published on Tuesday, Jun 30, 2026 by tencentcloudstack
published on Tuesday, Jun 30, 2026 by tencentcloudstack
Provides a resource to create a WAF api sec sensitive privilege rule
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";
const example = new tencentcloud.WafApiSecSensitivePrivilegeRule("example", {
domain: "www.example.com",
ruleName: "tf-example",
status: 1,
apiNames: ["/api/user/info"],
position: "QUERY",
parameterLists: ["parameter"],
option: 1,
source: "custom",
apiNameOps: [{
op: "belong",
values: ["/api/user/info"],
}],
});
import pulumi
import pulumi_tencentcloud as tencentcloud
example = tencentcloud.WafApiSecSensitivePrivilegeRule("example",
domain="www.example.com",
rule_name="tf-example",
status=1,
api_names=["/api/user/info"],
position="QUERY",
parameter_lists=["parameter"],
option=1,
source="custom",
api_name_ops=[{
"op": "belong",
"values": ["/api/user/info"],
}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := tencentcloud.NewWafApiSecSensitivePrivilegeRule(ctx, "example", &tencentcloud.WafApiSecSensitivePrivilegeRuleArgs{
Domain: pulumi.String("www.example.com"),
RuleName: pulumi.String("tf-example"),
Status: pulumi.Float64(1),
ApiNames: pulumi.StringArray{
pulumi.String("/api/user/info"),
},
Position: pulumi.String("QUERY"),
ParameterLists: pulumi.StringArray{
pulumi.String("parameter"),
},
Option: pulumi.Float64(1),
Source: pulumi.String("custom"),
ApiNameOps: tencentcloud.WafApiSecSensitivePrivilegeRuleApiNameOpArray{
&tencentcloud.WafApiSecSensitivePrivilegeRuleApiNameOpArgs{
Op: pulumi.String("belong"),
Values: pulumi.StringArray{
pulumi.String("/api/user/info"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;
return await Deployment.RunAsync(() =>
{
var example = new Tencentcloud.WafApiSecSensitivePrivilegeRule("example", new()
{
Domain = "www.example.com",
RuleName = "tf-example",
Status = 1,
ApiNames = new[]
{
"/api/user/info",
},
Position = "QUERY",
ParameterLists = new[]
{
"parameter",
},
Option = 1,
Source = "custom",
ApiNameOps = new[]
{
new Tencentcloud.Inputs.WafApiSecSensitivePrivilegeRuleApiNameOpArgs
{
Op = "belong",
Values = new[]
{
"/api/user/info",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.WafApiSecSensitivePrivilegeRule;
import com.pulumi.tencentcloud.WafApiSecSensitivePrivilegeRuleArgs;
import com.pulumi.tencentcloud.inputs.WafApiSecSensitivePrivilegeRuleApiNameOpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new WafApiSecSensitivePrivilegeRule("example", WafApiSecSensitivePrivilegeRuleArgs.builder()
.domain("www.example.com")
.ruleName("tf-example")
.status(1.0)
.apiNames("/api/user/info")
.position("QUERY")
.parameterLists("parameter")
.option(1.0)
.source("custom")
.apiNameOps(WafApiSecSensitivePrivilegeRuleApiNameOpArgs.builder()
.op("belong")
.values("/api/user/info")
.build())
.build());
}
}
resources:
example:
type: tencentcloud:WafApiSecSensitivePrivilegeRule
properties:
domain: www.example.com
ruleName: tf-example
status: 1
apiNames:
- /api/user/info
position: QUERY
parameterLists:
- parameter
option: 1
source: custom
apiNameOps:
- op: belong
values:
- /api/user/info
Example coming soon!
Create WafApiSecSensitivePrivilegeRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new WafApiSecSensitivePrivilegeRule(name: string, args: WafApiSecSensitivePrivilegeRuleArgs, opts?: CustomResourceOptions);@overload
def WafApiSecSensitivePrivilegeRule(resource_name: str,
args: WafApiSecSensitivePrivilegeRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def WafApiSecSensitivePrivilegeRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
domain: Optional[str] = None,
rule_name: Optional[str] = None,
status: Optional[float] = None,
api_name_ops: Optional[Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]] = None,
api_names: Optional[Sequence[str]] = None,
option: Optional[float] = None,
parameter_lists: Optional[Sequence[str]] = None,
position: Optional[str] = None,
source: Optional[str] = None,
waf_api_sec_sensitive_privilege_rule_id: Optional[str] = None)func NewWafApiSecSensitivePrivilegeRule(ctx *Context, name string, args WafApiSecSensitivePrivilegeRuleArgs, opts ...ResourceOption) (*WafApiSecSensitivePrivilegeRule, error)public WafApiSecSensitivePrivilegeRule(string name, WafApiSecSensitivePrivilegeRuleArgs args, CustomResourceOptions? opts = null)
public WafApiSecSensitivePrivilegeRule(String name, WafApiSecSensitivePrivilegeRuleArgs args)
public WafApiSecSensitivePrivilegeRule(String name, WafApiSecSensitivePrivilegeRuleArgs args, CustomResourceOptions options)
type: tencentcloud:WafApiSecSensitivePrivilegeRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "tencentcloud_wafapisecsensitiveprivilegerule" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args WafApiSecSensitivePrivilegeRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WafApiSecSensitivePrivilegeRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WafApiSecSensitivePrivilegeRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WafApiSecSensitivePrivilegeRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WafApiSecSensitivePrivilegeRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
WafApiSecSensitivePrivilegeRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The WafApiSecSensitivePrivilegeRule resource accepts the following input properties:
- Domain string
- Domain name.
- Rule
Name string - Rule name, cannot be repeated.
- Status double
- Rule switch, 0: off, 1: on.
- Api
Name List<WafOps Api Sec Sensitive Privilege Rule Api Name Op> - API match list.
- Api
Names List<string> - Up to 20 APIs can be entered.
- Option double
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- Parameter
Lists List<string> - Authentication parameter list.
- Position string
- Authentication position.
- Source string
- Rule source.
- Waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- Domain string
- Domain name.
- Rule
Name string - Rule name, cannot be repeated.
- Status float64
- Rule switch, 0: off, 1: on.
- Api
Name []WafOps Api Sec Sensitive Privilege Rule Api Name Op Args - API match list.
- Api
Names []string - Up to 20 APIs can be entered.
- Option float64
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- Parameter
Lists []string - Authentication parameter list.
- Position string
- Authentication position.
- Source string
- Rule source.
- Waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- domain string
- Domain name.
- rule_
name string - Rule name, cannot be repeated.
- status number
- Rule switch, 0: off, 1: on.
- api_
name_ list(object)ops - API match list.
- api_
names list(string) - Up to 20 APIs can be entered.
- option number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter_
lists list(string) - Authentication parameter list.
- position string
- Authentication position.
- source string
- Rule source.
- waf_
api_ stringsec_ sensitive_ privilege_ rule_ id - ID of the resource.
- domain String
- Domain name.
- rule
Name String - Rule name, cannot be repeated.
- status Double
- Rule switch, 0: off, 1: on.
- api
Name List<WafOps Api Sec Sensitive Privilege Rule Api Name Op> - API match list.
- api
Names List<String> - Up to 20 APIs can be entered.
- option Double
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists List<String> - Authentication parameter list.
- position String
- Authentication position.
- source String
- Rule source.
- waf
Api StringSec Sensitive Privilege Rule Id - ID of the resource.
- domain string
- Domain name.
- rule
Name string - Rule name, cannot be repeated.
- status number
- Rule switch, 0: off, 1: on.
- api
Name WafOps Api Sec Sensitive Privilege Rule Api Name Op[] - API match list.
- api
Names string[] - Up to 20 APIs can be entered.
- option number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists string[] - Authentication parameter list.
- position string
- Authentication position.
- source string
- Rule source.
- waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- domain str
- Domain name.
- rule_
name str - Rule name, cannot be repeated.
- status float
- Rule switch, 0: off, 1: on.
- api_
name_ Sequence[Wafops Api Sec Sensitive Privilege Rule Api Name Op Args] - API match list.
- api_
names Sequence[str] - Up to 20 APIs can be entered.
- option float
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter_
lists Sequence[str] - Authentication parameter list.
- position str
- Authentication position.
- source str
- Rule source.
- waf_
api_ strsec_ sensitive_ privilege_ rule_ id - ID of the resource.
- domain String
- Domain name.
- rule
Name String - Rule name, cannot be repeated.
- status Number
- Rule switch, 0: off, 1: on.
- api
Name List<Property Map>Ops - API match list.
- api
Names List<String> - Up to 20 APIs can be entered.
- option Number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists List<String> - Authentication parameter list.
- position String
- Authentication position.
- source String
- Rule source.
- waf
Api StringSec Sensitive Privilege Rule Id - ID of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the WafApiSecSensitivePrivilegeRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time double - Update timestamp.
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time float64 - Update timestamp.
- id string
- The provider-assigned unique ID for this managed resource.
- update_
time number - Update timestamp.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time Double - Update timestamp.
- id string
- The provider-assigned unique ID for this managed resource.
- update
Time number - Update timestamp.
- id str
- The provider-assigned unique ID for this managed resource.
- update_
time float - Update timestamp.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time Number - Update timestamp.
Look up Existing WafApiSecSensitivePrivilegeRule Resource
Get an existing WafApiSecSensitivePrivilegeRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WafApiSecSensitivePrivilegeRuleState, opts?: CustomResourceOptions): WafApiSecSensitivePrivilegeRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
api_name_ops: Optional[Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]] = None,
api_names: Optional[Sequence[str]] = None,
domain: Optional[str] = None,
option: Optional[float] = None,
parameter_lists: Optional[Sequence[str]] = None,
position: Optional[str] = None,
rule_name: Optional[str] = None,
source: Optional[str] = None,
status: Optional[float] = None,
update_time: Optional[float] = None,
waf_api_sec_sensitive_privilege_rule_id: Optional[str] = None) -> WafApiSecSensitivePrivilegeRulefunc GetWafApiSecSensitivePrivilegeRule(ctx *Context, name string, id IDInput, state *WafApiSecSensitivePrivilegeRuleState, opts ...ResourceOption) (*WafApiSecSensitivePrivilegeRule, error)public static WafApiSecSensitivePrivilegeRule Get(string name, Input<string> id, WafApiSecSensitivePrivilegeRuleState? state, CustomResourceOptions? opts = null)public static WafApiSecSensitivePrivilegeRule get(String name, Output<String> id, WafApiSecSensitivePrivilegeRuleState state, CustomResourceOptions options)resources: _: type: tencentcloud:WafApiSecSensitivePrivilegeRule get: id: ${id}import {
to = tencentcloud_wafapisecsensitiveprivilegerule.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Name List<WafOps Api Sec Sensitive Privilege Rule Api Name Op> - API match list.
- Api
Names List<string> - Up to 20 APIs can be entered.
- Domain string
- Domain name.
- Option double
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- Parameter
Lists List<string> - Authentication parameter list.
- Position string
- Authentication position.
- Rule
Name string - Rule name, cannot be repeated.
- Source string
- Rule source.
- Status double
- Rule switch, 0: off, 1: on.
- Update
Time double - Update timestamp.
- Waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- Api
Name []WafOps Api Sec Sensitive Privilege Rule Api Name Op Args - API match list.
- Api
Names []string - Up to 20 APIs can be entered.
- Domain string
- Domain name.
- Option float64
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- Parameter
Lists []string - Authentication parameter list.
- Position string
- Authentication position.
- Rule
Name string - Rule name, cannot be repeated.
- Source string
- Rule source.
- Status float64
- Rule switch, 0: off, 1: on.
- Update
Time float64 - Update timestamp.
- Waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- api_
name_ list(object)ops - API match list.
- api_
names list(string) - Up to 20 APIs can be entered.
- domain string
- Domain name.
- option number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter_
lists list(string) - Authentication parameter list.
- position string
- Authentication position.
- rule_
name string - Rule name, cannot be repeated.
- source string
- Rule source.
- status number
- Rule switch, 0: off, 1: on.
- update_
time number - Update timestamp.
- waf_
api_ stringsec_ sensitive_ privilege_ rule_ id - ID of the resource.
- api
Name List<WafOps Api Sec Sensitive Privilege Rule Api Name Op> - API match list.
- api
Names List<String> - Up to 20 APIs can be entered.
- domain String
- Domain name.
- option Double
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists List<String> - Authentication parameter list.
- position String
- Authentication position.
- rule
Name String - Rule name, cannot be repeated.
- source String
- Rule source.
- status Double
- Rule switch, 0: off, 1: on.
- update
Time Double - Update timestamp.
- waf
Api StringSec Sensitive Privilege Rule Id - ID of the resource.
- api
Name WafOps Api Sec Sensitive Privilege Rule Api Name Op[] - API match list.
- api
Names string[] - Up to 20 APIs can be entered.
- domain string
- Domain name.
- option number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists string[] - Authentication parameter list.
- position string
- Authentication position.
- rule
Name string - Rule name, cannot be repeated.
- source string
- Rule source.
- status number
- Rule switch, 0: off, 1: on.
- update
Time number - Update timestamp.
- waf
Api stringSec Sensitive Privilege Rule Id - ID of the resource.
- api_
name_ Sequence[Wafops Api Sec Sensitive Privilege Rule Api Name Op Args] - API match list.
- api_
names Sequence[str] - Up to 20 APIs can be entered.
- domain str
- Domain name.
- option float
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter_
lists Sequence[str] - Authentication parameter list.
- position str
- Authentication position.
- rule_
name str - Rule name, cannot be repeated.
- source str
- Rule source.
- status float
- Rule switch, 0: off, 1: on.
- update_
time float - Update timestamp.
- waf_
api_ strsec_ sensitive_ privilege_ rule_ id - ID of the resource.
- api
Name List<Property Map>Ops - API match list.
- api
Names List<String> - Up to 20 APIs can be entered.
- domain String
- Domain name.
- option Number
- Application object value, 1 means manual filling, 2 means obtaining from API assets.
- parameter
Lists List<String> - Authentication parameter list.
- position String
- Authentication position.
- rule
Name String - Rule name, cannot be repeated.
- source String
- Rule source.
- status Number
- Rule switch, 0: off, 1: on.
- update
Time Number - Update timestamp.
- waf
Api StringSec Sensitive Privilege Rule Id - ID of the resource.
Supporting Types
WafApiSecSensitivePrivilegeRuleApiNameOp, WafApiSecSensitivePrivilegeRuleApiNameOpArgs
- Api
Name List<WafMethods Api Sec Sensitive Privilege Rule Api Name Op Api Name Method> - When manually filtering, this structure should be passed.
- Op string
- Match method, such as belong and regex.
- Values List<string>
- Match value list.
- Api
Name []WafMethods Api Sec Sensitive Privilege Rule Api Name Op Api Name Method - When manually filtering, this structure should be passed.
- Op string
- Match method, such as belong and regex.
- Values []string
- Match value list.
- api_
name_ list(object)methods - When manually filtering, this structure should be passed.
- op string
- Match method, such as belong and regex.
- values list(string)
- Match value list.
- api
Name List<WafMethods Api Sec Sensitive Privilege Rule Api Name Op Api Name Method> - When manually filtering, this structure should be passed.
- op String
- Match method, such as belong and regex.
- values List<String>
- Match value list.
- api
Name WafMethods Api Sec Sensitive Privilege Rule Api Name Op Api Name Method[] - When manually filtering, this structure should be passed.
- op string
- Match method, such as belong and regex.
- values string[]
- Match value list.
- api_
name_ Sequence[Wafmethods Api Sec Sensitive Privilege Rule Api Name Op Api Name Method] - When manually filtering, this structure should be passed.
- op str
- Match method, such as belong and regex.
- values Sequence[str]
- Match value list.
- api
Name List<Property Map>Methods - When manually filtering, this structure should be passed.
- op String
- Match method, such as belong and regex.
- values List<String>
- Match value list.
WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod, WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethodArgs
Import
WAF api sec sensitive privilege rule can be imported using the domain#ruleName, e.g.
$ pulumi import tencentcloud:index/wafApiSecSensitivePrivilegeRule:WafApiSecSensitivePrivilegeRule example www.example.com#tf-example
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- tencentcloud tencentcloudstack/terraform-provider-tencentcloud
- License
- Notes
- This Pulumi package is based on the
tencentcloudTerraform Provider.
published on Tuesday, Jun 30, 2026 by tencentcloudstack