feat(waf): [128286560] add new resource (#3596)

* add

* add

Author: SevenEarth

.changelog/3596.txt

@@ -0,0 +1,19 @@
+```release-note:new-data-source
+tencentcloud_waf_owasp_rule_types
+```
+
+```release-note:new-data-source
+tencentcloud_waf_owasp_rules
+```
+
+```release-note:new-resource
+tencentcloud_waf_owasp_rule_type_config
+```
+
+```release-note:new-resource
+tencentcloud_waf_owasp_rule_status_config
+```
+
+```release-note:new-resource
+tencentcloud_waf_owasp_white_rule
+```

go.mod

@@ -97,7 +97,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tsf v1.0.674
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.860
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.1.14
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.1.36
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.1.45
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wss v1.0.199
 	github.com/tencentyun/cos-go-sdk-v5 v0.7.66

go.sum

@@ -977,10 +977,10 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.46 h1:wWcfc
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.46/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.48 h1:aoRUrz2ag27jQWcOKHgeE+toSti6/xPqHKMLruOtJuM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.48/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50 h1:wZGiUXmzr4L0S1coFhnjddkyNrO5ZTtfxBDrbeR+1d8=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.49 h1:BQwUw2V21zIRJxstnaxtG/22lBL3+FbUgWhaC6Qd9ws=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.49/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50 h1:wZGiUXmzr4L0S1coFhnjddkyNrO5ZTtfxBDrbeR+1d8=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993/go.mod h1:Z9U8zNtyuyKhjS0698wqsrG/kLx1TQ5CEixXBwVe7xY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
@@ -1118,6 +1118,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.1.14 h1:RsontLM/
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.1.14/go.mod h1:qvuXI7MmzMaUBhGaQhGdZU7QLp3hKS53a3otvIz4CYg=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170 h1:kcQCWuI9zOkZgL5CK66HNAJmSWCSJxRrDxXT+j02CeE=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170/go.mod h1:vTukVfThbBIc4lOf4eq/q51eEk78oZUJd2lAoJBOJwI=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.1.36 h1:d4Cjrt+VkS0OElToWZuojkj55z07ECvqfSyeyLOziF4=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.1.36/go.mod h1:4ukz7/m3FarLnjn9UTX/Oc0cTWLZb82MKVLov0Ac4/k=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.792 h1:NLgKNOIHWa38AmW7dyfI9Jlcp2Kr9VRD94f48pPNmxM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.0.792/go.mod h1:Xz6vPV3gHlzPwtEcmWdWO1EUXJDgn2p7UMCXbJiVioQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/wedata v1.1.31 h1:5mDWm86NA0etP4ictillWtZgyCHiK9hpCmj+qEYeowc=

tencentcloud/provider.go

@@ -1219,6 +1219,8 @@ func Provider() *schema.Provider {
 			"tencentcloud_waf_peak_points":                                       waf.DataSourceTencentCloudWafPeakPoints(),
 			"tencentcloud_waf_instance_qps_limit":                                waf.DataSourceTencentCloudWafInstanceQpsLimit(),
 			"tencentcloud_waf_user_clb_regions":                                  waf.DataSourceTencentCloudWafUserClbRegions(),
+			"tencentcloud_waf_owasp_rule_types":                                  waf.DataSourceTencentCloudWafOwaspRuleTypes(),
+			"tencentcloud_waf_owasp_rules":                                       waf.DataSourceTencentCloudWafOwaspRules(),
 			"tencentcloud_cfw_nat_fw_switches":                                   cfw.DataSourceTencentCloudCfwNatFwSwitches(),
 			"tencentcloud_cfw_vpc_fw_switches":                                   cfw.DataSourceTencentCloudCfwVpcFwSwitches(),
 			"tencentcloud_cfw_edge_fw_switches":                                  cfw.DataSourceTencentCloudCfwEdgeFwSwitches(),
@@ -2331,6 +2333,9 @@ func Provider() *schema.Provider {
 			"tencentcloud_waf_bot_status_config":                                                    waf.ResourceTencentCloudWafBotStatusConfig(),
 			"tencentcloud_waf_bot_scene_ucb_rule":                                                   waf.ResourceTencentCloudWafBotSceneUCBRule(),
 			"tencentcloud_waf_attack_white_rule":                                                    waf.ResourceTencentCloudWafAttackWhiteRule(),
+			"tencentcloud_waf_owasp_rule_type_config":                                               waf.ResourceTencentCloudWafOwaspRuleTypeConfig(),
+			"tencentcloud_waf_owasp_rule_status_config":                                             waf.ResourceTencentCloudWafOwaspRuleStatusConfig(),
+			"tencentcloud_waf_owasp_white_rule":                                                     waf.ResourceTencentCloudWafOwaspWhiteRule(),
 			"tencentcloud_wedata_submit_task_operation":                                             wedata.ResourceTencentCloudWedataSubmitTaskOperation(),
 			"tencentcloud_wedata_task":                                                              wedata.ResourceTencentCloudWedataTask(),
 			"tencentcloud_wedata_workflow_folder":                                                   wedata.ResourceTencentCloudWedataWorkflowFolder(),

tencentcloud/provider.md

@@ -2197,6 +2197,8 @@ tencentcloud_waf_attack_total_count
 tencentcloud_waf_peak_points
 tencentcloud_waf_instance_qps_limit
 tencentcloud_waf_user_clb_regions
+tencentcloud_waf_owasp_rule_types
+tencentcloud_waf_owasp_rules
 
 Resource
 tencentcloud_waf_custom_rule
@@ -2224,6 +2226,9 @@ tencentcloud_waf_bot_scene_status_config
 tencentcloud_waf_bot_status_config
 tencentcloud_waf_bot_scene_ucb_rule
 tencentcloud_waf_attack_white_rule
+tencentcloud_waf_owasp_rule_type_config
+tencentcloud_waf_owasp_rule_status_config
+tencentcloud_waf_owasp_white_rule
 
 Wedata
 Data Source

tencentcloud/services/waf/data_source_tc_waf_owasp_rule_types.go

@@ -0,0 +1,228 @@
+package waf
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	wafv20180125 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+
+	tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func DataSourceTencentCloudWafOwaspRuleTypes() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTencentCloudWafOwaspRuleTypesRead,
+		Schema: map[string]*schema.Schema{
+			"domain": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "Domain names to be queried.",
+			},
+
+			"filters": {
+				Type:        schema.TypeList,
+				Optional:    true,
+				Description: "Filter conditions. supports RuleId, CveID, and Desc.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"name": {
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "Field name, used for filtering\nFilter the sub-order number (value) by DealName.",
+						},
+						"values": {
+							Type:        schema.TypeSet,
+							Required:    true,
+							Description: "Values after filtering.",
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+						"exact_match": {
+							Type:        schema.TypeBool,
+							Required:    true,
+							Description: "Exact search or not.",
+						},
+					},
+				},
+			},
+
+			"list": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: "Rule type list and information.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"type_id": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Type ID.",
+						},
+						"type_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Type name.",
+						},
+						"description": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Type description.",
+						},
+						"classification": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Data type category.",
+						},
+						"action": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Protection mode of the rule type. valid values: 0 (observation), 1 (intercept).",
+						},
+						"level": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Protection level of the rule type. valid values: 100 (loose), 200 (normal), 300 (strict), 400 (ultra-strict).",
+						},
+						"status": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "The switch status of the rule type. valid values: 0 (disabled), 1 (enabled).",
+						},
+						"total_rule": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Specifies all rules under the rule type. always.",
+						},
+						"active_rule": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Indicates the total number of rules enabled under the rule type.",
+						},
+					},
+				},
+			},
+
+			"result_output_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Used to save results.",
+			},
+		},
+	}
+}
+
+func dataSourceTencentCloudWafOwaspRuleTypesRead(d *schema.ResourceData, meta interface{}) error {
+	defer tccommon.LogElapsed("data_source.tencentcloud_waf_owasp_rule_types.read")()
+	defer tccommon.InconsistentCheck(d, meta)()
+
+	var (
+		logId   = tccommon.GetLogId(nil)
+		ctx     = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+		service = WafService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+		domain  string
+	)
+
+	paramMap := make(map[string]interface{})
+	if v, ok := d.GetOk("domain"); ok {
+		paramMap["Domain"] = helper.String(v.(string))
+		domain = v.(string)
+	}
+
+	if v, ok := d.GetOk("filters"); ok {
+		filtersSet := v.([]interface{})
+		tmpSet := make([]*wafv20180125.FiltersItemNew, 0, len(filtersSet))
+		for _, item := range filtersSet {
+			filtersMap := item.(map[string]interface{})
+			filtersItemNew := wafv20180125.FiltersItemNew{}
+			if v, ok := filtersMap["name"].(string); ok && v != "" {
+				filtersItemNew.Name = helper.String(v)
+			}
+
+			if v, ok := filtersMap["values"]; ok {
+				valuesSet := v.(*schema.Set).List()
+				for i := range valuesSet {
+					values := valuesSet[i].(string)
+					filtersItemNew.Values = append(filtersItemNew.Values, helper.String(values))
+				}
+			}
+
+			if v, ok := filtersMap["exact_match"].(bool); ok {
+				filtersItemNew.ExactMatch = helper.Bool(v)
+			}
+
+			tmpSet = append(tmpSet, &filtersItemNew)
+		}
+
+		paramMap["Filters"] = tmpSet
+	}
+
+	var respData []*wafv20180125.OwaspRuleType
+	reqErr := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+		result, e := service.DescribeWafOwaspRuleTypesByFilter(ctx, paramMap)
+		if e != nil {
+			return tccommon.RetryError(e)
+		}
+
+		respData = result
+		return nil
+	})
+
+	if reqErr != nil {
+		return reqErr
+	}
+
+	listList := make([]map[string]interface{}, 0, len(respData))
+	for _, list := range respData {
+		listMap := map[string]interface{}{}
+		if list.TypeId != nil {
+			listMap["type_id"] = list.TypeId
+		}
+
+		if list.TypeName != nil {
+			listMap["type_name"] = list.TypeName
+		}
+
+		if list.Description != nil {
+			listMap["description"] = list.Description
+		}
+
+		if list.Classification != nil {
+			listMap["classification"] = list.Classification
+		}
+
+		if list.Action != nil {
+			listMap["action"] = list.Action
+		}
+
+		if list.Level != nil {
+			listMap["level"] = list.Level
+		}
+
+		if list.Status != nil {
+			listMap["status"] = list.Status
+		}
+
+		if list.TotalRule != nil {
+			listMap["total_rule"] = list.TotalRule
+		}
+
+		if list.ActiveRule != nil {
+			listMap["active_rule"] = list.ActiveRule
+		}
+
+		listList = append(listList, listMap)
+	}
+
+	_ = d.Set("list", listList)
+	d.SetId(domain)
+	output, ok := d.GetOk("result_output_file")
+	if ok && output.(string) != "" {
+		if e := tccommon.WriteToFile(output.(string), d); e != nil {
+			return e
+		}
+	}
+
+	return nil
+}

tencentcloud/services/waf/data_source_tc_waf_owasp_rule_types.md

@@ -0,0 +1,14 @@
+Use this data source to query detailed information of WAF owasp rule types
+
+Example Usage
+
+```hcl
+data "tencentcloud_waf_owasp_rule_types" "example" {
+  domain = "demo.com"
+  filters {
+    name        = "RuleId"
+    values      = ["10000001"]
+    exact_match = true
+  }
+}
+```

tencentcloud/services/waf/data_source_tc_waf_owasp_rule_types_test.go

@@ -0,0 +1,36 @@
+package waf_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudWafOwaspRuleTypesDataSource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			tcacctest.AccPreCheck(t)
+		},
+		Providers: tcacctest.AccProviders,
+		Steps: []resource.TestStep{{
+			Config: testAccWafOwaspRuleTypesDataSource,
+			Check: resource.ComposeTestCheckFunc(
+				tcacctest.AccCheckTencentCloudDataSourceID("data.tencentcloud_waf_owasp_rule_types.example"),
+			),
+		}},
+	})
+}
+
+const testAccWafOwaspRuleTypesDataSource = `
+data "tencentcloud_waf_owasp_rule_types" "example" {
+  domain = "example.qcloud.com"
+  filters {
+    name        = "RuleId"
+    values      = ["10000001"]
+    exact_match = true
+  }
+}
+`