1. Packages
  2. Packages
  3. Tencentcloud Provider
  4. API Docs
  5. WafApiSecSensitivePrivilegeRule
Viewing docs for tencentcloud 1.83.7
published on Tuesday, Jun 30, 2026 by tencentcloudstack
Viewing docs for tencentcloud 1.83.7
published on Tuesday, Jun 30, 2026 by tencentcloudstack

    Provides a resource to create a WAF api sec sensitive privilege rule

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as tencentcloud from "@pulumi/tencentcloud";
    
    const example = new tencentcloud.WafApiSecSensitivePrivilegeRule("example", {
        domain: "www.example.com",
        ruleName: "tf-example",
        status: 1,
        apiNames: ["/api/user/info"],
        position: "QUERY",
        parameterLists: ["parameter"],
        option: 1,
        source: "custom",
        apiNameOps: [{
            op: "belong",
            values: ["/api/user/info"],
        }],
    });
    
    import pulumi
    import pulumi_tencentcloud as tencentcloud
    
    example = tencentcloud.WafApiSecSensitivePrivilegeRule("example",
        domain="www.example.com",
        rule_name="tf-example",
        status=1,
        api_names=["/api/user/info"],
        position="QUERY",
        parameter_lists=["parameter"],
        option=1,
        source="custom",
        api_name_ops=[{
            "op": "belong",
            "values": ["/api/user/info"],
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := tencentcloud.NewWafApiSecSensitivePrivilegeRule(ctx, "example", &tencentcloud.WafApiSecSensitivePrivilegeRuleArgs{
    			Domain:   pulumi.String("www.example.com"),
    			RuleName: pulumi.String("tf-example"),
    			Status:   pulumi.Float64(1),
    			ApiNames: pulumi.StringArray{
    				pulumi.String("/api/user/info"),
    			},
    			Position: pulumi.String("QUERY"),
    			ParameterLists: pulumi.StringArray{
    				pulumi.String("parameter"),
    			},
    			Option: pulumi.Float64(1),
    			Source: pulumi.String("custom"),
    			ApiNameOps: tencentcloud.WafApiSecSensitivePrivilegeRuleApiNameOpArray{
    				&tencentcloud.WafApiSecSensitivePrivilegeRuleApiNameOpArgs{
    					Op: pulumi.String("belong"),
    					Values: pulumi.StringArray{
    						pulumi.String("/api/user/info"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Tencentcloud = Pulumi.Tencentcloud;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Tencentcloud.WafApiSecSensitivePrivilegeRule("example", new()
        {
            Domain = "www.example.com",
            RuleName = "tf-example",
            Status = 1,
            ApiNames = new[]
            {
                "/api/user/info",
            },
            Position = "QUERY",
            ParameterLists = new[]
            {
                "parameter",
            },
            Option = 1,
            Source = "custom",
            ApiNameOps = new[]
            {
                new Tencentcloud.Inputs.WafApiSecSensitivePrivilegeRuleApiNameOpArgs
                {
                    Op = "belong",
                    Values = new[]
                    {
                        "/api/user/info",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.tencentcloud.WafApiSecSensitivePrivilegeRule;
    import com.pulumi.tencentcloud.WafApiSecSensitivePrivilegeRuleArgs;
    import com.pulumi.tencentcloud.inputs.WafApiSecSensitivePrivilegeRuleApiNameOpArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new WafApiSecSensitivePrivilegeRule("example", WafApiSecSensitivePrivilegeRuleArgs.builder()
                .domain("www.example.com")
                .ruleName("tf-example")
                .status(1.0)
                .apiNames("/api/user/info")
                .position("QUERY")
                .parameterLists("parameter")
                .option(1.0)
                .source("custom")
                .apiNameOps(WafApiSecSensitivePrivilegeRuleApiNameOpArgs.builder()
                    .op("belong")
                    .values("/api/user/info")
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: tencentcloud:WafApiSecSensitivePrivilegeRule
        properties:
          domain: www.example.com
          ruleName: tf-example
          status: 1
          apiNames:
            - /api/user/info
          position: QUERY
          parameterLists:
            - parameter
          option: 1
          source: custom
          apiNameOps:
            - op: belong
              values:
                - /api/user/info
    
    Example coming soon!
    

    Create WafApiSecSensitivePrivilegeRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new WafApiSecSensitivePrivilegeRule(name: string, args: WafApiSecSensitivePrivilegeRuleArgs, opts?: CustomResourceOptions);
    @overload
    def WafApiSecSensitivePrivilegeRule(resource_name: str,
                                        args: WafApiSecSensitivePrivilegeRuleArgs,
                                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def WafApiSecSensitivePrivilegeRule(resource_name: str,
                                        opts: Optional[ResourceOptions] = None,
                                        domain: Optional[str] = None,
                                        rule_name: Optional[str] = None,
                                        status: Optional[float] = None,
                                        api_name_ops: Optional[Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]] = None,
                                        api_names: Optional[Sequence[str]] = None,
                                        option: Optional[float] = None,
                                        parameter_lists: Optional[Sequence[str]] = None,
                                        position: Optional[str] = None,
                                        source: Optional[str] = None,
                                        waf_api_sec_sensitive_privilege_rule_id: Optional[str] = None)
    func NewWafApiSecSensitivePrivilegeRule(ctx *Context, name string, args WafApiSecSensitivePrivilegeRuleArgs, opts ...ResourceOption) (*WafApiSecSensitivePrivilegeRule, error)
    public WafApiSecSensitivePrivilegeRule(string name, WafApiSecSensitivePrivilegeRuleArgs args, CustomResourceOptions? opts = null)
    public WafApiSecSensitivePrivilegeRule(String name, WafApiSecSensitivePrivilegeRuleArgs args)
    public WafApiSecSensitivePrivilegeRule(String name, WafApiSecSensitivePrivilegeRuleArgs args, CustomResourceOptions options)
    
    type: tencentcloud:WafApiSecSensitivePrivilegeRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    resource "tencentcloud_wafapisecsensitiveprivilegerule" "name" {
        # resource properties
    }

    Parameters

    name string
    The unique name of the resource.
    args WafApiSecSensitivePrivilegeRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args WafApiSecSensitivePrivilegeRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args WafApiSecSensitivePrivilegeRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args WafApiSecSensitivePrivilegeRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args WafApiSecSensitivePrivilegeRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    WafApiSecSensitivePrivilegeRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The WafApiSecSensitivePrivilegeRule resource accepts the following input properties:

    Domain string
    Domain name.
    RuleName string
    Rule name, cannot be repeated.
    Status double
    Rule switch, 0: off, 1: on.
    ApiNameOps List<WafApiSecSensitivePrivilegeRuleApiNameOp>
    API match list.
    ApiNames List<string>
    Up to 20 APIs can be entered.
    Option double
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    ParameterLists List<string>
    Authentication parameter list.
    Position string
    Authentication position.
    Source string
    Rule source.
    WafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    Domain string
    Domain name.
    RuleName string
    Rule name, cannot be repeated.
    Status float64
    Rule switch, 0: off, 1: on.
    ApiNameOps []WafApiSecSensitivePrivilegeRuleApiNameOpArgs
    API match list.
    ApiNames []string
    Up to 20 APIs can be entered.
    Option float64
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    ParameterLists []string
    Authentication parameter list.
    Position string
    Authentication position.
    Source string
    Rule source.
    WafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    domain string
    Domain name.
    rule_name string
    Rule name, cannot be repeated.
    status number
    Rule switch, 0: off, 1: on.
    api_name_ops list(object)
    API match list.
    api_names list(string)
    Up to 20 APIs can be entered.
    option number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameter_lists list(string)
    Authentication parameter list.
    position string
    Authentication position.
    source string
    Rule source.
    waf_api_sec_sensitive_privilege_rule_id string
    ID of the resource.
    domain String
    Domain name.
    ruleName String
    Rule name, cannot be repeated.
    status Double
    Rule switch, 0: off, 1: on.
    apiNameOps List<WafApiSecSensitivePrivilegeRuleApiNameOp>
    API match list.
    apiNames List<String>
    Up to 20 APIs can be entered.
    option Double
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists List<String>
    Authentication parameter list.
    position String
    Authentication position.
    source String
    Rule source.
    wafApiSecSensitivePrivilegeRuleId String
    ID of the resource.
    domain string
    Domain name.
    ruleName string
    Rule name, cannot be repeated.
    status number
    Rule switch, 0: off, 1: on.
    apiNameOps WafApiSecSensitivePrivilegeRuleApiNameOp[]
    API match list.
    apiNames string[]
    Up to 20 APIs can be entered.
    option number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists string[]
    Authentication parameter list.
    position string
    Authentication position.
    source string
    Rule source.
    wafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    domain str
    Domain name.
    rule_name str
    Rule name, cannot be repeated.
    status float
    Rule switch, 0: off, 1: on.
    api_name_ops Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]
    API match list.
    api_names Sequence[str]
    Up to 20 APIs can be entered.
    option float
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameter_lists Sequence[str]
    Authentication parameter list.
    position str
    Authentication position.
    source str
    Rule source.
    waf_api_sec_sensitive_privilege_rule_id str
    ID of the resource.
    domain String
    Domain name.
    ruleName String
    Rule name, cannot be repeated.
    status Number
    Rule switch, 0: off, 1: on.
    apiNameOps List<Property Map>
    API match list.
    apiNames List<String>
    Up to 20 APIs can be entered.
    option Number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists List<String>
    Authentication parameter list.
    position String
    Authentication position.
    source String
    Rule source.
    wafApiSecSensitivePrivilegeRuleId String
    ID of the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the WafApiSecSensitivePrivilegeRule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime double
    Update timestamp.
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime float64
    Update timestamp.
    id string
    The provider-assigned unique ID for this managed resource.
    update_time number
    Update timestamp.
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime Double
    Update timestamp.
    id string
    The provider-assigned unique ID for this managed resource.
    updateTime number
    Update timestamp.
    id str
    The provider-assigned unique ID for this managed resource.
    update_time float
    Update timestamp.
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime Number
    Update timestamp.

    Look up Existing WafApiSecSensitivePrivilegeRule Resource

    Get an existing WafApiSecSensitivePrivilegeRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: WafApiSecSensitivePrivilegeRuleState, opts?: CustomResourceOptions): WafApiSecSensitivePrivilegeRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            api_name_ops: Optional[Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]] = None,
            api_names: Optional[Sequence[str]] = None,
            domain: Optional[str] = None,
            option: Optional[float] = None,
            parameter_lists: Optional[Sequence[str]] = None,
            position: Optional[str] = None,
            rule_name: Optional[str] = None,
            source: Optional[str] = None,
            status: Optional[float] = None,
            update_time: Optional[float] = None,
            waf_api_sec_sensitive_privilege_rule_id: Optional[str] = None) -> WafApiSecSensitivePrivilegeRule
    func GetWafApiSecSensitivePrivilegeRule(ctx *Context, name string, id IDInput, state *WafApiSecSensitivePrivilegeRuleState, opts ...ResourceOption) (*WafApiSecSensitivePrivilegeRule, error)
    public static WafApiSecSensitivePrivilegeRule Get(string name, Input<string> id, WafApiSecSensitivePrivilegeRuleState? state, CustomResourceOptions? opts = null)
    public static WafApiSecSensitivePrivilegeRule get(String name, Output<String> id, WafApiSecSensitivePrivilegeRuleState state, CustomResourceOptions options)
    resources:  _:    type: tencentcloud:WafApiSecSensitivePrivilegeRule    get:      id: ${id}
    import {
      to = tencentcloud_wafapisecsensitiveprivilegerule.example
      id = "${id}"
    }
    
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApiNameOps List<WafApiSecSensitivePrivilegeRuleApiNameOp>
    API match list.
    ApiNames List<string>
    Up to 20 APIs can be entered.
    Domain string
    Domain name.
    Option double
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    ParameterLists List<string>
    Authentication parameter list.
    Position string
    Authentication position.
    RuleName string
    Rule name, cannot be repeated.
    Source string
    Rule source.
    Status double
    Rule switch, 0: off, 1: on.
    UpdateTime double
    Update timestamp.
    WafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    ApiNameOps []WafApiSecSensitivePrivilegeRuleApiNameOpArgs
    API match list.
    ApiNames []string
    Up to 20 APIs can be entered.
    Domain string
    Domain name.
    Option float64
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    ParameterLists []string
    Authentication parameter list.
    Position string
    Authentication position.
    RuleName string
    Rule name, cannot be repeated.
    Source string
    Rule source.
    Status float64
    Rule switch, 0: off, 1: on.
    UpdateTime float64
    Update timestamp.
    WafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    api_name_ops list(object)
    API match list.
    api_names list(string)
    Up to 20 APIs can be entered.
    domain string
    Domain name.
    option number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameter_lists list(string)
    Authentication parameter list.
    position string
    Authentication position.
    rule_name string
    Rule name, cannot be repeated.
    source string
    Rule source.
    status number
    Rule switch, 0: off, 1: on.
    update_time number
    Update timestamp.
    waf_api_sec_sensitive_privilege_rule_id string
    ID of the resource.
    apiNameOps List<WafApiSecSensitivePrivilegeRuleApiNameOp>
    API match list.
    apiNames List<String>
    Up to 20 APIs can be entered.
    domain String
    Domain name.
    option Double
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists List<String>
    Authentication parameter list.
    position String
    Authentication position.
    ruleName String
    Rule name, cannot be repeated.
    source String
    Rule source.
    status Double
    Rule switch, 0: off, 1: on.
    updateTime Double
    Update timestamp.
    wafApiSecSensitivePrivilegeRuleId String
    ID of the resource.
    apiNameOps WafApiSecSensitivePrivilegeRuleApiNameOp[]
    API match list.
    apiNames string[]
    Up to 20 APIs can be entered.
    domain string
    Domain name.
    option number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists string[]
    Authentication parameter list.
    position string
    Authentication position.
    ruleName string
    Rule name, cannot be repeated.
    source string
    Rule source.
    status number
    Rule switch, 0: off, 1: on.
    updateTime number
    Update timestamp.
    wafApiSecSensitivePrivilegeRuleId string
    ID of the resource.
    api_name_ops Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpArgs]
    API match list.
    api_names Sequence[str]
    Up to 20 APIs can be entered.
    domain str
    Domain name.
    option float
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameter_lists Sequence[str]
    Authentication parameter list.
    position str
    Authentication position.
    rule_name str
    Rule name, cannot be repeated.
    source str
    Rule source.
    status float
    Rule switch, 0: off, 1: on.
    update_time float
    Update timestamp.
    waf_api_sec_sensitive_privilege_rule_id str
    ID of the resource.
    apiNameOps List<Property Map>
    API match list.
    apiNames List<String>
    Up to 20 APIs can be entered.
    domain String
    Domain name.
    option Number
    Application object value, 1 means manual filling, 2 means obtaining from API assets.
    parameterLists List<String>
    Authentication parameter list.
    position String
    Authentication position.
    ruleName String
    Rule name, cannot be repeated.
    source String
    Rule source.
    status Number
    Rule switch, 0: off, 1: on.
    updateTime Number
    Update timestamp.
    wafApiSecSensitivePrivilegeRuleId String
    ID of the resource.

    Supporting Types

    WafApiSecSensitivePrivilegeRuleApiNameOp, WafApiSecSensitivePrivilegeRuleApiNameOpArgs

    ApiNameMethods List<WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod>
    When manually filtering, this structure should be passed.
    Op string
    Match method, such as belong and regex.
    Values List<string>
    Match value list.
    ApiNameMethods []WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod
    When manually filtering, this structure should be passed.
    Op string
    Match method, such as belong and regex.
    Values []string
    Match value list.
    api_name_methods list(object)
    When manually filtering, this structure should be passed.
    op string
    Match method, such as belong and regex.
    values list(string)
    Match value list.
    apiNameMethods List<WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod>
    When manually filtering, this structure should be passed.
    op String
    Match method, such as belong and regex.
    values List<String>
    Match value list.
    apiNameMethods WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod[]
    When manually filtering, this structure should be passed.
    op string
    Match method, such as belong and regex.
    values string[]
    Match value list.
    api_name_methods Sequence[WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod]
    When manually filtering, this structure should be passed.
    op str
    Match method, such as belong and regex.
    values Sequence[str]
    Match value list.
    apiNameMethods List<Property Map>
    When manually filtering, this structure should be passed.
    op String
    Match method, such as belong and regex.
    values List<String>
    Match value list.

    WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethod, WafApiSecSensitivePrivilegeRuleApiNameOpApiNameMethodArgs

    ApiName string
    API name.
    Count double
    API request count in the last 30 days.
    Labels List<string>
    API label.
    Method string
    API request method.
    ApiName string
    API name.
    Count float64
    API request count in the last 30 days.
    Labels []string
    API label.
    Method string
    API request method.
    api_name string
    API name.
    count number
    API request count in the last 30 days.
    labels list(string)
    API label.
    method string
    API request method.
    apiName String
    API name.
    count Double
    API request count in the last 30 days.
    labels List<String>
    API label.
    method String
    API request method.
    apiName string
    API name.
    count number
    API request count in the last 30 days.
    labels string[]
    API label.
    method string
    API request method.
    api_name str
    API name.
    count float
    API request count in the last 30 days.
    labels Sequence[str]
    API label.
    method str
    API request method.
    apiName String
    API name.
    count Number
    API request count in the last 30 days.
    labels List<String>
    API label.
    method String
    API request method.

    Import

    WAF api sec sensitive privilege rule can be imported using the domain#ruleName, e.g.

    $ pulumi import tencentcloud:index/wafApiSecSensitivePrivilegeRule:WafApiSecSensitivePrivilegeRule example www.example.com#tf-example
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    tencentcloud tencentcloudstack/terraform-provider-tencentcloud
    License
    Notes
    This Pulumi package is based on the tencentcloud Terraform Provider.
    Viewing docs for tencentcloud 1.83.7
    published on Tuesday, Jun 30, 2026 by tencentcloudstack

      Try Pulumi Cloud free.
      Your team will thank you.

      Start free trial