Skip to content

Commit a1f7a06

Browse files
committed
fix/waf
1 parent b9a8fa4 commit a1f7a06

File tree

12 files changed

+971
-228
lines changed

12 files changed

+971
-228
lines changed

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ require (
4646
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.847
4747
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544
4848
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.711
49-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.847
49+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.856
5050
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624
5151
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
5252
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.692
@@ -97,7 +97,7 @@ require (
9797
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tsf v1.0.674
9898
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.199
9999
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.845
100-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.833
100+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.856
101101
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.792
102102
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wss v1.0.199
103103
github.com/tencentyun/cos-go-sdk-v5 v0.7.42-0.20230629101357-7edd77448a0f

go.sum

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -954,6 +954,9 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.845 h1:fiiV
954954
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.845/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
955955
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.847 h1:ITZmxAWfbr5yikJ4T30yVYMW3jpa/oTmNbPnw/h1Vq0=
956956
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.847/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
957+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
958+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.856 h1:4PaaKxPjh0dmRzzz0CRZSZlbvzQIPcg4TE1Ibz0Cdlk=
959+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.856/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
957960
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624 h1:nEZqsoqt1pEoaP9JjkHQy3/H00suCfzlHW1qOm2nYD8=
958961
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624/go.mod h1:+TXSVyeKwt1IhZRqKPbTREteBcP+K07Q846/ilNzLWA=
959962
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762 h1:2egy69SP/wPsmnfozcQVZ6tUY6F6N/TpEe/7xtXrc/8=
@@ -1062,6 +1065,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.845 h1:c9TSh+k
10621065
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.845/go.mod h1:sz+RI5GLDNIQMKJAR2N93fyxFv/FQo322xq/iAg2Z/g=
10631066
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.833 h1:avaBlZ+Qqv7bfMg/u0jlRsbEBbE18CfqKWbfGc84PLg=
10641067
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.833/go.mod h1:fUWG217b//46Oa3VXxC5mgeYeewVAbF+lc81uET89EM=
1068+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.853 h1:iq2QZqBS1DDMRy6IjQXssZKasAkSmcK7Ys1zZ/toPMg=
1069+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.853/go.mod h1:SkfcquidDu630zsDVoF2OeJrMAvNx4rsk34Quucfuwg=
1070+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.856 h1:019LsAoQz76hUYZKXfNLtmmGwp2u4Lx7PFe9Hi8ceiQ=
1071+
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.856/go.mod h1:rlVASPNXcnU/AomXIqJd38UPqXRE1Q7RQqjIbErtMbg=
10651072
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.792 h1:NLgKNOIHWa38AmW7dyfI9Jlcp2Kr9VRD94f48pPNmxM=
10661073
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.792/go.mod h1:Xz6vPV3gHlzPwtEcmWdWO1EUXJDgn2p7UMCXbJiVioQ=
10671074
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wss v1.0.199 h1:hMBLtiJPnZ9GvA677cTB6ELBR6B68wCR2QY1sNoGQc4=

tencentcloud/services/waf/extension_waf.go

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,26 @@ var API_SAFE_STATUS = []int{
122122
API_SAFE_STATUS_1,
123123
}
124124

125+
const (
126+
POST_CLS_ACTION_0 = 0
127+
POST_CLS_ACTION_1 = 1
128+
)
129+
130+
var POST_CLS_ACTION = []int{
131+
POST_CLS_ACTION_0,
132+
POST_CLS_ACTION_1,
133+
}
134+
135+
const (
136+
POST_CKAFKA_ACTION_0 = 0
137+
POST_CKAFKA_ACTION_1 = 1
138+
)
139+
140+
var POST_CKAFKA_ACTION = []int{
141+
POST_CKAFKA_ACTION_0,
142+
POST_CKAFKA_ACTION_1,
143+
}
144+
125145
const (
126146
PROTECTION_STATUS_0 = 0
127147
PROTECTION_STATUS_1 = 1

tencentcloud/services/waf/resource_tc_waf_clb_domain.go

Lines changed: 99 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,20 @@ func ResourceTencentCloudWafClbDomain() *schema.Resource {
162162
ValidateFunc: tccommon.ValidateAllowedStringValue(ALB_TYPES),
163163
Description: "Load balancer type: clb, apisix or tsegw, default clb.",
164164
},
165+
"post_cls_action": {
166+
Type: schema.TypeInt,
167+
Optional: true,
168+
Default: POST_CLS_ACTION_0,
169+
ValidateFunc: tccommon.ValidateAllowedIntValue(POST_CLS_ACTION),
170+
Description: "0-off, 1-on. default is 0.",
171+
},
172+
"post_ckafka_action": {
173+
Type: schema.TypeInt,
174+
Optional: true,
175+
Default: POST_CKAFKA_ACTION_0,
176+
ValidateFunc: tccommon.ValidateAllowedIntValue(POST_CKAFKA_ACTION),
177+
Description: "0-off, 1-on. default is 0.",
178+
},
165179
"ip_headers": {
166180
Type: schema.TypeList,
167181
Optional: true,
@@ -182,20 +196,22 @@ func resourceTencentCloudWafClbDomainCreate(d *schema.ResourceData, meta interfa
182196
defer tccommon.InconsistentCheck(d, meta)()
183197

184198
var (
185-
logId = tccommon.GetLogId(tccommon.ContextNil)
186-
ctx = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
187-
service = WafService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
188-
request = waf.NewCreateHostRequest()
189-
instanceID string
190-
domain string
191-
domainId string
192-
wafStatus uint64
193-
engine uint64
194-
botStatus uint64
195-
apiSafeStatus uint64
196-
clsStatus uint64
197-
isCdn int
198-
albType string
199+
logId = tccommon.GetLogId(tccommon.ContextNil)
200+
ctx = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
201+
service = WafService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
202+
request = waf.NewCreateHostRequest()
203+
instanceID string
204+
domain string
205+
domainId string
206+
wafStatus uint64
207+
engine uint64
208+
botStatus uint64
209+
apiSafeStatus uint64
210+
clsStatus uint64
211+
postCLSAction int
212+
postCKafkaAction int
213+
isCdn int
214+
albType string
199215
)
200216

201217
if v, ok := d.GetOk("instance_id"); ok {
@@ -503,6 +519,38 @@ func resourceTencentCloudWafClbDomainCreate(d *schema.ResourceData, meta interfa
503519
}
504520
}
505521

522+
// set domain post
523+
if v, ok := d.GetOkExists("post_cls_action"); ok {
524+
postCLSAction = v.(int)
525+
}
526+
527+
if v, ok := d.GetOkExists("post_ckafka_action"); ok {
528+
postCKafkaAction = v.(int)
529+
}
530+
531+
if postCLSAction == POST_CLS_ACTION_1 || postCKafkaAction == POST_CKAFKA_ACTION_1 {
532+
modifyDomainPostActionRequest := waf.NewModifyDomainPostActionRequest()
533+
modifyDomainPostActionRequest.Domain = helper.String(domain)
534+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCLSAction)
535+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCKafkaAction)
536+
537+
err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
538+
result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().ModifyDomainPostAction(modifyDomainPostActionRequest)
539+
if e != nil {
540+
return tccommon.RetryError(e)
541+
} else {
542+
log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyDomainPostActionRequest.GetAction(), modifyDomainPostActionRequest.ToJsonString(), result.ToJsonString())
543+
}
544+
545+
return nil
546+
})
547+
548+
if err != nil {
549+
log.Printf("[CRITAL]%s modify waf clbDomain post action failed, reason:%+v", logId, err)
550+
return err
551+
}
552+
}
553+
506554
// set waf status
507555
if v, ok := d.GetOkExists("status"); ok {
508556
tmpWafStatus := v.(int)
@@ -713,6 +761,8 @@ func resourceTencentCloudWafClbDomainUpdate(d *schema.ResourceData, meta interfa
713761
botStatus uint64
714762
apiSafeStatus uint64
715763
clsStatus uint64
764+
postCLSAction int
765+
postCKafkaAction int
716766
)
717767

718768
idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
@@ -1023,6 +1073,41 @@ func resourceTencentCloudWafClbDomainUpdate(d *schema.ResourceData, meta interfa
10231073
}
10241074
}
10251075

1076+
// set domain post
1077+
if d.HasChange("post_cls_action") || d.HasChange("post_ckafka_action") {
1078+
if v, ok := d.GetOkExists("post_cls_action"); ok {
1079+
postCLSAction = v.(int)
1080+
}
1081+
1082+
if v, ok := d.GetOkExists("post_ckafka_action"); ok {
1083+
postCKafkaAction = v.(int)
1084+
}
1085+
1086+
if postCLSAction == POST_CLS_ACTION_1 || postCKafkaAction == POST_CKAFKA_ACTION_1 {
1087+
modifyDomainPostActionRequest := waf.NewModifyDomainPostActionRequest()
1088+
modifyDomainPostActionRequest.Domain = helper.String(domain)
1089+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCLSAction)
1090+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCKafkaAction)
1091+
1092+
err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
1093+
result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().ModifyDomainPostAction(modifyDomainPostActionRequest)
1094+
if e != nil {
1095+
return tccommon.RetryError(e)
1096+
} else {
1097+
log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyDomainPostActionRequest.GetAction(), modifyDomainPostActionRequest.ToJsonString(), result.ToJsonString())
1098+
}
1099+
1100+
return nil
1101+
})
1102+
1103+
if err != nil {
1104+
log.Printf("[CRITAL]%s modify waf clbDomain post action failed, reason:%+v", logId, err)
1105+
return err
1106+
}
1107+
}
1108+
1109+
}
1110+
10261111
// set waf status
10271112
if d.HasChange("status") {
10281113
if v, ok := d.GetOkExists("status"); ok {

tencentcloud/services/waf/resource_tc_waf_saas_domain.go

Lines changed: 92 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -255,6 +255,20 @@ func ResourceTencentCloudWafSaasDomain() *schema.Resource {
255255
ValidateFunc: tccommon.ValidateAllowedIntValue(CLS_STATUS),
256256
Description: "Whether to enable access logs, 1 enable, 0 disable.",
257257
},
258+
"post_cls_action": {
259+
Type: schema.TypeInt,
260+
Optional: true,
261+
Default: POST_CLS_ACTION_0,
262+
ValidateFunc: tccommon.ValidateAllowedIntValue(POST_CLS_ACTION),
263+
Description: "0-off, 1-on. default is 0.",
264+
},
265+
"post_ckafka_action": {
266+
Type: schema.TypeInt,
267+
Optional: true,
268+
Default: POST_CKAFKA_ACTION_0,
269+
ValidateFunc: tccommon.ValidateAllowedIntValue(POST_CKAFKA_ACTION),
270+
Description: "0-off, 1-on. default is 0.",
271+
},
258272
//"ipv6_status": {
259273
// Type: schema.TypeInt,
260274
// Optional: true,
@@ -296,6 +310,8 @@ func resourceTencentCloudWafSaasDomainCreate(d *schema.ResourceData, meta interf
296310
apiSafeStatus uint64
297311
clsStatus uint64
298312
protectionStatus uint64
313+
postCLSAction int
314+
postCKafkaAction int
299315
isCdn int
300316
//ipv6Status int64
301317

@@ -710,6 +726,38 @@ func resourceTencentCloudWafSaasDomainCreate(d *schema.ResourceData, meta interf
710726
}
711727
}
712728

729+
// set domain post
730+
if v, ok := d.GetOkExists("post_cls_action"); ok {
731+
postCLSAction = v.(int)
732+
}
733+
734+
if v, ok := d.GetOkExists("post_ckafka_action"); ok {
735+
postCKafkaAction = v.(int)
736+
}
737+
738+
if postCLSAction == POST_CLS_ACTION_1 || postCKafkaAction == POST_CKAFKA_ACTION_1 {
739+
modifyDomainPostActionRequest := waf.NewModifyDomainPostActionRequest()
740+
modifyDomainPostActionRequest.Domain = helper.String(domain)
741+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCLSAction)
742+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCKafkaAction)
743+
744+
err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
745+
result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().ModifyDomainPostAction(modifyDomainPostActionRequest)
746+
if e != nil {
747+
return tccommon.RetryError(e)
748+
} else {
749+
log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyDomainPostActionRequest.GetAction(), modifyDomainPostActionRequest.ToJsonString(), result.ToJsonString())
750+
}
751+
752+
return nil
753+
})
754+
755+
if err != nil {
756+
log.Printf("[CRITAL]%s modify waf clbDomain post action failed, reason:%+v", logId, err)
757+
return err
758+
}
759+
}
760+
713761
// set ipv6
714762
//if v, ok := d.GetOkExists("ipv6_status"); ok {
715763
// tmpIpv6Status := v.(int)
@@ -998,13 +1046,15 @@ func resourceTencentCloudWafSaasDomainUpdate(d *schema.ResourceData, meta interf
9981046
defer tccommon.InconsistentCheck(d, meta)()
9991047

10001048
var (
1001-
logId = tccommon.GetLogId(tccommon.ContextNil)
1002-
ctx = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
1003-
service = WafService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
1004-
request = waf.NewModifySpartaProtectionRequest()
1005-
botStatus uint64
1006-
apiSafeStatus uint64
1007-
clsStatus uint64
1049+
logId = tccommon.GetLogId(tccommon.ContextNil)
1050+
ctx = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
1051+
service = WafService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
1052+
request = waf.NewModifySpartaProtectionRequest()
1053+
botStatus uint64
1054+
apiSafeStatus uint64
1055+
clsStatus uint64
1056+
postCLSAction int
1057+
postCKafkaAction int
10081058
//ipv6Status int64
10091059
loadBalance string
10101060
isCdn int
@@ -1463,6 +1513,41 @@ func resourceTencentCloudWafSaasDomainUpdate(d *schema.ResourceData, meta interf
14631513
}
14641514
}
14651515

1516+
// set domain post
1517+
if d.HasChange("post_cls_action") || d.HasChange("post_ckafka_action") {
1518+
if v, ok := d.GetOkExists("post_cls_action"); ok {
1519+
postCLSAction = v.(int)
1520+
}
1521+
1522+
if v, ok := d.GetOkExists("post_ckafka_action"); ok {
1523+
postCKafkaAction = v.(int)
1524+
}
1525+
1526+
if postCLSAction == POST_CLS_ACTION_1 || postCKafkaAction == POST_CKAFKA_ACTION_1 {
1527+
modifyDomainPostActionRequest := waf.NewModifyDomainPostActionRequest()
1528+
modifyDomainPostActionRequest.Domain = helper.String(domain)
1529+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCLSAction)
1530+
modifyDomainPostActionRequest.PostCLSAction = helper.IntInt64(postCKafkaAction)
1531+
1532+
err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
1533+
result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseWafClient().ModifyDomainPostAction(modifyDomainPostActionRequest)
1534+
if e != nil {
1535+
return tccommon.RetryError(e)
1536+
} else {
1537+
log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, modifyDomainPostActionRequest.GetAction(), modifyDomainPostActionRequest.ToJsonString(), result.ToJsonString())
1538+
}
1539+
1540+
return nil
1541+
})
1542+
1543+
if err != nil {
1544+
log.Printf("[CRITAL]%s modify waf clbDomain post action failed, reason:%+v", logId, err)
1545+
return err
1546+
}
1547+
}
1548+
1549+
}
1550+
14661551
// set ipv6
14671552
//if d.HasChange("ipv6_status") {
14681553
// if v, ok := d.GetOkExists("ipv6_status"); ok {

vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)