Skip to content

Commit 66c9753

Browse files
SevenEarthSevenEarth
authored
fix(teo): [124574429] tencentcloud_teo_security_policy_config add new item for security_policy (#3413)
* add * add * add
1 parent 6e8bcce commit 66c9753

File tree

11 files changed

+3839
-675
lines changed

11 files changed

+3839
-675
lines changed

.changelog/3413.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
```release-note:enhancement
2+
resource/tencentcloud_teo_security_policy_config: add new item for `security_policy`
3+
```

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ require (
4646
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1107
4747
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.1033
4848
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.1148
49-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1170
49+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1182
5050
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.1153
5151
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
5252
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.1161
@@ -90,7 +90,7 @@ require (
9090
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdcpg v1.0.533
9191
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.955
9292
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578
93-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1129
93+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1182
9494
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.1133
9595
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/trocket v1.0.947
9696
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse v1.0.857

go.sum

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -985,6 +985,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1164 h1:qEz
985985
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1164/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
986986
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1170 h1:67TIDmxXDa73+7nFuyVVxtVswf83JPXiwBy1Xicv+xQ=
987987
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1170/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
988+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1182 h1:it8gutbUhh2l68CzKt0W3OAEytReLg4H9Wq1/ahkzmg=
989+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1182/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
988990
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
989991
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993/go.mod h1:Z9U8zNtyuyKhjS0698wqsrG/kLx1TQ5CEixXBwVe7xY=
990992
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
@@ -1107,6 +1109,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578 h1:vBpQhUr
11071109
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578/go.mod h1:UlojGQh/9wb7/uXPNi7PvMral1CNAskVDNgqJEV83l0=
11081110
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1129 h1:9zrLWqS6sQ7YHjyrRGKexB5s7MkmlaAjME+Gsjw0FXo=
11091111
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1129/go.mod h1:Upcwa9By8gGR8qNLEiAetIKGbe4LmZbtXw0muPWXYc8=
1112+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1182 h1:usJ5oGRWXkOufePi9JRP+kz5s0lTKUazpLDJJzVaJrQ=
1113+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1182/go.mod h1:lR5rdTT9V5RO9c0hXlFqO0o/bHdxn+R1+JMnWILzne0=
11101114
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/thpc v1.0.998 h1:f4/n0dVKQTD06xJ84B5asHViNJHrZmGojdAWEPIsITM=
11111115
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/thpc v1.0.998/go.mod h1:fyi/HUwCwVe2NCCCjz8k/C5GwPu3QazCZO+OBJ3MhLk=
11121116
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.0.1038 h1:tmK0aSj8zJrTx7aubJR8DBvtySj1uO8UdFANUDFtbmo=

tencentcloud/services/teo/resource_tc_teo_security_policy_config.go

Lines changed: 2793 additions & 514 deletions
Large diffs are not rendered by default.

tencentcloud/services/teo/resource_tc_teo_security_policy_config.md

Lines changed: 79 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ resource "tencentcloud_teo_security_policy_config" "example" {
1414
custom_rules {
1515
precise_match_rules {
1616
name = "rule1"
17-
condition = "$${http.request.host} contain ['abc']"
17+
condition = "$${http.request.host} contain ['test']"
1818
enabled = "on"
1919
priority = 50
2020
action {
@@ -179,6 +179,84 @@ resource "tencentcloud_teo_security_policy_config" "example" {
179179
}
180180
}
181181
}
182+
183+
http_ddos_protection {
184+
adaptive_frequency_control {
185+
enabled = "on"
186+
sensitivity = "Loose"
187+
action {
188+
name = "Challenge"
189+
challenge_action_parameters {
190+
challenge_option = "JSChallenge"
191+
}
192+
}
193+
}
194+
195+
client_filtering {
196+
enabled = "on"
197+
action {
198+
name = "Challenge"
199+
challenge_action_parameters {
200+
challenge_option = "JSChallenge"
201+
}
202+
}
203+
}
204+
205+
bandwidth_abuse_defense {
206+
enabled = "on"
207+
action {
208+
name = "Deny"
209+
}
210+
}
211+
212+
slow_attack_defense {
213+
enabled = "on"
214+
action {
215+
name = "Deny"
216+
}
217+
218+
minimal_request_body_transfer_rate {
219+
minimal_avg_transfer_rate_threshold = "80bps"
220+
counting_period = "60s"
221+
enabled = "on"
222+
}
223+
224+
request_body_transfer_timeout {
225+
idle_timeout = "5s"
226+
enabled = "on"
227+
}
228+
}
229+
}
230+
231+
rate_limiting_rules {
232+
rules {
233+
name = "Single IP request rate limit"
234+
condition = "$${http.request.uri.path} contain ['/checkout/submit']"
235+
count_by = ["http.request.ip"]
236+
max_request_threshold = 300
237+
counting_period = "60s"
238+
action_duration = "30m"
239+
action {
240+
name = "Challenge"
241+
challenge_action_parameters {
242+
challenge_option = "JSChallenge"
243+
}
244+
}
245+
priority = 50
246+
enabled = "on"
247+
}
248+
}
249+
250+
exception_rules {
251+
rules {
252+
name = "High-frequency API bypasses rate limits"
253+
condition = "$${http.request.method} in ['POST'] and $${http.request.uri.path} in ['/api/EventLogUpload']"
254+
skip_scope = "WebSecurityModules"
255+
skip_option = "SkipOnAllRequestFields"
256+
web_security_modules_for_exception = ["websec-mod-adaptive-control"]
257+
enabled = "off"
258+
}
259+
}
182260
}
183261
}
184262
```

vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)