1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. dcdn
  5. WafRule
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

alicloud.dcdn.WafRule

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

    Provides a Dcdn Waf Rule resource.

    For information about Dcdn Waf Rule and how to use it, see What is Waf Rule.

    NOTE: Available since v1.201.0.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    import * as random from "@pulumi/random";
    
    const config = new pulumi.Config();
    const name = config.get("name") || "tf_example";
    const _default = new random.index.Integer("default", {
        min: 10000,
        max: 99999,
    });
    const example = new alicloud.dcdn.WafPolicy("example", {
        defenseScene: "waf_group",
        policyName: `${name}_${_default.result}`,
        policyType: "custom",
        status: "on",
    });
    const exampleWafRule = new alicloud.dcdn.WafRule("example", {
        policyId: example.id,
        ruleName: name,
        conditions: [
            {
                key: "URI",
                opValue: "ne",
                values: "/login.php",
            },
            {
                key: "Header",
                subKey: "a",
                opValue: "eq",
                values: "b",
            },
        ],
        status: "on",
        action: "monitor",
        rateLimit: {
            target: "IP",
            interval: 5,
            threshold: 5,
            ttl: 1800,
            status: {
                code: "200",
                ratio: 60,
            },
        },
    });
    
    import pulumi
    import pulumi_alicloud as alicloud
    import pulumi_random as random
    
    config = pulumi.Config()
    name = config.get("name")
    if name is None:
        name = "tf_example"
    default = random.index.Integer("default",
        min=10000,
        max=99999)
    example = alicloud.dcdn.WafPolicy("example",
        defense_scene="waf_group",
        policy_name=f"{name}_{default['result']}",
        policy_type="custom",
        status="on")
    example_waf_rule = alicloud.dcdn.WafRule("example",
        policy_id=example.id,
        rule_name=name,
        conditions=[
            {
                "key": "URI",
                "op_value": "ne",
                "values": "/login.php",
            },
            {
                "key": "Header",
                "sub_key": "a",
                "op_value": "eq",
                "values": "b",
            },
        ],
        status="on",
        action="monitor",
        rate_limit={
            "target": "IP",
            "interval": 5,
            "threshold": 5,
            "ttl": 1800,
            "status": {
                "code": "200",
                "ratio": 60,
            },
        })
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/dcdn"
    	"github.com/pulumi/pulumi-random/sdk/v4/go/random"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		name := "tf_example"
    		if param := cfg.Get("name"); param != "" {
    			name = param
    		}
    		_, err := random.NewInteger(ctx, "default", &random.IntegerArgs{
    			Min: 10000,
    			Max: 99999,
    		})
    		if err != nil {
    			return err
    		}
    		example, err := dcdn.NewWafPolicy(ctx, "example", &dcdn.WafPolicyArgs{
    			DefenseScene: pulumi.String("waf_group"),
    			PolicyName:   pulumi.Sprintf("%v_%v", name, _default.Result),
    			PolicyType:   pulumi.String("custom"),
    			Status:       pulumi.String("on"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = dcdn.NewWafRule(ctx, "example", &dcdn.WafRuleArgs{
    			PolicyId: example.ID(),
    			RuleName: pulumi.String(name),
    			Conditions: dcdn.WafRuleConditionArray{
    				&dcdn.WafRuleConditionArgs{
    					Key:     pulumi.String("URI"),
    					OpValue: pulumi.String("ne"),
    					Values:  pulumi.String("/login.php"),
    				},
    				&dcdn.WafRuleConditionArgs{
    					Key:     pulumi.String("Header"),
    					SubKey:  pulumi.String("a"),
    					OpValue: pulumi.String("eq"),
    					Values:  pulumi.String("b"),
    				},
    			},
    			Status: pulumi.String("on"),
    			Action: pulumi.String("monitor"),
    			RateLimit: &dcdn.WafRuleRateLimitArgs{
    				Target:    pulumi.String("IP"),
    				Interval:  pulumi.Int(5),
    				Threshold: pulumi.Int(5),
    				Ttl:       pulumi.Int(1800),
    				Status: &dcdn.WafRuleRateLimitStatusArgs{
    					Code:  pulumi.String("200"),
    					Ratio: pulumi.Int(60),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    using Random = Pulumi.Random;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var name = config.Get("name") ?? "tf_example";
        var @default = new Random.Index.Integer("default", new()
        {
            Min = 10000,
            Max = 99999,
        });
    
        var example = new AliCloud.Dcdn.WafPolicy("example", new()
        {
            DefenseScene = "waf_group",
            PolicyName = $"{name}_{@default.Result}",
            PolicyType = "custom",
            Status = "on",
        });
    
        var exampleWafRule = new AliCloud.Dcdn.WafRule("example", new()
        {
            PolicyId = example.Id,
            RuleName = name,
            Conditions = new[]
            {
                new AliCloud.Dcdn.Inputs.WafRuleConditionArgs
                {
                    Key = "URI",
                    OpValue = "ne",
                    Values = "/login.php",
                },
                new AliCloud.Dcdn.Inputs.WafRuleConditionArgs
                {
                    Key = "Header",
                    SubKey = "a",
                    OpValue = "eq",
                    Values = "b",
                },
            },
            Status = "on",
            Action = "monitor",
            RateLimit = new AliCloud.Dcdn.Inputs.WafRuleRateLimitArgs
            {
                Target = "IP",
                Interval = 5,
                Threshold = 5,
                Ttl = 1800,
                Status = new AliCloud.Dcdn.Inputs.WafRuleRateLimitStatusArgs
                {
                    Code = "200",
                    Ratio = 60,
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.random.integer;
    import com.pulumi.random.IntegerArgs;
    import com.pulumi.alicloud.dcdn.WafPolicy;
    import com.pulumi.alicloud.dcdn.WafPolicyArgs;
    import com.pulumi.alicloud.dcdn.WafRule;
    import com.pulumi.alicloud.dcdn.WafRuleArgs;
    import com.pulumi.alicloud.dcdn.inputs.WafRuleConditionArgs;
    import com.pulumi.alicloud.dcdn.inputs.WafRuleRateLimitArgs;
    import com.pulumi.alicloud.dcdn.inputs.WafRuleRateLimitStatusArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var config = ctx.config();
            final var name = config.get("name").orElse("tf_example");
            var default_ = new Integer("default", IntegerArgs.builder()
                .min(10000)
                .max(99999)
                .build());
    
            var example = new WafPolicy("example", WafPolicyArgs.builder()
                .defenseScene("waf_group")
                .policyName(String.format("%s_%s", name,default_.result()))
                .policyType("custom")
                .status("on")
                .build());
    
            var exampleWafRule = new WafRule("exampleWafRule", WafRuleArgs.builder()
                .policyId(example.id())
                .ruleName(name)
                .conditions(            
                    WafRuleConditionArgs.builder()
                        .key("URI")
                        .opValue("ne")
                        .values("/login.php")
                        .build(),
                    WafRuleConditionArgs.builder()
                        .key("Header")
                        .subKey("a")
                        .opValue("eq")
                        .values("b")
                        .build())
                .status("on")
                .action("monitor")
                .rateLimit(WafRuleRateLimitArgs.builder()
                    .target("IP")
                    .interval("5")
                    .threshold("5")
                    .ttl("1800")
                    .status(WafRuleRateLimitStatusArgs.builder()
                        .code("200")
                        .ratio("60")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    configuration:
      name:
        type: string
        default: tf_example
    resources:
      default:
        type: random:integer
        properties:
          min: 10000
          max: 99999
      example:
        type: alicloud:dcdn:WafPolicy
        properties:
          defenseScene: waf_group
          policyName: ${name}_${default.result}
          policyType: custom
          status: on
      exampleWafRule:
        type: alicloud:dcdn:WafRule
        name: example
        properties:
          policyId: ${example.id}
          ruleName: ${name}
          conditions:
            - key: URI
              opValue: ne
              values: /login.php
            - key: Header
              subKey: a
              opValue: eq
              values: b
          status: on
          action: monitor
          rateLimit:
            target: IP
            interval: '5'
            threshold: '5'
            ttl: '1800'
            status:
              code: '200'
              ratio: '60'
    

    Create WafRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new WafRule(name: string, args: WafRuleArgs, opts?: CustomResourceOptions);
    @overload
    def WafRule(resource_name: str,
                args: WafRuleArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def WafRule(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                policy_id: Optional[str] = None,
                rule_name: Optional[str] = None,
                conditions: Optional[Sequence[WafRuleConditionArgs]] = None,
                action: Optional[str] = None,
                effect: Optional[str] = None,
                other_region_list: Optional[str] = None,
                cn_region_list: Optional[str] = None,
                rate_limit: Optional[WafRuleRateLimitArgs] = None,
                regular_rules: Optional[Sequence[str]] = None,
                regular_types: Optional[Sequence[str]] = None,
                remote_addrs: Optional[Sequence[str]] = None,
                cc_status: Optional[str] = None,
                scenes: Optional[Sequence[str]] = None,
                status: Optional[str] = None,
                waf_group_ids: Optional[str] = None)
    func NewWafRule(ctx *Context, name string, args WafRuleArgs, opts ...ResourceOption) (*WafRule, error)
    public WafRule(string name, WafRuleArgs args, CustomResourceOptions? opts = null)
    public WafRule(String name, WafRuleArgs args)
    public WafRule(String name, WafRuleArgs args, CustomResourceOptions options)
    
    type: alicloud:dcdn:WafRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args WafRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args WafRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args WafRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args WafRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args WafRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var wafRuleResource = new AliCloud.Dcdn.WafRule("wafRuleResource", new()
    {
        PolicyId = "string",
        RuleName = "string",
        Conditions = new[]
        {
            new AliCloud.Dcdn.Inputs.WafRuleConditionArgs
            {
                Key = "string",
                OpValue = "string",
                SubKey = "string",
                Values = "string",
            },
        },
        Action = "string",
        Effect = "string",
        OtherRegionList = "string",
        CnRegionList = "string",
        RateLimit = new AliCloud.Dcdn.Inputs.WafRuleRateLimitArgs
        {
            Interval = 0,
            Status = new AliCloud.Dcdn.Inputs.WafRuleRateLimitStatusArgs
            {
                Code = "string",
                Count = 0,
                Ratio = 0,
            },
            SubKey = "string",
            Target = "string",
            Threshold = 0,
            Ttl = 0,
        },
        RegularRules = new[]
        {
            "string",
        },
        RegularTypes = new[]
        {
            "string",
        },
        RemoteAddrs = new[]
        {
            "string",
        },
        CcStatus = "string",
        Scenes = new[]
        {
            "string",
        },
        Status = "string",
        WafGroupIds = "string",
    });
    
    example, err := dcdn.NewWafRule(ctx, "wafRuleResource", &dcdn.WafRuleArgs{
    	PolicyId: pulumi.String("string"),
    	RuleName: pulumi.String("string"),
    	Conditions: dcdn.WafRuleConditionArray{
    		&dcdn.WafRuleConditionArgs{
    			Key:     pulumi.String("string"),
    			OpValue: pulumi.String("string"),
    			SubKey:  pulumi.String("string"),
    			Values:  pulumi.String("string"),
    		},
    	},
    	Action:          pulumi.String("string"),
    	Effect:          pulumi.String("string"),
    	OtherRegionList: pulumi.String("string"),
    	CnRegionList:    pulumi.String("string"),
    	RateLimit: &dcdn.WafRuleRateLimitArgs{
    		Interval: pulumi.Int(0),
    		Status: &dcdn.WafRuleRateLimitStatusArgs{
    			Code:  pulumi.String("string"),
    			Count: pulumi.Int(0),
    			Ratio: pulumi.Int(0),
    		},
    		SubKey:    pulumi.String("string"),
    		Target:    pulumi.String("string"),
    		Threshold: pulumi.Int(0),
    		Ttl:       pulumi.Int(0),
    	},
    	RegularRules: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	RegularTypes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	RemoteAddrs: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	CcStatus: pulumi.String("string"),
    	Scenes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Status:      pulumi.String("string"),
    	WafGroupIds: pulumi.String("string"),
    })
    
    var wafRuleResource = new WafRule("wafRuleResource", WafRuleArgs.builder()
        .policyId("string")
        .ruleName("string")
        .conditions(WafRuleConditionArgs.builder()
            .key("string")
            .opValue("string")
            .subKey("string")
            .values("string")
            .build())
        .action("string")
        .effect("string")
        .otherRegionList("string")
        .cnRegionList("string")
        .rateLimit(WafRuleRateLimitArgs.builder()
            .interval(0)
            .status(WafRuleRateLimitStatusArgs.builder()
                .code("string")
                .count(0)
                .ratio(0)
                .build())
            .subKey("string")
            .target("string")
            .threshold(0)
            .ttl(0)
            .build())
        .regularRules("string")
        .regularTypes("string")
        .remoteAddrs("string")
        .ccStatus("string")
        .scenes("string")
        .status("string")
        .wafGroupIds("string")
        .build());
    
    waf_rule_resource = alicloud.dcdn.WafRule("wafRuleResource",
        policy_id="string",
        rule_name="string",
        conditions=[{
            "key": "string",
            "op_value": "string",
            "sub_key": "string",
            "values": "string",
        }],
        action="string",
        effect="string",
        other_region_list="string",
        cn_region_list="string",
        rate_limit={
            "interval": 0,
            "status": {
                "code": "string",
                "count": 0,
                "ratio": 0,
            },
            "sub_key": "string",
            "target": "string",
            "threshold": 0,
            "ttl": 0,
        },
        regular_rules=["string"],
        regular_types=["string"],
        remote_addrs=["string"],
        cc_status="string",
        scenes=["string"],
        status="string",
        waf_group_ids="string")
    
    const wafRuleResource = new alicloud.dcdn.WafRule("wafRuleResource", {
        policyId: "string",
        ruleName: "string",
        conditions: [{
            key: "string",
            opValue: "string",
            subKey: "string",
            values: "string",
        }],
        action: "string",
        effect: "string",
        otherRegionList: "string",
        cnRegionList: "string",
        rateLimit: {
            interval: 0,
            status: {
                code: "string",
                count: 0,
                ratio: 0,
            },
            subKey: "string",
            target: "string",
            threshold: 0,
            ttl: 0,
        },
        regularRules: ["string"],
        regularTypes: ["string"],
        remoteAddrs: ["string"],
        ccStatus: "string",
        scenes: ["string"],
        status: "string",
        wafGroupIds: "string",
    });
    
    type: alicloud:dcdn:WafRule
    properties:
        action: string
        ccStatus: string
        cnRegionList: string
        conditions:
            - key: string
              opValue: string
              subKey: string
              values: string
        effect: string
        otherRegionList: string
        policyId: string
        rateLimit:
            interval: 0
            status:
                code: string
                count: 0
                ratio: 0
            subKey: string
            target: string
            threshold: 0
            ttl: 0
        regularRules:
            - string
        regularTypes:
            - string
        remoteAddrs:
            - string
        ruleName: string
        scenes:
            - string
        status: string
        wafGroupIds: string
    

    WafRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The WafRule resource accepts the following input properties:

    PolicyId string
    The protection policy ID.
    RuleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    Action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    CcStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    CnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    Conditions List<Pulumi.AliCloud.Dcdn.Inputs.WafRuleCondition>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    Effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    OtherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    RateLimit Pulumi.AliCloud.Dcdn.Inputs.WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    RegularRules List<string>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    RegularTypes List<string>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    RemoteAddrs List<string>
    Filter by IP address.
    Scenes List<string>
    The types of the protection policies.
    Status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    WafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    PolicyId string
    The protection policy ID.
    RuleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    Action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    CcStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    CnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    Conditions []WafRuleConditionArgs
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    Effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    OtherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    RateLimit WafRuleRateLimitArgs
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    RegularRules []string
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    RegularTypes []string
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    RemoteAddrs []string
    Filter by IP address.
    Scenes []string
    The types of the protection policies.
    Status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    WafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    policyId String
    The protection policy ID.
    ruleName String
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    action String
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus String
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList String
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions List<WafRuleCondition>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    effect String
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    otherRegionList String
    Blocked regions outside the Chinese mainland, separated by commas (,).
    rateLimit WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules List<String>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes List<String>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs List<String>
    Filter by IP address.
    scenes List<String>
    The types of the protection policies.
    status String
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds String
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    policyId string
    The protection policy ID.
    ruleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions WafRuleCondition[]
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    otherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    rateLimit WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules string[]
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes string[]
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs string[]
    Filter by IP address.
    scenes string[]
    The types of the protection policies.
    status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    policy_id str
    The protection policy ID.
    rule_name str
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    action str
    Specifies the action of the rule. Valid values: block, monitor, js.
    cc_status str
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cn_region_list str
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions Sequence[WafRuleConditionArgs]
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    effect str
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    other_region_list str
    Blocked regions outside the Chinese mainland, separated by commas (,).
    rate_limit WafRuleRateLimitArgs
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regular_rules Sequence[str]
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regular_types Sequence[str]
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remote_addrs Sequence[str]
    Filter by IP address.
    scenes Sequence[str]
    The types of the protection policies.
    status str
    The status of the waf rule. Valid values: on and off. Default value: on.
    waf_group_ids str
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    policyId String
    The protection policy ID.
    ruleName String
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    action String
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus String
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList String
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions List<Property Map>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    effect String
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    otherRegionList String
    Blocked regions outside the Chinese mainland, separated by commas (,).
    rateLimit Property Map
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules List<String>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes List<String>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs List<String>
    Filter by IP address.
    scenes List<String>
    The types of the protection policies.
    status String
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds String
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the WafRule resource produces the following output properties:

    DefenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    GmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    Id string
    The provider-assigned unique ID for this managed resource.
    DefenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    GmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    Id string
    The provider-assigned unique ID for this managed resource.
    defenseScene String
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    gmtModified String
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    id String
    The provider-assigned unique ID for this managed resource.
    defenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    gmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    id string
    The provider-assigned unique ID for this managed resource.
    defense_scene str
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    gmt_modified str
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    id str
    The provider-assigned unique ID for this managed resource.
    defenseScene String
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    gmtModified String
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing WafRule Resource

    Get an existing WafRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: WafRuleState, opts?: CustomResourceOptions): WafRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            cc_status: Optional[str] = None,
            cn_region_list: Optional[str] = None,
            conditions: Optional[Sequence[WafRuleConditionArgs]] = None,
            defense_scene: Optional[str] = None,
            effect: Optional[str] = None,
            gmt_modified: Optional[str] = None,
            other_region_list: Optional[str] = None,
            policy_id: Optional[str] = None,
            rate_limit: Optional[WafRuleRateLimitArgs] = None,
            regular_rules: Optional[Sequence[str]] = None,
            regular_types: Optional[Sequence[str]] = None,
            remote_addrs: Optional[Sequence[str]] = None,
            rule_name: Optional[str] = None,
            scenes: Optional[Sequence[str]] = None,
            status: Optional[str] = None,
            waf_group_ids: Optional[str] = None) -> WafRule
    func GetWafRule(ctx *Context, name string, id IDInput, state *WafRuleState, opts ...ResourceOption) (*WafRule, error)
    public static WafRule Get(string name, Input<string> id, WafRuleState? state, CustomResourceOptions? opts = null)
    public static WafRule get(String name, Output<String> id, WafRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    CcStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    CnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    Conditions List<Pulumi.AliCloud.Dcdn.Inputs.WafRuleCondition>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    DefenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    Effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    GmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    OtherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    PolicyId string
    The protection policy ID.
    RateLimit Pulumi.AliCloud.Dcdn.Inputs.WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    RegularRules List<string>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    RegularTypes List<string>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    RemoteAddrs List<string>
    Filter by IP address.
    RuleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    Scenes List<string>
    The types of the protection policies.
    Status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    WafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    Action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    CcStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    CnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    Conditions []WafRuleConditionArgs
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    DefenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    Effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    GmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    OtherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    PolicyId string
    The protection policy ID.
    RateLimit WafRuleRateLimitArgs
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    RegularRules []string
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    RegularTypes []string
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    RemoteAddrs []string
    Filter by IP address.
    RuleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    Scenes []string
    The types of the protection policies.
    Status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    WafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    action String
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus String
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList String
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions List<WafRuleCondition>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    defenseScene String
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    effect String
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    gmtModified String
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    otherRegionList String
    Blocked regions outside the Chinese mainland, separated by commas (,).
    policyId String
    The protection policy ID.
    rateLimit WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules List<String>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes List<String>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs List<String>
    Filter by IP address.
    ruleName String
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    scenes List<String>
    The types of the protection policies.
    status String
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds String
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    action string
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus string
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList string
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions WafRuleCondition[]
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    defenseScene string
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    effect string
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    gmtModified string
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    otherRegionList string
    Blocked regions outside the Chinese mainland, separated by commas (,).
    policyId string
    The protection policy ID.
    rateLimit WafRuleRateLimit
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules string[]
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes string[]
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs string[]
    Filter by IP address.
    ruleName string
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    scenes string[]
    The types of the protection policies.
    status string
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds string
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    action str
    Specifies the action of the rule. Valid values: block, monitor, js.
    cc_status str
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cn_region_list str
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions Sequence[WafRuleConditionArgs]
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    defense_scene str
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    effect str
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    gmt_modified str
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    other_region_list str
    Blocked regions outside the Chinese mainland, separated by commas (,).
    policy_id str
    The protection policy ID.
    rate_limit WafRuleRateLimitArgs
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regular_rules Sequence[str]
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regular_types Sequence[str]
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remote_addrs Sequence[str]
    Filter by IP address.
    rule_name str
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    scenes Sequence[str]
    The types of the protection policies.
    status str
    The status of the waf rule. Valid values: on and off. Default value: on.
    waf_group_ids str
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.
    action String
    Specifies the action of the rule. Valid values: block, monitor, js.
    ccStatus String
    Specifies whether to enable rate limiting. Valid values: on and off. NOTE: This parameter is required when policy is of type custom_acl.
    cnRegionList String
    The blocked regions in the Chinese mainland, separated by commas (,).
    conditions List<Property Map>
    Conditions that trigger the rule. See conditions below. NOTE: This parameter is required when policy is of type custom_acl or whitelist.
    defenseScene String
    The type of protection policy. The following scenarios are supported:-waf_group:Web basic protection-custom_acl: Custom protection policy-whitelist: whitelist
    effect String
    The effective scope of the rate limiting blacklist. If you set ccStatus to on, you must configure this parameter. Valid values: rule (takes effect for the current rule) and service (takes effect globally).
    gmtModified String
    Revised the time. The date format is based on ISO8601 notation and uses UTC +0 time in the format of yyyy-MM-ddTHH:mm:ssZ.
    otherRegionList String
    Blocked regions outside the Chinese mainland, separated by commas (,).
    policyId String
    The protection policy ID.
    rateLimit Property Map
    The rules of rate limiting. If you set cc_status to on, you must configure this parameter. See rate_limit below.
    regularRules List<String>
    The regular expression.e, when waf_group appears in tags, this value can be filled in, and only one list of six digits in string format can appear with regultypes.
    regularTypes List<String>
    Regular rule type, when waf_group appears in tags, this value can be filled in, optional values:["sqli", "xss", "code_exec", "crlf", "lfileii", "rfileii", "webshell", "vvip", "other"]
    remoteAddrs List<String>
    Filter by IP address.
    ruleName String
    The name of the protection rule. The name can be up to 64 characters in length and can contain letters, digits, and underscores (_). NOTE: This parameter cannot be modified when policy is of type region_block.
    scenes List<String>
    The types of the protection policies.
    status String
    The status of the waf rule. Valid values: on and off. Default value: on.
    wafGroupIds String
    The id of the waf rule group. The default value is "1012". Multiple rules are separated by commas.

    Supporting Types

    WafRuleCondition, WafRuleConditionArgs

    Key string
    The match field.
    OpValue string
    The logical symbol.
    SubKey string
    The match subfield.
    Values string
    The match content. Separate multiple values with commas (,).
    Key string
    The match field.
    OpValue string
    The logical symbol.
    SubKey string
    The match subfield.
    Values string
    The match content. Separate multiple values with commas (,).
    key String
    The match field.
    opValue String
    The logical symbol.
    subKey String
    The match subfield.
    values String
    The match content. Separate multiple values with commas (,).
    key string
    The match field.
    opValue string
    The logical symbol.
    subKey string
    The match subfield.
    values string
    The match content. Separate multiple values with commas (,).
    key str
    The match field.
    op_value str
    The logical symbol.
    sub_key str
    The match subfield.
    values str
    The match content. Separate multiple values with commas (,).
    key String
    The match field.
    opValue String
    The logical symbol.
    subKey String
    The match subfield.
    values String
    The match content. Separate multiple values with commas (,).

    WafRuleRateLimit, WafRuleRateLimitArgs

    Interval int
    Statistical duration, 5-1800.
    Status Pulumi.AliCloud.Dcdn.Inputs.WafRuleRateLimitStatus
    Response code statistics. See status below.
    SubKey string
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    Target string
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    Threshold int
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    Ttl int
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.
    Interval int
    Statistical duration, 5-1800.
    Status WafRuleRateLimitStatus
    Response code statistics. See status below.
    SubKey string
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    Target string
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    Threshold int
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    Ttl int
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.
    interval Integer
    Statistical duration, 5-1800.
    status WafRuleRateLimitStatus
    Response code statistics. See status below.
    subKey String
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    target String
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    threshold Integer
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    ttl Integer
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.
    interval number
    Statistical duration, 5-1800.
    status WafRuleRateLimitStatus
    Response code statistics. See status below.
    subKey string
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    target string
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    threshold number
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    ttl number
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.
    interval int
    Statistical duration, 5-1800.
    status WafRuleRateLimitStatus
    Response code statistics. See status below.
    sub_key str
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    target str
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    threshold int
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    ttl int
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.
    interval Number
    Statistical duration, 5-1800.
    status Property Map
    Response code statistics. See status below.
    subKey String
    The subfield of the target field. If you set target to Header, Query String Parameter, or Cookie Name, you must configure sub_key.
    target String
    The statistical field for frequency control. Currently, IP, Header, Query String Parameter, Cookie Name, Session is supported.
    threshold Number
    The trigger threshold of rate limiting. Valid values: 2 to 500000. Unit: requests.
    ttl Number
    The validity period of the blacklist. Valid values: 60 to 86400. Unit: seconds.

    WafRuleRateLimitStatus, WafRuleRateLimitStatusArgs

    Code string
    The HTTP status code returned.
    Count int
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    Ratio int
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.
    Code string
    The HTTP status code returned.
    Count int
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    Ratio int
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.
    code String
    The HTTP status code returned.
    count Integer
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    ratio Integer
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.
    code string
    The HTTP status code returned.
    count number
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    ratio number
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.
    code str
    The HTTP status code returned.
    count int
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    ratio int
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.
    code String
    The HTTP status code returned.
    count Number
    The number of times that the HTTP status code that was returned. Valid values: 2 to 50000. You can configure only one of the ratio and count fields.
    ratio Number
    The percentage of HTTP status codes. Valid values: 1 to 100. You can configure only one of the ratio and count fields.

    Import

    Dcdn Waf Rule can be imported using the id, e.g.

    $ pulumi import alicloud:dcdn/wafRule:WafRule example <id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi