published on Tuesday, Jun 30, 2026 by tencentcloudstack
published on Tuesday, Jun 30, 2026 by tencentcloudstack
Provides a resource to create a WAF api sec sensitive custom rule
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.WafApiSecSensitiveCustomRule("example", {
domain: "www.example.com",
ruleName: "tf-example",
status: 1,
positions: ["headers"],
matchKey: "key_match",
matchValues: [
"admin",
"cookie",
],
level: "100",
matchConds: ["and"],
isPan: 1,
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.WafApiSecSensitiveCustomRule("example",
domain="www.example.com",
rule_name="tf-example",
status=1,
positions=["headers"],
match_key="key_match",
match_values=[
"admin",
"cookie",
],
level="100",
match_conds=["and"],
is_pan=1)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewWafApiSecSensitiveCustomRule(ctx, "example", &tencentcloud.WafApiSecSensitiveCustomRuleArgs{
Domain: pulumi.String("www.example.com"),
RuleName: pulumi.String("tf-example"),
Status: pulumi.Float64(1),
Positions: pulumi.StringArray{
pulumi.String("headers"),
},
MatchKey: pulumi.String("key_match"),
MatchValues: pulumi.StringArray{
pulumi.String("admin"),
pulumi.String("cookie"),
},
Level: pulumi.String("100"),
MatchConds: pulumi.StringArray{
pulumi.String("and"),
},
IsPan: pulumi.Float64(1),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.WafApiSecSensitiveCustomRule("example", new()
{
Domain = "www.example.com",
RuleName = "tf-example",
Status = 1,
Positions = new[]
{
"headers",
},
MatchKey = "key_match",
MatchValues = new[]
{
"admin",
"cookie",
},
Level = "100",
MatchConds = new[]
{
"and",
},
IsPan = 1,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.WafApiSecSensitiveCustomRule;
import com.pulumi.tencentcloud.WafApiSecSensitiveCustomRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new WafApiSecSensitiveCustomRule("example", WafApiSecSensitiveCustomRuleArgs.builder()
.domain("www.example.com")
.ruleName("tf-example")
.status(1.0)
.positions("headers")
.matchKey("key_match")
.matchValues(
"admin",
"cookie")
.level("100")
.matchConds("and")
.isPan(1.0)
.build());
}
}
resources:
example:
type: tencentcloud:WafApiSecSensitiveCustomRule
properties:
domain: www.example.com
ruleName: tf-example
status: 1
positions:
- headers
matchKey: key_match
matchValues:
- admin
- cookie
level: '100'
matchConds:
- and
isPan: 1
Example coming soon!
Create WafApiSecSensitiveCustomRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new WafApiSecSensitiveCustomRule(name: string, args: WafApiSecSensitiveCustomRuleArgs, opts?: CustomResourceOptions);@overload
def WafApiSecSensitiveCustomRule(resource_name: str,
args: WafApiSecSensitiveCustomRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def WafApiSecSensitiveCustomRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
domain: Optional[str] = None,
rule_name: Optional[str] = None,
status: Optional[float] = None,
is_pan: Optional[float] = None,
level: Optional[str] = None,
match_conds: Optional[Sequence[str]] = None,
match_key: Optional[str] = None,
match_values: Optional[Sequence[str]] = None,
positions: Optional[Sequence[str]] = None,
waf_api_sec_sensitive_custom_rule_id: Optional[str] = None)func NewWafApiSecSensitiveCustomRule(ctx *Context, name string, args WafApiSecSensitiveCustomRuleArgs, opts ...ResourceOption) (*WafApiSecSensitiveCustomRule, error)public WafApiSecSensitiveCustomRule(string name, WafApiSecSensitiveCustomRuleArgs args, CustomResourceOptions? opts = null)
public WafApiSecSensitiveCustomRule(String name, WafApiSecSensitiveCustomRuleArgs args)
public WafApiSecSensitiveCustomRule(String name, WafApiSecSensitiveCustomRuleArgs args, CustomResourceOptions options)
type: tencentcloud:WafApiSecSensitiveCustomRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "tencentcloud_wafapisecsensitivecustomrule" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args WafApiSecSensitiveCustomRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WafApiSecSensitiveCustomRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WafApiSecSensitiveCustomRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WafApiSecSensitiveCustomRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WafApiSecSensitiveCustomRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
WafApiSecSensitiveCustomRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The WafApiSecSensitiveCustomRule resource accepts the following input properties:
- Domain string
- Domain name.
- Rule
Name string - Rule name.
- Status double
- Rule switch, 0: off, 1: on.
- Is
Pan double - Whether the rule is generalized, default 0 means not generalized.
- Level string
- Risk level.
- Match
Conds List<string> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- Match
Key string - Match condition.
- Match
Values List<string> - Match value.
- Positions List<string>
- Parameter position.
- Waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- Domain string
- Domain name.
- Rule
Name string - Rule name.
- Status float64
- Rule switch, 0: off, 1: on.
- Is
Pan float64 - Whether the rule is generalized, default 0 means not generalized.
- Level string
- Risk level.
- Match
Conds []string - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- Match
Key string - Match condition.
- Match
Values []string - Match value.
- Positions []string
- Parameter position.
- Waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- domain string
- Domain name.
- rule_
name string - Rule name.
- status number
- Rule switch, 0: off, 1: on.
- is_
pan number - Whether the rule is generalized, default 0 means not generalized.
- level string
- Risk level.
- match_
conds list(string) - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match_
key string - Match condition.
- match_
values list(string) - Match value.
- positions list(string)
- Parameter position.
- waf_
api_ stringsec_ sensitive_ custom_ rule_ id - ID of the resource.
- domain String
- Domain name.
- rule
Name String - Rule name.
- status Double
- Rule switch, 0: off, 1: on.
- is
Pan Double - Whether the rule is generalized, default 0 means not generalized.
- level String
- Risk level.
- match
Conds List<String> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key String - Match condition.
- match
Values List<String> - Match value.
- positions List<String>
- Parameter position.
- waf
Api StringSec Sensitive Custom Rule Id - ID of the resource.
- domain string
- Domain name.
- rule
Name string - Rule name.
- status number
- Rule switch, 0: off, 1: on.
- is
Pan number - Whether the rule is generalized, default 0 means not generalized.
- level string
- Risk level.
- match
Conds string[] - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key string - Match condition.
- match
Values string[] - Match value.
- positions string[]
- Parameter position.
- waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- domain str
- Domain name.
- rule_
name str - Rule name.
- status float
- Rule switch, 0: off, 1: on.
- is_
pan float - Whether the rule is generalized, default 0 means not generalized.
- level str
- Risk level.
- match_
conds Sequence[str] - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match_
key str - Match condition.
- match_
values Sequence[str] - Match value.
- positions Sequence[str]
- Parameter position.
- waf_
api_ strsec_ sensitive_ custom_ rule_ id - ID of the resource.
- domain String
- Domain name.
- rule
Name String - Rule name.
- status Number
- Rule switch, 0: off, 1: on.
- is
Pan Number - Whether the rule is generalized, default 0 means not generalized.
- level String
- Risk level.
- match
Conds List<String> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key String - Match condition.
- match
Values List<String> - Match value.
- positions List<String>
- Parameter position.
- waf
Api StringSec Sensitive Custom Rule Id - ID of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the WafApiSecSensitiveCustomRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing WafApiSecSensitiveCustomRule Resource
Get an existing WafApiSecSensitiveCustomRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WafApiSecSensitiveCustomRuleState, opts?: CustomResourceOptions): WafApiSecSensitiveCustomRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
domain: Optional[str] = None,
is_pan: Optional[float] = None,
level: Optional[str] = None,
match_conds: Optional[Sequence[str]] = None,
match_key: Optional[str] = None,
match_values: Optional[Sequence[str]] = None,
positions: Optional[Sequence[str]] = None,
rule_name: Optional[str] = None,
status: Optional[float] = None,
waf_api_sec_sensitive_custom_rule_id: Optional[str] = None) -> WafApiSecSensitiveCustomRulefunc GetWafApiSecSensitiveCustomRule(ctx *Context, name string, id IDInput, state *WafApiSecSensitiveCustomRuleState, opts ...ResourceOption) (*WafApiSecSensitiveCustomRule, error)public static WafApiSecSensitiveCustomRule Get(string name, Input<string> id, WafApiSecSensitiveCustomRuleState? state, CustomResourceOptions? opts = null)public static WafApiSecSensitiveCustomRule get(String name, Output<String> id, WafApiSecSensitiveCustomRuleState state, CustomResourceOptions options)resources: _: type: tencentcloud:WafApiSecSensitiveCustomRule get: id: ${id}import {
to = tencentcloud_wafapisecsensitivecustomrule.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Domain string
- Domain name.
- Is
Pan double - Whether the rule is generalized, default 0 means not generalized.
- Level string
- Risk level.
- Match
Conds List<string> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- Match
Key string - Match condition.
- Match
Values List<string> - Match value.
- Positions List<string>
- Parameter position.
- Rule
Name string - Rule name.
- Status double
- Rule switch, 0: off, 1: on.
- Waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- Domain string
- Domain name.
- Is
Pan float64 - Whether the rule is generalized, default 0 means not generalized.
- Level string
- Risk level.
- Match
Conds []string - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- Match
Key string - Match condition.
- Match
Values []string - Match value.
- Positions []string
- Parameter position.
- Rule
Name string - Rule name.
- Status float64
- Rule switch, 0: off, 1: on.
- Waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- domain string
- Domain name.
- is_
pan number - Whether the rule is generalized, default 0 means not generalized.
- level string
- Risk level.
- match_
conds list(string) - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match_
key string - Match condition.
- match_
values list(string) - Match value.
- positions list(string)
- Parameter position.
- rule_
name string - Rule name.
- status number
- Rule switch, 0: off, 1: on.
- waf_
api_ stringsec_ sensitive_ custom_ rule_ id - ID of the resource.
- domain String
- Domain name.
- is
Pan Double - Whether the rule is generalized, default 0 means not generalized.
- level String
- Risk level.
- match
Conds List<String> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key String - Match condition.
- match
Values List<String> - Match value.
- positions List<String>
- Parameter position.
- rule
Name String - Rule name.
- status Double
- Rule switch, 0: off, 1: on.
- waf
Api StringSec Sensitive Custom Rule Id - ID of the resource.
- domain string
- Domain name.
- is
Pan number - Whether the rule is generalized, default 0 means not generalized.
- level string
- Risk level.
- match
Conds string[] - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key string - Match condition.
- match
Values string[] - Match value.
- positions string[]
- Parameter position.
- rule
Name string - Rule name.
- status number
- Rule switch, 0: off, 1: on.
- waf
Api stringSec Sensitive Custom Rule Id - ID of the resource.
- domain str
- Domain name.
- is_
pan float - Whether the rule is generalized, default 0 means not generalized.
- level str
- Risk level.
- match_
conds Sequence[str] - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match_
key str - Match condition.
- match_
values Sequence[str] - Match value.
- positions Sequence[str]
- Parameter position.
- rule_
name str - Rule name.
- status float
- Rule switch, 0: off, 1: on.
- waf_
api_ strsec_ sensitive_ custom_ rule_ id - ID of the resource.
- domain String
- Domain name.
- is
Pan Number - Whether the rule is generalized, default 0 means not generalized.
- level String
- Risk level.
- match
Conds List<String> - Match symbol, pass this value when the match condition is keyword match or character match, multiple values can be passed.
- match
Key String - Match condition.
- match
Values List<String> - Match value.
- positions List<String>
- Parameter position.
- rule
Name String - Rule name.
- status Number
- Rule switch, 0: off, 1: on.
- waf
Api StringSec Sensitive Custom Rule Id - ID of the resource.
Import
WAF api sec sensitive custom rule can be imported using the domain#ruleName, e.g.
$ pulumi import tencentcloud:index/wafApiSecSensitiveCustomRule:WafApiSecSensitiveCustomRule example www.example.com#tf-example
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- tencentcloud tencentcloudstack/terraform-provider-tencentcloud
- License
- Notes
- This Pulumi package is based on the
tencentcloudTerraform Provider.
published on Tuesday, Jun 30, 2026 by tencentcloudstack