diff --git a/go.mod b/go.mod
index 296d5b9537..9699931f44 100644
--- a/go.mod
+++ b/go.mod
@@ -46,7 +46,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.860
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.544
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.860
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.888
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.692
diff --git a/go.sum b/go.sum
index 4b1340a343..68db906ae0 100644
--- a/go.sum
+++ b/go.sum
@@ -920,9 +920,14 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.844/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.845/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.853/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.856/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.857/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.859/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860 h1:d5/YwGX6b5YgFU/0thsbs5aBp4aJJXBi7JyU1JHAaw0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.887 h1:Py9MuRl/d97NxBb9opcNWMsxgrn83Aramk7X5sEUI4o=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.887/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.888 h1:FqVcZ+POUhckq6ZRlwOR819fsXp49YyizpmWZJYAAGg=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.888/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860/go.mod h1:NZo1WplQcC314kMlCRUoy8NQju2BnolIJj7NAWgsuhY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.624 h1:nEZqsoqt1pEoaP9JjkHQy3/H00suCfzlHW1qOm2nYD8=
diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go
index 2406dbd948..3d8e7c92bc 100644
--- a/tencentcloud/provider.go
+++ b/tencentcloud/provider.go
@@ -14,6 +14,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/mitchellh/go-homedir"
 	sdkcommon "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	commonJson "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json"
 	sdksts "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/sts/v20180813"
 	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/connectivity"
@@ -139,6 +140,10 @@ type TencentCloudClient struct {
 
 var _ tccommon.ProviderMeta = &TencentCloudClient{}
 
+func init() {
+	commonJson.OmitBehaviour = commonJson.OmitEmpty
+}
+
 // GetAPIV3Conn 返回访问云 API 的客户端连接对象
 func (meta *TencentCloudClient) GetAPIV3Conn() *connectivity.TencentCloudClient {
 	return meta.apiV3Conn
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
index 80caf9eb3a..5494a0ac72 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
@@ -265,7 +265,7 @@ func CompleteCommonParams(request Request, region string, requestClient string)
 	params["Action"] = request.GetAction()
 	params["Timestamp"] = strconv.FormatInt(time.Now().Unix(), 10)
 	params["Nonce"] = strconv.Itoa(rand.Int())
-	params["RequestClient"] = "SDK_GO_1.0.860"
+	params["RequestClient"] = "SDK_GO_1.0.888"
 	if requestClient != "" {
 		params["RequestClient"] += ": " + requestClient
 	}
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json/encode.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json/encode.go
index c9850b63c0..eecf128774 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json/encode.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/json/encode.go
@@ -635,15 +635,27 @@ type structEncoder struct {
 	fieldEncs []encoderFunc
 }
 
+const (
+	OmitNil = 0 + iota
+	OmitEmpty
+)
+
+var OmitBehaviour = OmitNil
+
+func shouldOmit(f field, fv reflect.Value) bool {
+	if OmitBehaviour == OmitNil {
+		return !fv.IsValid() || (f.omitNil || f.omitEmpty) && isNilValue(fv)
+	} else {
+		return !fv.IsValid() || (f.omitNil || f.omitEmpty) && isEmptyValue(fv)
+	}
+}
+
 func (se *structEncoder) encode(e *encodeState, v reflect.Value, opts encOpts) {
 	e.WriteByte('{')
 	first := true
 	for i, f := range se.fields {
 		fv := fieldByIndex(v, f.index)
-		if !fv.IsValid() || f.omitEmpty && isEmptyValue(fv) {
-			continue
-		}
-		if !fv.IsValid() || f.omitNil && isNilValue(fv) {
+		if shouldOmit(f, fv) {
 			continue
 		}
 		if first {
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/oidc_role_arn_provider.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/oidc_role_arn_provider.go
index bde372bc70..0522bc08fa 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/oidc_role_arn_provider.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/oidc_role_arn_provider.go
@@ -21,6 +21,7 @@ type OIDCRoleArnProvider struct {
 	roleSessionName  string
 	durationSeconds  int64
 	Endpoint         string
+	beforeRefresh    func(provider *OIDCRoleArnProvider) error
 }
 
 type oidcStsRsp struct {
@@ -54,33 +55,46 @@ func NewOIDCRoleArnProvider(region, providerId, webIdentityToken, roleArn, roleS
 //  4. roleSessionName will be "tencentcloud-go-sdk-" + timestamp
 //  5. durationSeconds will be 7200s
 func DefaultTkeOIDCRoleArnProvider() (*OIDCRoleArnProvider, error) {
-	reg := os.Getenv("TKE_REGION")
-	if reg == "" {
-		return nil, errors.New("env TKE_REGION not exist")
+	beforeRefresh := func(provider *OIDCRoleArnProvider) error {
+		reg := os.Getenv("TKE_REGION")
+		if reg == "" {
+			return errors.New("env TKE_REGION not exist")
+		}
+
+		providerId := os.Getenv("TKE_PROVIDER_ID")
+		if providerId == "" {
+			return errors.New("env TKE_PROVIDER_ID not exist")
+		}
+
+		tokenFile := os.Getenv("TKE_WEB_IDENTITY_TOKEN_FILE")
+		if tokenFile == "" {
+			return errors.New("env TKE_WEB_IDENTITY_TOKEN_FILE not exist")
+		}
+		tokenBytes, err := ioutil.ReadFile(tokenFile)
+		if err != nil {
+			return err
+		}
+
+		roleArn := os.Getenv("TKE_ROLE_ARN")
+		if roleArn == "" {
+			return errors.New("env TKE_ROLE_ARN not exist")
+		}
+
+		sessionName := defaultSessionName + strconv.FormatInt(time.Now().UnixNano()/1000, 10)
+
+		provider.region = region
+		provider.providerId = providerId
+		provider.webIdentityToken = string(tokenBytes)
+		provider.roleArn = roleArn
+		provider.roleSessionName = sessionName
+		return nil
 	}
 
-	providerId := os.Getenv("TKE_PROVIDER_ID")
-	if providerId == "" {
-		return nil, errors.New("env TKE_PROVIDER_ID not exist")
+	provider := &OIDCRoleArnProvider{
+		beforeRefresh:   beforeRefresh,
+		durationSeconds: defaultDurationSeconds,
 	}
-
-	tokenFile := os.Getenv("TKE_WEB_IDENTITY_TOKEN_FILE")
-	if tokenFile == "" {
-		return nil, errors.New("env TKE_WEB_IDENTITY_TOKEN_FILE not exist")
-	}
-	tokenBytes, err := ioutil.ReadFile(tokenFile)
-	if err != nil {
-		return nil, err
-	}
-
-	roleArn := os.Getenv("TKE_ROLE_ARN")
-	if roleArn == "" {
-		return nil, errors.New("env TKE_ROLE_ARN not exist")
-	}
-
-	sessionName := defaultSessionName + strconv.FormatInt(time.Now().UnixNano()/1000, 10)
-
-	return NewOIDCRoleArnProvider(reg, providerId, string(tokenBytes), roleArn, sessionName, defaultDurationSeconds), nil
+	return provider, provider.beforeRefresh(provider)
 }
 
 func (r *OIDCRoleArnProvider) GetCredential() (CredentialIface, error) {
@@ -89,6 +103,14 @@ func (r *OIDCRoleArnProvider) GetCredential() (CredentialIface, error) {
 		version = "2018-08-13"
 		action  = "AssumeRoleWithWebIdentity"
 	)
+
+	if r.beforeRefresh != nil {
+		err := r.beforeRefresh(r)
+		if err != nil {
+			return nil, err
+		}
+	}
+
 	if r.durationSeconds > 43200 || r.durationSeconds <= 0 {
 		return nil, tcerr.NewTencentCloudSDKError(creErr, "AssumeRoleWithWebIdentity durationSeconds should be in the range of 0~43200s", "")
 	}
@@ -131,7 +153,7 @@ func (r *OIDCRoleArnProvider) GetCredential() (CredentialIface, error) {
 		roleArn:         r.roleArn,
 		roleSessionName: r.roleSessionName,
 		durationSeconds: r.durationSeconds,
-		expiredTime:     int64(rspSt.Response.ExpiredTime),
+		expiredTime:     int64(rspSt.Response.ExpiredTime) - r.durationSeconds/10,
 		token:           rspSt.Response.Credentials.Token,
 		tmpSecretId:     rspSt.Response.Credentials.TmpSecretId,
 		tmpSecretKey:    rspSt.Response.Credentials.TmpSecretKey,
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/role_arn_credential.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/role_arn_credential.go
index ad5917304c..e668c3d19d 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/role_arn_credential.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/role_arn_credential.go
@@ -56,6 +56,7 @@ func (c *RoleArnCredential) refresh() {
 	newCre, err := c.source.GetCredential()
 	if err != nil {
 		log.Println(err)
+		return
 	}
 	*c = *newCre.(*RoleArnCredential)
 }
diff --git a/vendor/modules.txt b/vendor/modules.txt
index d6f1737f10..2c91857f23 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1160,7 +1160,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit/v20190319
 # github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.860
 ## explicit; go 1.14
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls/v20201016
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.888
 ## explicit; go 1.11
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors