Exception rule configuration.
- http
Ddos TeoProtection Security Policy Config Security Policy Http Ddos Protection - HTTP DDOS protection configuration.
- managed
Rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- rate
Limiting TeoRules Security Policy Config Security Policy Rate Limiting Rules - Rate limiting rule configuration.
- custom_
rules TeoSecurity Policy Config Security Policy Custom Rules - Custom rule configuration.
- exception_
rules TeoSecurity Policy Config Security Policy Exception Rules - Exception rule configuration.
- http_
ddos_ Teoprotection Security Policy Config Security Policy Http Ddos Protection - HTTP DDOS protection configuration.
- managed_
rules TeoSecurity Policy Config Security Policy Managed Rules - Managed rule configuration.
- rate_
limiting_ Teorules Security Policy Config Security Policy Rate Limiting Rules - Rate limiting rule configuration.
- custom
Rules Property Map - Custom rule configuration.
- exception
Rules Property Map - Exception rule configuration.
- http
Ddos Property MapProtection - HTTP DDOS protection configuration.
- managed
Rules Property Map - Managed rule configuration.
- rate
Limiting Property MapRules - Rate limiting rule configuration.
TeoSecurityPolicyConfigSecurityPolicyCustomRules, TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
- Basic
Access List<TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Precise
Match List<TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Rules
List<Teo
Security Policy Config Security Policy Custom Rules Rule> - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Basic
Access []TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Precise
Match []TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- Rules
[]Teo
Security Policy Config Security Policy Custom Rules Rule - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access List<TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match List<TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule> - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
List<Teo
Security Policy Config Security Policy Custom Rules Rule> - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access TeoRules Security Policy Config Security Policy Custom Rules Basic Access Rule[] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match TeoRules Security Policy Config Security Policy Custom Rules Precise Match Rule[] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
Teo
Security Policy Config Security Policy Custom Rules Rule[] - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic_
access_ Sequence[Teorules Security Policy Config Security Policy Custom Rules Basic Access Rule] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise_
match_ Sequence[Teorules Security Policy Config Security Policy Custom Rules Precise Match Rule] - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules
Sequence[Teo
Security Policy Config Security Policy Custom Rules Rule] - It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- basic
Access List<Property Map>Rules - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- precise
Match List<Property Map>Rules - List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
- rules List<Property Map>
- It has been deprecated from version 1.81.184. Please use
precise_match_rulesorbasic_access_rulesinstead. List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority float64
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name string
- The name of the custom rule.
- id string
- ID of the resource.
- priority number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Basic Access Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition str
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled str
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name str
- The name of the custom rule.
- id str
- ID of the resource.
- priority float
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Basic Access Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesBasicAccessRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- Condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- Enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- Name string
- The name of the custom rule.
- Id string
- ID of the resource.
- Priority float64
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Double
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition string
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled string
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name string
- The name of the custom rule.
- id string
- ID of the resource.
- priority number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Precise Match Rule Action - Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition str
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled str
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name str
- The name of the custom rule.
- id str
- ID of the resource.
- priority float
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
- condition String
- The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
- enabled String
- Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
- name String
- The name of the custom rule.
- id String
- ID of the resource.
- priority Number
- Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports
rule_typeisPreciseMatchRule. - rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Precise Match Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesPreciseMatchRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
- Action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Name string
- The name of the precise rate limit.
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Priority double
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- Action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Name string
- The name of the precise rate limit.
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Priority float64
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- Rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- name String
- The name of the precise rate limit.
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- priority Double
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- name string
- The name of the precise rate limit.
- id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- priority number
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- rule
Type string - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action
Teo
Security Policy Config Security Policy Custom Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- condition str
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled str
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- name str
- The name of the precise rate limit.
- id str
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- priority float
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- rule_
type str - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
- action Property Map
- The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- name String
- The name of the precise rate limit.
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- priority Number
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- rule
Type String - Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Custom Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Custom Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Custom Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyExceptionRules, TeoSecurityPolicyConfigSecurityPolicyExceptionRulesArgs
- Rules
List<Teo
Security Policy Config Security Policy Exception Rules Rule> - Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
- Rules
[]Teo
Security Policy Config Security Policy Exception Rules Rule - Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
- rules
List<Teo
Security Policy Config Security Policy Exception Rules Rule> - Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
- rules
Teo
Security Policy Config Security Policy Exception Rules Rule[] - Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
- rules
Sequence[Teo
Security Policy Config Security Policy Exception Rules Rule] - Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
- rules List<Property Map>
- Definition list of exception rules. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the length of the Rules parameter is zero: clear all exception rule configurations. .If the ExceptionRules parameter value is not specified in the SecurityPolicy parameter: keep the existing exception rule configurations and do not modify them. .
TeoSecurityPolicyConfigSecurityPolicyExceptionRulesRule, TeoSecurityPolicyConfigSecurityPolicyExceptionRulesRuleArgs
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Managed
Rule List<string>Groups For Exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- Managed
Rules List<string>For Exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- Name string
- The name of the precise rate limit.
- Request
Fields List<TeoFor Exceptions Security Policy Config Security Policy Exception Rules Rule Request Fields For Exception> - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- Skip
Option string - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- Skip
Scope string - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- Web
Security List<string>Modules For Exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Managed
Rule []stringGroups For Exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- Managed
Rules []stringFor Exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- Name string
- The name of the precise rate limit.
- Request
Fields []TeoFor Exceptions Security Policy Config Security Policy Exception Rules Rule Request Fields For Exception - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- Skip
Option string - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- Skip
Scope string - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- Web
Security []stringModules For Exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- managed
Rule List<String>Groups For Exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- managed
Rules List<String>For Exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- name String
- The name of the precise rate limit.
- request
Fields List<TeoFor Exceptions Security Policy Config Security Policy Exception Rules Rule Request Fields For Exception> - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- skip
Option String - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- skip
Scope String - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- web
Security List<String>Modules For Exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
- condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- managed
Rule string[]Groups For Exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- managed
Rules string[]For Exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- name string
- The name of the precise rate limit.
- request
Fields TeoFor Exceptions Security Policy Config Security Policy Exception Rules Rule Request Fields For Exception[] - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- skip
Option string - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- skip
Scope string - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- web
Security string[]Modules For Exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
- condition str
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled str
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id str
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- managed_
rule_ Sequence[str]groups_ for_ exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- managed_
rules_ Sequence[str]for_ exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- name str
- The name of the precise rate limit.
- request_
fields_ Sequence[Teofor_ exceptions Security Policy Config Security Policy Exception Rules Rule Request Fields For Exception] - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- skip_
option str - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- skip_
scope str - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- web_
security_ Sequence[str]modules_ for_ exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- managed
Rule List<String>Groups For Exceptions - Specifies the managed rule group for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRulesForException cannot be specified.
- managed
Rules List<String>For Exceptions - Specifies the specific managed rule for the exception rule. This is only valid when SkipScope is ManagedRules and ManagedRuleGroupsForException cannot be specified.
- name String
- The name of the precise rate limit.
- request
Fields List<Property Map>For Exceptions - Specifies the specific configuration of the exception rule to skip the specified request field. This is only valid when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
- skip
Option String - The specific type of the skipped request. The possible values are: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. . This option is only valid when SkipScope is ManagedRules.
- skip
Scope String - Exception rule execution options, the values are: WebSecurityModules: Specifies the security protection module for the exception rule. .ManagedRules: Specifies the managed rules. .
- web
Security List<String>Modules For Exceptions - Specifies the security protection module for the exception rule. It is valid only when SkipScope is WebSecurityModules. The possible values are: websec-mod-managed-rules: managed rules; websec-mod-rate-limiting: rate limiting; websec-mod-custom-rules: custom rules; websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection; websec-mod-bot: Bot management. .
TeoSecurityPolicyConfigSecurityPolicyExceptionRulesRuleRequestFieldsForException, TeoSecurityPolicyConfigSecurityPolicyExceptionRulesRuleRequestFieldsForExceptionArgs
- Condition string
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- Scope string
- Specific fields to skip. Supported values:
- Target
Field string - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
- Condition string
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- Scope string
- Specific fields to skip. Supported values:
- Target
Field string - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
- condition String
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- scope String
- Specific fields to skip. Supported values:
- target
Field String - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
- condition string
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- scope string
- Specific fields to skip. Supported values:
- target
Field string - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
- condition str
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- scope str
- Specific fields to skip. Supported values:
- target_
field str - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
- condition String
- The expression of the specific field to be skipped must conform to the expression syntax. Condition supports expression configuration syntax: Written according to the matching condition expression syntax of the rule, supporting references to key and value. . Supports in, like operators, and and logical combinations. . For example: ${key} in ['x-trace-id']: parameter name is equal to x-trace-id. .${key} in ['x-trace-id'] and ${value} like ['Bearer *']: parameter name is equal to x-trace-id and the parameter value wildcard matches Bearer *. .
- scope String
- Specific fields to skip. Supported values:
- target
Field String - When the Scope parameter uses different values, the supported values in the TargetField expression are as follows:
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtection, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionArgs
- Adaptive
Frequency TeoControl Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control - Specific configuration of adaptive frequency control.
- Bandwidth
Abuse TeoDefense Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense - Specific configuration of traffic fraud prevention.
- Client
Filtering TeoSecurity Policy Config Security Policy Http Ddos Protection Client Filtering - Specific configuration of intelligent client filtering.
- Slow
Attack TeoDefense Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense - Specific configuration of slow attack protection.
- Adaptive
Frequency TeoControl Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control - Specific configuration of adaptive frequency control.
- Bandwidth
Abuse TeoDefense Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense - Specific configuration of traffic fraud prevention.
- Client
Filtering TeoSecurity Policy Config Security Policy Http Ddos Protection Client Filtering - Specific configuration of intelligent client filtering.
- Slow
Attack TeoDefense Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense - Specific configuration of slow attack protection.
- adaptive
Frequency TeoControl Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control - Specific configuration of adaptive frequency control.
- bandwidth
Abuse TeoDefense Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense - Specific configuration of traffic fraud prevention.
- client
Filtering TeoSecurity Policy Config Security Policy Http Ddos Protection Client Filtering - Specific configuration of intelligent client filtering.
- slow
Attack TeoDefense Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense - Specific configuration of slow attack protection.
- adaptive
Frequency TeoControl Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control - Specific configuration of adaptive frequency control.
- bandwidth
Abuse TeoDefense Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense - Specific configuration of traffic fraud prevention.
- client
Filtering TeoSecurity Policy Config Security Policy Http Ddos Protection Client Filtering - Specific configuration of intelligent client filtering.
- slow
Attack TeoDefense Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense - Specific configuration of slow attack protection.
- adaptive_
frequency_ Teocontrol Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control - Specific configuration of adaptive frequency control.
- bandwidth_
abuse_ Teodefense Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense - Specific configuration of traffic fraud prevention.
- client_
filtering TeoSecurity Policy Config Security Policy Http Ddos Protection Client Filtering - Specific configuration of intelligent client filtering.
- slow_
attack_ Teodefense Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense - Specific configuration of slow attack protection.
- adaptive
Frequency Property MapControl - Specific configuration of adaptive frequency control.
- bandwidth
Abuse Property MapDefense - Specific configuration of traffic fraud prevention.
- client
Filtering Property Map - Specific configuration of intelligent client filtering.
- slow
Attack Property MapDefense - Specific configuration of slow attack protection.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControl, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlArgs
- Enabled string
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action - The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- Sensitivity string
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
- Enabled string
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action - The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- Sensitivity string
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
- enabled String
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action - The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- sensitivity String
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
- enabled string
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action - The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- sensitivity string
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
- enabled str
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action - The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- sensitivity str
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
- enabled String
- Whether adaptive frequency control is enabled. The possible values are: on: enabled; off: disabled. .
- action Property Map
- The handling method of adaptive frequency control. When Enabled is on, this field is required. SecurityAction's Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- sensitivity String
- The restriction level of adaptive frequency control. When Enabled is on, this field is required. The values are: Loose: loose; Moderate: moderate; Strict: strict. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlAction, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Http Ddos Protection Adaptive Frequency Control Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action Property MapParameters - Additional parameters when Name is Challenge.
- deny
Action Property MapParameters - Additional parameters when Name is Deny.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionChallengeActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionChallengeActionParametersArgs
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge_
option str - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester_
id str - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval str
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionDenyActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionDenyActionParametersArgs
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
- block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- error
Page stringId - The PageId of the custom page.
- response
Code string - Customize the status code of the page.
- return
Custom stringPage - Whether to use custom pages. The possible values are:
- stall string
- Whether to ignore the request source suspension. The value is:
- block_
ip str - Whether to extend the blocking of source IP. The possible values are:
- block_
ip_ strduration - When BlockIP is on, the IP blocking duration.
- error_
page_ strid - The PageId of the custom page.
- response_
code str - Customize the status code of the page.
- return_
custom_ strpage - Whether to use custom pages. The possible values are:
- stall str
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionAdaptiveFrequencyControlActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefense, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseArgs
- Enabled string
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action - The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- Enabled string
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action - The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled String
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action - The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled string
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action - The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled str
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action - The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled String
- Whether the anti-theft feature (only applicable to mainland China) is enabled. The possible values are: on: enabled; off: disabled. .
- action Property Map
- The method for preventing traffic fraud (only applicable to mainland China). When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseAction, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Http Ddos Protection Bandwidth Abuse Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action Property MapParameters - Additional parameters when Name is Challenge.
- deny
Action Property MapParameters - Additional parameters when Name is Deny.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionChallengeActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionChallengeActionParametersArgs
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge_
option str - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester_
id str - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval str
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionDenyActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionDenyActionParametersArgs
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
- block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- error
Page stringId - The PageId of the custom page.
- response
Code string - Customize the status code of the page.
- return
Custom stringPage - Whether to use custom pages. The possible values are:
- stall string
- Whether to ignore the request source suspension. The value is:
- block_
ip str - Whether to extend the blocking of source IP. The possible values are:
- block_
ip_ strduration - When BlockIP is on, the IP blocking duration.
- error_
page_ strid - The PageId of the custom page.
- response_
code str - Customize the status code of the page.
- return_
custom_ strpage - Whether to use custom pages. The possible values are:
- stall str
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionBandwidthAbuseDefenseActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFiltering, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringArgs
- Enabled string
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Client Filtering Action - The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- Enabled string
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Client Filtering Action - The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled String
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Client Filtering Action - The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled string
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Client Filtering Action - The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled str
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Client Filtering Action - The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
- enabled String
- Whether smart client filtering is enabled. The possible values are: on: enabled; off: disabled. .
- action Property Map
- The method of intelligent client filtering. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringAction, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Http Ddos Protection Client Filtering Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action Property MapParameters - Additional parameters when Name is Challenge.
- deny
Action Property MapParameters - Additional parameters when Name is Deny.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionChallengeActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionChallengeActionParametersArgs
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge_
option str - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester_
id str - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval str
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionDenyActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionDenyActionParametersArgs
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
- block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- error
Page stringId - The PageId of the custom page.
- response
Code string - Customize the status code of the page.
- return
Custom stringPage - Whether to use custom pages. The possible values are:
- stall string
- Whether to ignore the request source suspension. The value is:
- block_
ip str - Whether to extend the blocking of source IP. The possible values are:
- block_
ip_ strduration - When BlockIP is on, the IP blocking duration.
- error_
page_ strid - The PageId of the custom page.
- response_
code str - Customize the status code of the page.
- return_
custom_ strpage - Whether to use custom pages. The possible values are:
- stall str
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionClientFilteringActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefense, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseArgs
- Enabled string
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action - The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- Minimal
Request TeoBody Transfer Rate Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Minimal Request Body Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- Request
Body TeoTransfer Timeout Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Request Body Transfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
- Enabled string
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- Action
Teo
Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action - The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- Minimal
Request TeoBody Transfer Rate Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Minimal Request Body Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- Request
Body TeoTransfer Timeout Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Request Body Transfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
- enabled String
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action - The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- minimal
Request TeoBody Transfer Rate Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Minimal Request Body Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- request
Body TeoTransfer Timeout Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Request Body Transfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
- enabled string
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action - The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- minimal
Request TeoBody Transfer Rate Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Minimal Request Body Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- request
Body TeoTransfer Timeout Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Request Body Transfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
- enabled str
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- action
Teo
Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action - The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- minimal_
request_ Teobody_ transfer_ rate Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Minimal Request Body Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- request_
body_ Teotransfer_ timeout Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Request Body Transfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
- enabled String
- Whether slow attack protection is enabled. The possible values are: on: enabled; off: disabled. .
- action Property Map
- The handling method of slow attack protection. When Enabled is on, this field is required. SecurityAction Name value supports: Monitor: Observe; Deny: Intercept; .
- minimal
Request Property MapBody Transfer Rate - Specific configuration of the minimum rate threshold for text transmission. This field is required when Enabled is on.
- request
Body Property MapTransfer Timeout - Specific configuration of the text transmission timeout. When Enabled is on, this field is required.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseAction, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Http Ddos Protection Slow Attack Defense Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action Property MapParameters - Additional parameters when Name is Challenge.
- deny
Action Property MapParameters - Additional parameters when Name is Deny.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionChallengeActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionChallengeActionParametersArgs
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge_
option str - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester_
id str - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval str
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionDenyActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionDenyActionParametersArgs
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
- block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- error
Page stringId - The PageId of the custom page.
- response
Code string - Customize the status code of the page.
- return
Custom stringPage - Whether to use custom pages. The possible values are:
- stall string
- Whether to ignore the request source suspension. The value is:
- block_
ip str - Whether to extend the blocking of source IP. The possible values are:
- block_
ip_ strduration - When BlockIP is on, the IP blocking duration.
- error_
page_ strid - The PageId of the custom page.
- response_
code str - Customize the status code of the page.
- return_
custom_ strpage - Whether to use custom pages. The possible values are:
- stall str
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseMinimalRequestBodyTransferRate, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseMinimalRequestBodyTransferRateArgs
- Counting
Period string - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- Enabled string
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- Minimal
Avg stringTransfer Rate Threshold - Minimum text transmission rate threshold. The unit only supports bps.
- Counting
Period string - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- Enabled string
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- Minimal
Avg stringTransfer Rate Threshold - Minimum text transmission rate threshold. The unit only supports bps.
- counting
Period String - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- enabled String
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- minimal
Avg StringTransfer Rate Threshold - Minimum text transmission rate threshold. The unit only supports bps.
- counting
Period string - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- enabled string
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- minimal
Avg stringTransfer Rate Threshold - Minimum text transmission rate threshold. The unit only supports bps.
- counting_
period str - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- enabled str
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- minimal_
avg_ strtransfer_ rate_ threshold - Minimum text transmission rate threshold. The unit only supports bps.
- counting
Period String - The minimum text transmission rate statistics time range, the possible values are: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
- enabled String
- Whether the text transmission minimum rate threshold is enabled. The possible values are: on: enabled; off: disabled. .
- minimal
Avg StringTransfer Rate Threshold - Minimum text transmission rate threshold. The unit only supports bps.
TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseRequestBodyTransferTimeout, TeoSecurityPolicyConfigSecurityPolicyHttpDdosProtectionSlowAttackDefenseRequestBodyTransferTimeoutArgs
- Enabled string
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- Idle
Timeout string - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
- Enabled string
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- Idle
Timeout string - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
- enabled String
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- idle
Timeout String - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
- enabled string
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- idle
Timeout string - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
- enabled str
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- idle_
timeout str - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
- enabled String
- Whether the text transmission timeout is enabled. The possible values are: on: enabled; off: disabled. .
- idle
Timeout String - The text transmission timeout period is between 5 and 120, and the unit only supports seconds (s).
TeoSecurityPolicyConfigSecurityPolicyManagedRules, TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
- Detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- Enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- Auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- Managed
Rule List<TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group> - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- Semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- Detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- Enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- Auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- Managed
Rule []TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- Semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only String - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled String
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed
Rule List<TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group> - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis String - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only string - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled string
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed
Rule TeoGroups Security Policy Config Security Policy Managed Rules Managed Rule Group[] - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis string - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection_
only str - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled str
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto_
update TeoSecurity Policy Config Security Policy Managed Rules Auto Update - Managed rule automatic update option.
- managed_
rule_ Sequence[Teogroups Security Policy Config Security Policy Managed Rules Managed Rule Group] - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic_
analysis str - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
- detection
Only String - Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
- enabled String
- Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
- auto
Update Property Map - Managed rule automatic update option.
- managed
Rule List<Property Map>Groups - Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
- semantic
Analysis String - Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate, TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
- Auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- Ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- Auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- Ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update StringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version String - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update stringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version string - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto_
update_ strto_ latest_ version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset_
version str - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
- auto
Update StringTo Latest Version - Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
- ruleset
Version String - The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- Sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- Meta
Datas List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data> - Managed rule group information, for output only.
- Rule
Actions List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- Sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- Meta
Datas []TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data - Managed rule group information, for output only.
- Rule
Actions []TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id String - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level String - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data> - Managed rule group information, for output only.
- rule
Actions List<TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id string - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level string - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data[] - Managed rule group information, for output only.
- rule
Actions TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action[] - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group_
id str - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity_
level str - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta_
datas Sequence[TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Meta Data] - Managed rule group information, for output only.
- rule_
actions Sequence[TeoSecurity Policy Config Security Policy Managed Rules Managed Rule Group Rule Action] - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
- action Property Map
- Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- group
Id String - Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
- sensitivity
Level String - Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
- meta
Datas List<Property Map> - Managed rule group information, for output only.
- rule
Actions List<Property Map> - Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataArgs
- group
Detail String - group
Name String - rule
Details List<Property Map>
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetailArgs
- Description string
- Risk
Level string - Rule
Id string - Rule
Version string - List<string>
- Description string
- Risk
Level string - Rule
Id string - Rule
Version string - []string
- description String
- risk
Level String - rule
Id String - rule
Version String - List<String>
- description string
- risk
Level string - rule
Id string - rule
Version string - string[]
- description str
- risk_
level str - rule_
id str - rule_
version str - Sequence[str]
- description String
- risk
Level String - rule
Id String - rule
Version String - List<String>
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionArgs
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- Action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- Rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id String - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id string - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action
Teo
Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action - Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule_
id str - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
- action Property Map
- Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
- rule
Id String - Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action TeoParameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Managed Rules Managed Rule Group Rule Action Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRules, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesArgs
- Rules
List<Teo
Security Policy Config Security Policy Rate Limiting Rules Rule> - A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
- Rules
[]Teo
Security Policy Config Security Policy Rate Limiting Rules Rule - A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
- rules
List<Teo
Security Policy Config Security Policy Rate Limiting Rules Rule> - A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
- rules
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule[] - A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
- rules
Sequence[Teo
Security Policy Config Security Policy Rate Limiting Rules Rule] - A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
- rules List<Property Map>
- A list of precise rate limiting definitions. When using ModifySecurityPolicy to modify the Web protection configuration: If the Rules parameter is not specified, or the Rules parameter length is zero: clear all precise rate limiting configurations. . If the RateLimitingRules parameter value is not specified in the SecurityPolicy parameter: keep the existing custom rule configuration and do not modify it. .
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRule, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleArgs
- Action
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- Action
Duration string - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Count
Bies List<string> - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- Counting
Period string - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Max
Request doubleThreshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- Name string
- The name of the precise rate limit.
- Priority double
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- Action
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- Action
Duration string - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- Condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- Count
Bies []string - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- Counting
Period string - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- Enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- Id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- Max
Request float64Threshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- Name string
- The name of the precise rate limit.
- Priority float64
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- action
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- action
Duration String - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- count
Bies List<String> - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- counting
Period String - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- max
Request DoubleThreshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- name String
- The name of the precise rate limit.
- priority Double
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- action
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- action
Duration string - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- condition string
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- count
Bies string[] - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- counting
Period string - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- enabled string
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id string
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- max
Request numberThreshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- name string
- The name of the precise rate limit.
- priority number
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- action
Teo
Security Policy Config Security Policy Rate Limiting Rules Rule Action - The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- action_
duration str - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- condition str
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- count_
bies Sequence[str] - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- counting_
period str - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- enabled str
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id str
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- max_
request_ floatthreshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- name str
- The name of the precise rate limit.
- priority float
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
- action Property Map
- The precise rate limit handling method. The values are: Monitor: Observe; Deny: Intercept, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
- action
Duration String - Action The duration of the action. The supported units are: s: seconds, with a value of 1 to 120; m: minutes, with a value of 1 to 120; h: hours, with a value of 1 to 48; d: days, with a value of 1 to 30. .
- condition String
- The specific content of the precise rate limit must conform to the expression syntax. For detailed specifications, see the product documentation.
- count
Bies List<String> - The matching method of the rate threshold request feature. When Enabled is on, this field is required. When there are multiple conditions, multiple conditions will be combined for statistical calculation. The number of conditions cannot exceed 5. The possible values are: http.request.ip: client IP; http.request.xff_header_ip: client IP (matching XFF header first); http.request.uri.path: requested access path; http.request.cookies['session']: cookie named session, where session can be replaced by the parameter you specify; http.request.headers['user-agent']: HTTP header named user-agent, where user-agent can be replaced by the parameter you specify; http.request.ja3: requested JA3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced by the parameter you specify. .
- counting
Period String - The statistical time window, the possible values are: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
- enabled String
- Whether the precise rate limit rule is enabled. The possible values are: on: enabled; off: disabled. .
- id String
- The ID of the precise rate limit. The rule ID can support different rule configuration operations: Add a new rule: the ID is empty or the ID parameter is not specified; Modify an existing rule: specify the rule ID to be updated/modified; Delete an existing rule: in the RateLimitingRules parameter, the existing rules not included in the Rules list will be deleted. .
- max
Request NumberThreshold - The cumulative number of interceptions within the time range of the precise rate limit, ranging from 1 to 100000.
- name String
- The name of the precise rate limit.
- priority Number
- The priority of precise rate limiting ranges from 0 to 100, and the default is 0.
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleAction, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionArgs
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- Name string
- The specific action of security execution. The values are:
- Block
Ip TeoAction Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- Challenge
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- Deny
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Deny Action Parameters - Additional parameters when Name is Deny.
- Redirect
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- Return
Custom TeoPage Action Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name string
- The specific action of security execution. The values are:
- block
Ip TeoAction Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect
Action TeoParameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return
Custom TeoPage Action Parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name str
- The specific action of security execution. The values are:
- block_
ip_ Teoaction_ parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Block Ip Action Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge_
action_ Teoparameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Challenge Action Parameters - Additional parameters when Name is Challenge.
- deny_
action_ Teoparameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Deny Action Parameters - Additional parameters when Name is Deny.
- redirect_
action_ Teoparameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Redirect Action Parameters - Additional parameters when Name is Redirect.
- return_
custom_ Teopage_ action_ parameters Security Policy Config Security Policy Rate Limiting Rules Rule Action Return Custom Page Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
- name String
- The specific action of security execution. The values are:
- block
Ip Property MapAction Parameters - To be deprecated, additional parameter when Name is BlockIP.
- challenge
Action Property MapParameters - Additional parameters when Name is Challenge.
- deny
Action Property MapParameters - Additional parameters when Name is Deny.
- redirect
Action Property MapParameters - Additional parameters when Name is Redirect.
- return
Custom Property MapPage Action Parameters - To be deprecated, additional parameter when Name is ReturnCustomPage.
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionBlockIpActionParametersArgs
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- Duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration string
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration str
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
- duration String
- The penalty duration for banning an IP. Supported units are: s: seconds, value range 1 to 120; m: minutes, value range 1 to 120; h: hours, value range 1 to 48. .
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionChallengeActionParameters, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionChallengeActionParametersArgs
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- Challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- Attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- Interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option string - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id string - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval string
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge_
option str - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester_
id str - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval str
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
- challenge
Option String - The specific challenge action to be executed safely. The possible values are: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
- attester
Id String - Client authentication method ID. This field is required when Name is InterstitialChallenge/InlineChallenge.
- interval String
- The time interval for repeating the challenge. When Name is InterstitialChallenge/InlineChallenge, this field is required. The default value is 300s. Supported units are: s: seconds, value range 1 to 60; m: minutes, value range 1 to 60; h: hours, value range 1 to 24. .
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionDenyActionParameters, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionDenyActionParametersArgs
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- Block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- Block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- Error
Page stringId - The PageId of the custom page.
- Response
Code string - Customize the status code of the page.
- Return
Custom stringPage - Whether to use custom pages. The possible values are:
- Stall string
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
- block
Ip string - Whether to extend the blocking of source IP. The possible values are:
- block
Ip stringDuration - When BlockIP is on, the IP blocking duration.
- error
Page stringId - The PageId of the custom page.
- response
Code string - Customize the status code of the page.
- return
Custom stringPage - Whether to use custom pages. The possible values are:
- stall string
- Whether to ignore the request source suspension. The value is:
- block_
ip str - Whether to extend the blocking of source IP. The possible values are:
- block_
ip_ strduration - When BlockIP is on, the IP blocking duration.
- error_
page_ strid - The PageId of the custom page.
- response_
code str - Customize the status code of the page.
- return_
custom_ strpage - Whether to use custom pages. The possible values are:
- stall str
- Whether to ignore the request source suspension. The value is:
- block
Ip String - Whether to extend the blocking of source IP. The possible values are:
- block
Ip StringDuration - When BlockIP is on, the IP blocking duration.
- error
Page StringId - The PageId of the custom page.
- response
Code String - Customize the status code of the page.
- return
Custom StringPage - Whether to use custom pages. The possible values are:
- stall String
- Whether to ignore the request source suspension. The value is:
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionRedirectActionParametersArgs
- Url string
- The URL to redirect.
- Url string
- The URL to redirect.
- url String
- The URL to redirect.
- url string
- The URL to redirect.
- url str
- The URL to redirect.
- url String
- The URL to redirect.
TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyRateLimitingRulesRuleActionReturnCustomPageActionParametersArgs
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- Error
Page stringId - The custom page ID of the response.
- Response
Code string - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
- error
Page stringId - The custom page ID of the response.
- response
Code string - Response status code.
- error_
page_ strid - The custom page ID of the response.
- response_
code str - Response status code.
- error
Page StringId - The custom page ID of the response.
- response
Code String - Response status code.
Import
teo security policy can be imported using the id, e.g.
If entity is ZoneDefaultPolicy
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#ZoneDefaultPolicy
If entity is Host
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Host#www.example.com
If entity is Template
$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Template#temp-05dtxkyw
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- tencentcloud tencentcloudstack/terraform-provider-tencentcloud
- License
- Notes
- This Pulumi package is based on the
tencentcloudTerraform Provider.
tencentcloud 1.82.1 published on Monday, Jun 16, 2025 by tencentcloudstack