From 9613f00d60b1bfcc9b78e55ccab0b69d7fd014dc Mon Sep 17 00:00:00 2001
From: SevenEarth <391613297@qq.com>
Date: Wed, 12 Nov 2025 19:56:14 +0800
Subject: [PATCH 1/2] add
---
go.mod | 4 +-
go.sum | 4 +
tencentcloud/provider.go | 2 +
tencentcloud/provider.md | 2 +
...ta_source_tc_teo_web_security_templates.go | 176 +
...ta_source_tc_teo_web_security_templates.md | 11 +
...urce_tc_teo_web_security_templates_test.go | 33 +
.../resource_tc_teo_web_security_template.go | 18423 ++++++++++++++++
.../resource_tc_teo_web_security_template.md | 249 +
...ource_tc_teo_web_security_template_test.go | 237 +
.../services/teo/service_tencentcloud_teo.go | 130 +
.../tencentcloud/common/http/request.go | 2 +-
.../tencentcloud/teo/v20220901/client.go | 156 +-
.../tencentcloud/teo/v20220901/errors.go | 2 +-
.../tencentcloud/teo/v20220901/models.go | 810 +-
vendor/modules.txt | 4 +-
.../teo_web_security_templates.html.markdown | 47 +
.../r/teo_web_security_template.html.markdown | 2127 ++
website/tencentcloud.erb | 6 +
19 files changed, 22278 insertions(+), 147 deletions(-)
create mode 100644 tencentcloud/services/teo/data_source_tc_teo_web_security_templates.go
create mode 100644 tencentcloud/services/teo/data_source_tc_teo_web_security_templates.md
create mode 100644 tencentcloud/services/teo/data_source_tc_teo_web_security_templates_test.go
create mode 100644 tencentcloud/services/teo/resource_tc_teo_web_security_template.go
create mode 100644 tencentcloud/services/teo/resource_tc_teo_web_security_template.md
create mode 100644 tencentcloud/services/teo/resource_tc_teo_web_security_template_test.go
create mode 100644 website/docs/d/teo_web_security_templates.html.markdown
create mode 100644 website/docs/r/teo_web_security_template.html.markdown
diff --git a/go.mod b/go.mod
index 3980ad52a8..64c0222ba0 100644
--- a/go.mod
+++ b/go.mod
@@ -46,7 +46,7 @@ require (
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1107
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.1033
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.1148
- github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50
+ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.52
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.1206
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cwp v1.0.762
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.1161
@@ -90,7 +90,7 @@ require (
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdcpg v1.0.533
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.955
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578
- github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.36
+ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.52
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/trocket v1.1.0
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse v1.0.857
diff --git a/go.sum b/go.sum
index 9c0b84951a..b074930462 100644
--- a/go.sum
+++ b/go.sum
@@ -981,6 +981,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50 h1:wZGiU
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.49 h1:BQwUw2V21zIRJxstnaxtG/22lBL3+FbUgWhaC6Qd9ws=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.49/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.52 h1:GtExKpiqbmmOq9ojeBYR6M1vgVL27s14GIDkjmgAX8A=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.52/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993 h1:WlPgXldQCxt7qi5Xrc6j6zTrsXWzN5BcOGs7Irq7fwQ=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/controlcenter v1.0.993/go.mod h1:Z9U8zNtyuyKhjS0698wqsrG/kLx1TQ5CEixXBwVe7xY=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/csip v1.0.860 h1:F3esKBIT3HW9+7Gt8cVgf8X06VdGIczpgLBUECzSEzU=
@@ -1102,6 +1104,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.27 h1:vcQitUad
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.27/go.mod h1:2+6+xYfcJa8mO8tMljGjGCvhluPGjhRhlIv1jZK6y6c=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.36 h1:BTtKtN6YumpmOinUGQQI0o51VHucvszxbV7NRzeNUFs=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.36/go.mod h1:eGP3bdq20leDIC2Wrv+EpDDNRxHnGI16jPr6uRZvwDE=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.52 h1:U+hI6GXlLkbvsjXohwm2bISAE1tyo9bwaCnCvTSeszQ=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.52/go.mod h1:FHaE/Z/HZWFDSgjb1CJQ/Xe1ENNvaclvzkO9Yfz4XDw=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/thpc v1.0.998 h1:f4/n0dVKQTD06xJ84B5asHViNJHrZmGojdAWEPIsITM=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/thpc v1.0.998/go.mod h1:fyi/HUwCwVe2NCCCjz8k/C5GwPu3QazCZO+OBJ3MhLk=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tke v1.1.14 h1:Us7MGqMmPdyAQL5jSQPuS4t3Yq5rbVdLP+/rtgEJnRs=
diff --git a/tencentcloud/provider.go b/tencentcloud/provider.go
index 0448afafc3..f62e88b9e1 100644
--- a/tencentcloud/provider.go
+++ b/tencentcloud/provider.go
@@ -915,6 +915,7 @@ func Provider() *schema.Provider {
"tencentcloud_teo_zones": teo.DataSourceTencentCloudTeoZones(),
"tencentcloud_teo_plans": teo.DataSourceTencentCloudTeoPlans(),
"tencentcloud_teo_origin_acl": teo.DataSourceTencentCloudTeoOriginAcl(),
+ "tencentcloud_teo_web_security_templates": teo.DataSourceTencentCloudTeoWebSecurityTemplates(),
"tencentcloud_sts_caller_identity": sts.DataSourceTencentCloudStsCallerIdentity(),
"tencentcloud_dcdb_instances": dcdb.DataSourceTencentCloudDcdbInstances(),
"tencentcloud_dcdb_accounts": dcdb.DataSourceTencentCloudDcdbAccounts(),
@@ -1955,6 +1956,7 @@ func Provider() *schema.Provider {
"tencentcloud_teo_customize_error_page": teo.ResourceTencentCloudTeoCustomizeErrorPage(),
"tencentcloud_teo_origin_acl": teo.ResourceTencentCloudTeoOriginAcl(),
"tencentcloud_teo_ddos_protection_config": teo.ResourceTencentCloudTeoDdosProtectionConfig(),
+ "tencentcloud_teo_web_security_template": teo.ResourceTencentCloudTeoWebSecurityTemplate(),
"tencentcloud_tcm_mesh": tcm.ResourceTencentCloudTcmMesh(),
"tencentcloud_tcm_cluster_attachment": tcm.ResourceTencentCloudTcmClusterAttachment(),
"tencentcloud_tcm_prometheus_attachment": tcm.ResourceTencentCloudTcmPrometheusAttachment(),
diff --git a/tencentcloud/provider.md b/tencentcloud/provider.md
index 0b6d032f1b..63411f881d 100644
--- a/tencentcloud/provider.md
+++ b/tencentcloud/provider.md
@@ -1495,6 +1495,7 @@ tencentcloud_teo_rule_engine_settings
tencentcloud_teo_zones
tencentcloud_teo_plans
tencentcloud_teo_origin_acl
+tencentcloud_teo_web_security_templates
Resource
tencentcloud_teo_zone
@@ -1524,6 +1525,7 @@ tencentcloud_teo_content_identifier
tencentcloud_teo_customize_error_page
tencentcloud_teo_origin_acl
tencentcloud_teo_ddos_protection_config
+tencentcloud_teo_web_security_template
TencentCloud ServiceMesh(TCM)
Data Source
diff --git a/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.go b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.go
new file mode 100644
index 0000000000..ea0eed56a4
--- /dev/null
+++ b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.go
@@ -0,0 +1,176 @@
+package teo
+
+import (
+ "context"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ teov20220901 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901"
+
+ tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func DataSourceTencentCloudTeoWebSecurityTemplates() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceTencentCloudTeoWebSecurityTemplatesRead,
+ Schema: map[string]*schema.Schema{
+ "zone_ids": {
+ Type: schema.TypeSet,
+ Required: true,
+ Description: "List of zone IDs. A maximum of 100 zones can be queried in a single request.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+
+ "security_policy_templates": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "List of policy templates.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "zone_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The zone ID to which the policy template belongs.",
+ },
+ "template_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Policy template ID.",
+ },
+ "template_name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The name of the policy template.",
+ },
+ "bind_domains": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "Information about domains bound to the policy template.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "domain": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Domain name.",
+ },
+ "zone_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Zone ID to which the domain belongs.",
+ },
+ "status": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Binding status. valid values:. \n`process`: binding in progress\n`online`: binding succeeded.\n`fail`: binding failed..",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ "result_output_file": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Used to save results.",
+ },
+ },
+ }
+}
+
+func dataSourceTencentCloudTeoWebSecurityTemplatesRead(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("data_source.tencentcloud_teo_web_security_templates.read")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ var (
+ logId = tccommon.GetLogId(nil)
+ ctx = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+ service = TeoService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+ )
+
+ paramMap := make(map[string]interface{})
+ if v, ok := d.GetOk("zone_ids"); ok {
+ zoneIdsList := []*string{}
+ zoneIdsSet := v.(*schema.Set).List()
+ for i := range zoneIdsSet {
+ zoneIds := zoneIdsSet[i].(string)
+ zoneIdsList = append(zoneIdsList, helper.String(zoneIds))
+ }
+
+ paramMap["ZoneIds"] = zoneIdsList
+ }
+
+ var respData []*teov20220901.SecurityPolicyTemplateInfo
+ reqErr := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+ result, e := service.DescribeTeoWebSecurityTemplatesByFilter(ctx, paramMap)
+ if e != nil {
+ return tccommon.RetryError(e)
+ }
+
+ respData = result
+ return nil
+ })
+
+ if reqErr != nil {
+ return reqErr
+ }
+
+ securityPolicyTemplatesList := make([]map[string]interface{}, 0, len(respData))
+ if respData != nil {
+ for _, securityPolicyTemplates := range respData {
+ securityPolicyTemplatesMap := map[string]interface{}{}
+ if securityPolicyTemplates.ZoneId != nil {
+ securityPolicyTemplatesMap["zone_id"] = securityPolicyTemplates.ZoneId
+ }
+
+ if securityPolicyTemplates.TemplateId != nil {
+ securityPolicyTemplatesMap["template_id"] = securityPolicyTemplates.TemplateId
+ }
+
+ if securityPolicyTemplates.TemplateName != nil {
+ securityPolicyTemplatesMap["template_name"] = securityPolicyTemplates.TemplateName
+ }
+
+ bindDomainsList := make([]map[string]interface{}, 0, len(securityPolicyTemplates.BindDomains))
+ if securityPolicyTemplates.BindDomains != nil {
+ for _, bindDomains := range securityPolicyTemplates.BindDomains {
+ bindDomainsMap := map[string]interface{}{}
+
+ if bindDomains.Domain != nil {
+ bindDomainsMap["domain"] = bindDomains.Domain
+ }
+
+ if bindDomains.ZoneId != nil {
+ bindDomainsMap["zone_id"] = bindDomains.ZoneId
+ }
+
+ if bindDomains.Status != nil {
+ bindDomainsMap["status"] = bindDomains.Status
+ }
+
+ bindDomainsList = append(bindDomainsList, bindDomainsMap)
+ }
+
+ securityPolicyTemplatesMap["bind_domains"] = bindDomainsList
+ }
+
+ securityPolicyTemplatesList = append(securityPolicyTemplatesList, securityPolicyTemplatesMap)
+ }
+
+ _ = d.Set("security_policy_templates", securityPolicyTemplatesList)
+ }
+
+ d.SetId(helper.BuildToken())
+ output, ok := d.GetOk("result_output_file")
+ if ok && output.(string) != "" {
+ if e := tccommon.WriteToFile(output.(string), securityPolicyTemplatesList); e != nil {
+ return e
+ }
+ }
+
+ return nil
+}
diff --git a/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.md b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.md
new file mode 100644
index 0000000000..9bddb6190a
--- /dev/null
+++ b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates.md
@@ -0,0 +1,11 @@
+Use this data source to query detailed information of TEO web security templates
+
+Example Usage
+
+```hcl
+data "tencentcloud_teo_web_security_templates" "example" {
+ zone_ids = [
+ "zone-3fkff38fyw8s",
+ ]
+}
+```
diff --git a/tencentcloud/services/teo/data_source_tc_teo_web_security_templates_test.go b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates_test.go
new file mode 100644
index 0000000000..5aa484abb5
--- /dev/null
+++ b/tencentcloud/services/teo/data_source_tc_teo_web_security_templates_test.go
@@ -0,0 +1,33 @@
+package teo_test
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+ tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudTeoWebSecurityTemplatesDataSource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ tcacctest.AccPreCheck(t)
+ },
+ Providers: tcacctest.AccProviders,
+ Steps: []resource.TestStep{{
+ Config: testAccTeoWebSecurityTemplatesDataSource,
+ Check: resource.ComposeTestCheckFunc(
+ tcacctest.AccCheckTencentCloudDataSourceID("data.tencentcloud_teo_web_security_templates.example"),
+ ),
+ }},
+ })
+}
+
+const testAccTeoWebSecurityTemplatesDataSource = `
+data "tencentcloud_teo_web_security_templates" "example" {
+ zone_ids = [
+ "zone-3fkff38fyw8s",
+ ]
+}
+`
diff --git a/tencentcloud/services/teo/resource_tc_teo_web_security_template.go b/tencentcloud/services/teo/resource_tc_teo_web_security_template.go
new file mode 100644
index 0000000000..4b76a82fd0
--- /dev/null
+++ b/tencentcloud/services/teo/resource_tc_teo_web_security_template.go
@@ -0,0 +1,18423 @@
+package teo
+
+import (
+ "context"
+ "fmt"
+ "log"
+ "strings"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ teov20220901 "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901"
+
+ tccommon "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/common"
+ "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func ResourceTencentCloudTeoWebSecurityTemplate() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceTencentCloudTeoWebSecurityTemplateCreate,
+ Read: resourceTencentCloudTeoWebSecurityTemplateRead,
+ Update: resourceTencentCloudTeoWebSecurityTemplateUpdate,
+ Delete: resourceTencentCloudTeoWebSecurityTemplateDelete,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+ Schema: map[string]*schema.Schema{
+ "zone_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ Description: "Zone ID. Explicitly identifies the zone to which the policy template belongs for access control purposes.",
+ },
+
+ "template_name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Policy template name. Composed of Chinese characters, letters, digits, and underscores. Cannot begin with an underscore and must be less than or equal to 32 characters.",
+ },
+
+ "security_policy": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Web security policy template configuration. Generates default config if empty. Supported: Exception rules, custom rules, rate limiting rules, managed rules. Not supported: Bot management rules (under development).",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "custom_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Custom rules. If the parameter is null or not filled, the configuration last set will be used by default.\nNote: This field may return null, indicating that no valid value can be obtained.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "The custom rule.
when modifying the Web protection configuration using ModifySecurityPolicy:
- if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations.
- if the Rules parameter is not specified: keep the existing custom rule configuration without modification.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The custom rule name.",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The specifics of the custom rule, must comply with the expression grammar, please refer to product documentation for details.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Required: true,
+ MaxItems: 1,
+ Description: "Action for custom rules. The Name parameter of SecurityAction supports: `Deny`: block; `Monitor`: observe; `ReturnCustomPage`: block with customized page; `Redirect`: Redirect to URL; `BlockIP`: IP blocking; `JSChallenge`: JavaScript challenge; `ManagedChallenge`: managed challenge; `Allow`: Allow..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.", Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The custom rule status. Values: `on`: enabled `off`: disabled.",
+ },
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Custom rule ID.
Different rule configuration operations are supported by rule ID:
Add a new rule: ID is empty or the ID parameter is not specified;
Modify an existing rule: specify the rule ID that needs to be updated/modified;
Delete an existing rule: existing rules not included in the Rules parameter will be deleted.",
+ },
+ "rule_type": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Type of custom rule. Values: `BasicAccessRule`: basic access control; `PreciseMatchRule`: exact custom rule, default; `ManagedAccessRule`: expert customized rule, output parameter only.The default value is PreciseMatchRule.",
+ },
+ "priority": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Customize the priority of custom rule. Range: 0-100, the default value is 0, this parameter only supports PreciseMatchRule.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "managed_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Managed. If the parameter is null or not filled, the configuration last set will be used by default.\nNote: This field may return null, indicating that no valid value can be obtained.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The managed rule status. Values: `on`: enabled, all managed rules take effect as configured; `off`: disabled, all managed rules do not take effect..",
+ },
+ "detection_only": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Evaluation mode is enabled or not, it is valid only when the `Enabled` parameter is set to `on`. Values: `on`: enabled, all managed rules take effect in `observe` mode. off: disabled, all managed rules take effect according to the specified configuration..",
+ },
+ "semantic_analysis": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Managed rule semantic analysis is enabled or not, it is valid only when the `Enabled` parameter is `on`. Values: `on`: enabled, perform semantic analysis before processing requests; `off`: disabled, process requests directly without semantic analysis.
The default value is `off`.",
+ },
+ "auto_update": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Managed rule automatic update option.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "auto_update_to_latest_version": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Enable automatic update to the latest version or not. Values: `on`: enabled `off`: disabled.",
+ },
+ "ruleset_version": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Current version, compliant with ISO 8601 standard format, such as 2023-12-21T12:00:32Z, empty by default, output parameter only.",
+ },
+ },
+ },
+ },
+ "managed_rule_groups": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Configuration of the managed rule group. If this structure is passed as an empty array or the GroupId is not included in the array, it will be processed based by default.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "group_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Name of the managed rule group, if the configuration for the rule group is not specified, it will be processed by default, refer to product documentation for the specific value of GroupId.",
+ },
+ "sensitivity_level": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Protection level of the managed rule group. Values: `loose`: lenient, only contain ultra-high risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `normal`: normal, contain ultra-high risk and high-risk rules, at this point,Action parameter needs configured instead of RuleActions parameter; `strict`: strict, contains ultra-high risk, high-risk and medium-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `extreme`: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `custom`: custom, refined strategy, configure the RuleActions parameter for each individual rule, at this point, the Action field is invalid, use RuleActions to configure the refined strategy for each individual rule..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Required: true,
+ MaxItems: 1,
+ Description: "Action for ManagedRuleGroup. the Name parameter value of SecurityAction supports: `Deny`: block and respond with a block page; `Monitor`: observe, do not process requests and record security events in logs; `Disabled`: not enabled, do not scan requests and skip this rule..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "rule_actions": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Specific configuration of rule items under the managed rule group, valid only when SensitivityLevel is custom.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rule_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specific items under ManagedRuleGroup, used to rewrite the configuration of this individual rule item, refer to product documentation for details.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Required: true,
+ MaxItems: 1,
+ Description: "Action for the managed rule item specified by RuleId, the SecurityAction Name parameter supports: `Deny`: block and respond with an block page; `Monitor`: observe, do not process the request and record the security event in logs; `Disabled`: disabled, do not scan the request and skip this rule..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "meta_data": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "ManagedRuleGroup detailed information, output parameter only.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "group_detail": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "ManagedRuleGroup detailed information, output parameter only.",
+ },
+ "group_name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "ManagedRuleGroup name, output parameter only.",
+ },
+ "rule_details": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "All sub-rules information under current ManagedRuleGroup, output parameter only.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rule_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Managed rule Id.",
+ },
+ "risk_level": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Protection level of managed rules. Values: `low`: low risk, this rule has a relatively low risk and is applicable to very strict access scenarios, this level of rule may generate considerable false alarms. `medium`: medium risk, this means the risk of this rule is normal and is suitable for protection scenarios with stricter requirements. `high`: high risk, this indicates that the risk of this rule is relatively high and will not generate false alarms in most scenarios. `extreme`: ultra-high risk. this represents that the risk of this rule is extremely high and will not generate false alarms basically..",
+ },
+ "description": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Rule description.",
+ },
+ "tags": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Rule tag. Some types of rules do not have tags.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "rule_version": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Rule version.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "frequent_scanning_protection": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "High-Frequency scan protection configuration option. when a visitor's frequent requests hit the managed rule configured as block within a period of time, all requests from that visitor are blocked.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether the high-frequency scan protection rule is enabled. valid values: on: enable. the high-frequency scan protection rule takes effect.off: disable. the high-frequency scan protection rule does not take effect..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The handling action for high-frequency scan protection. required when Enabled is on. valid values for SecurityAction Name: Deny: block and respond with an interception page; Monitor: observe without processing requests, log security events in logs; JSChallenge: respond with a JavaScript challenge page..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "count_by": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The match mode for request statistics. required when Enabled is on. valid values: http.request.xff_header_ip: client ip (priority match xff header);http.request.ip: client ip..",
+ },
+ "block_threshold": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "This parameter specifies the threshold for high-frequency scan protection, which is the intercept count of managed rules set to interception within the time range set by CountingPeriod. value range: 1 to 4294967294, for example 100. when exceeding this statistical value, subsequent requests will trigger the handling Action set by Action. required when Enabled is on.",
+ },
+ "counting_period": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "This parameter specifies the statistical time window for high-frequency scan protection, which is the time window for counting requests that hit managed rules configured as block. valid values: 5-1800. measurement unit: seconds (s) only, such as 5s. this field is required when Enabled is on.",
+ },
+ "action_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "This parameter specifies the duration of the handling Action set by the high frequency scan protection Action parameter. value range: 60 to 86400. measurement unit: seconds (s) only, for example 60s. this field is required when Enabled is on.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "http_ddos_protection": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "HTTP DDOS protection configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "adaptive_frequency_control": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the specific configuration of adaptive frequency control.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Whether adaptive frequency control is enabled. valid values: on: enable; off: disable..",
+ },
+ "sensitivity": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The restriction level of adaptive frequency control. required when Enabled is on. valid values: Loose: LooseModerate: ModerateStrict: Strict.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The handling method of adaptive frequency control. this field is required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "client_filtering": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the intelligent client filter configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Whether intelligent client filtering is enabled. valid values: on: enable; off: disable..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The handling method of intelligent client filtering. when Enabled is on, this field is required. the Name parameter of SecurityAction supports: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bandwidth_abuse_defense": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the specific configuration for bandwidth abuse protection.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Whether bandwidth abuse protection (applicable to chinese mainland only) is enabled. valid values: on: enabled; off: disabled..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Bandwidth abuse protection (applicable to chinese mainland) handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observe; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "slow_attack_defense": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the configuration of slow attack protection.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Whether slow attack protection is enabled. valid values: on: enabled; off: disabled..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Slow attack protection handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block;.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "minimal_request_body_transfer_rate": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The specific configuration of the minimum body transfer rate threshold is required when Enabled is on.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "minimal_avg_transfer_rate_threshold": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Minimum body transfer rate threshold, the measurement unit is only supported in bps.",
+ },
+ "counting_period": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Minimum body transfer rate statistical time range, valid values: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds..",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies whether the minimum body transfer rate threshold is enabled. valid values: on: enable; off: disable..",
+ },
+ },
+ },
+ },
+ "request_body_transfer_timeout": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the specific configuration of body transfer timeout duration. required when Enabled is on.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "idle_timeout": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Body transfer timeout duration. valid values: 5-120. measurement unit: seconds (s) only.",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Whether body transfer timeout is enabled. valid values: `on`: enable `off`: disable.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "rate_limiting_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Configures the rate limiting rule.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Definition list of precise rate limiting. when using ModifySecurityPolicy to modify the Web protection configuration:
if the Rules parameter is not specified or its length is zero: clear all precision rate limiting configurations. if the RateLimitingRules parameter value is unspecified in the SecurityPolicy parameter: retain the existing custom rule configuration without modification..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ID of precise rate limiting. rule ID supports different rule configuration operations: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the RateLimitingRules parameter will be deleted..",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the name of the precise rate limit.",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The specific content of precise speed limit shall comply with the expression syntax. for detailed specifications, see the product documentation.",
+ },
+ "count_by": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Rate threshold request feature match mode. this field is required when Enabled is on. when there are multiple conditions, composite multiple conditions will perform statistics count. the maximum number of conditions must not exceed 5. valid values: http.request.ip: client ip; http.request.xff_header_ip: client ip (priority match xff header); http.request.uri.path: request access path; http.request.cookies['session']: Cookie named session, where session can be replaced with your own specified parameter; http.request.headers['user-agent']: http header named user-agent, where user-agent can be replaced with your own specified parameter; http.request.ja3: request ja3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced with your own specified parameter..",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "max_request_threshold": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Precision rate limiting specifies the cumulative number of interceptions within the time range. value ranges from 1 to 100000.",
+ },
+ "counting_period": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time window for statistics. valid values: 1s: 1 second;5s: 5 seconds;10s: 10 seconds;20s: 20 seconds;30s: 30 seconds;40s: 40 seconds;50s: 50 seconds;1m: 1 minute;2m: 2 minutes;5m: 5 minutes;10m: 10 minutes;1h: 1 hour..",
+ },
+ "action_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The duration of an Action is only supported in the following units: s: seconds, value range 1-120; m: minutes, value range 1-120; h: hours, value range 1-48; d: days, value range 1-30..",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Precision rate limiting handling methods. valid values: Monitor: Monitor; Deny: block, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL;.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "priority": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Precision rate limiting specifies the priority. value range is 0 to 100. default is 0.",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether the precise rate limiting rule is enabled. valid values: on: enabled; off: disabled..",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "exception_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Exception rule configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Definition list of exception Rules. when using ModifySecurityPolicy to modify Web protection configuration: if the Rules parameter is not specified or the parameter length is zero: clear all exception rule configurations.if the ExceptionRules parameter value is not specified in SecurityPolicy: keep existing exception rule configurations without modification..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ID of the exception rule. different rule configuration operations are supported by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the ExceptionRules parameter will be deleted..",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The name of the exception rule.",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Describes the specific content of the exception rule, which must comply with the expression grammar. for details, please refer to the product document.",
+ },
+ "skip_scope": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Exception rule execution options, valid values: WebSecurityModules: designate the security protection module for the exception rule. ManagedRules: designate the managed rule..",
+ },
+ "skip_option": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Skip the specific type of request. valid values: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. valid only when SkipScope is ManagedRules.",
+ },
+ "web_security_modules_for_exception": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Specifies the security protection module for exception rules. valid only when SkipScope is WebSecurityModules. valid values: websec-mod-managed-rules: managed rule.websec-mod-rate-limiting: rate limit.websec-mod-custom-rules: custom rule.websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection.websec-mod-bot: bot management..",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "managed_rules_for_exception": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Specifies the managed rule for the exception rule. valid only when SkipScope is ManagedRules. cannot specify ManagedRuleGroupsForException at this time.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "managed_rule_groups_for_exception": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "A managed rule group with designated exception rules is valid only when SkipScope is ManagedRules, and at this point you cannot specify ManagedRulesForException.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "request_fields_for_exception": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Specify exception rules to skip request fields. valid only when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "scope": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Skip specific field. supported values:.\nbody.json: parameter content in json requests. at this point, Condition supports key and value, TargetField supports key and value, for example { \"Scope\": \"body.json\", \"Condition\": \"\", \"TargetField\": \"key\" }, which means all parameters in json requests skip WAF scan..\ncookie: cookie; at this point Condition supports key, value, TargetField supports key, value, for example { \"Scope\": \"cookie\", \"Condition\": \"${key} in ['account-id'] and ${value} like ['prefix-*']\", \"TargetField\": \"value\" }, which means the cookie parameter name equals account-id and the parameter value wildcard matches prefix-* to skip WAF scan;.\nheader: HTTP header parameters. at this point, Condition supports key and value, TargetField supports key and value, for example { \"Scope\": \"header\", \"Condition\": \"${key} like ['x-auth-*']\", \"TargetField\": \"value\" }, which means header parameter name wildcard match x-auth-* skips WAF scan..\nuri.query: URL encoding content/query parameter. at this point, Condition supports key and value, TargetField supports key and value. example: { \"Scope\": \"uri.query\", \"Condition\": \"${key} in ['action'] and ${value} in ['upload', 'delete']\", \"TargetField\": \"value\" }. indicates URL encoding content/query parameter name equal to action and parameter value equal to upload or delete skips WAF scan..\nuri: specifies the request path uri. at this point, Condition must be empty. TargetField supports query, path, fullpath, such as {\"Scope\": \"uri\", \"Condition\": \"\", \"TargetField\": \"query\"}, indicates the request path uri skips WAF scan for query parameters..\nbody: request body content. at this point Condition must be empty, TargetField supports fullbody, multipart, such as { \"Scope\": \"body\", \"Condition\": \"\", \"TargetField\": \"fullbody\" }, which means the request body content skips WAF scan as a full request..",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Skip specific field expression must comply with expression grammar.\nCondition supports expression configuration syntax: write according to the matching conditional expression syntax of rules, with support for referencing key and value. supports in, like operators, and logical combination with and..\nFor example: ${key} in ['x-trace-id']: the parameter name equals x-trace-id. ${key} in ['x-trace-id'] and ${value} like ['Bearer *']: the parameter name equals x-trace-id and the parameter value wildcard matches Bearer *..",
+ },
+ "target_field": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "The Scope parameter takes different values. the TargetField expression supports the following values:.\n body.json: supports key, value..\ncookie: supports key and value..\nheader: supports key, value.\n uri.query: supports key and value.\nuri. specifies path, query, or fullpath..\nBody: supports fullbody and multipart..",
+ },
+ },
+ },
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether the exception rule is enabled. valid values: `on`: enable `off`: disable.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_management": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Bot management configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether Bot management is enabled. valid values: on: enabled;off: disabled..",
+ },
+ "custom_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Bot management custom rule combines various crawlers and request behavior characteristics to accurately define bots and configure customized handling methods.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "List of Bot custom Rules. when using ModifySecurityPolicy to modify Web protection configuration:
if Rules in SecurityPolicy.BotManagement.CustomRules is not specified or parameter length of Rules is zero: clear all Bot custom rule configurations. if CustomRules in SecurityPolicy.BotManagement parameters is unspecified: keep existing Bot custom rule configurations and do not modify them..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ID of a Bot custom rule. different rule configuration operations are supported by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the BotManagementCustomRules parameter will be deleted..",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the name of the Bot custom rule.",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether the custom Bot rule is enabled. valid values: on: enabled;off: disabled..",
+ },
+ "priority": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Priority of custom Bot rules. value range: 1-100. default value is 50.",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the specific content of the Bot custom rule, which must comply with expression grammar. for detailed specifications, refer to the product document.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "The handling method for Bot custom rules. valid values: Monitor: observation;Deny: block, where DenyActionParameters.Name supports Deny and ReturnCustomPage;Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge;Redirect: Redirect to URL..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "security_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The handling method of the Bot custom rule. valid values: Allow: pass, where AllowActionParameters supports MinDelayTime and MaxDelayTime configuration; Deny: block, where DenyActionParameters supports BlockIp, ReturnCustomPage, and Stall configuration; Monitor: observation; Challenge: Challenge, where ChallengeActionParameters.ChallengeOption supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "weight": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "The Weight of the current SecurityAction, only supported between 10 and 100 and must be a multiple of 10. the total of all Weight parameters must equal 100.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "basic_bot_settings": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Bot management basic configuration. takes effect on all domains associated with the policy. can be customized through CustomRules.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "source_idc": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Client IP source IDC configuration, used for handling access requests from client ips in idcs (data centers). such source requests are not directly accessed by mobile terminals or browser-side.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "base_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Handling method for requests from the specified IDC. valid values for SecurityAction Name: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_management_action_overrides": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Specifies the handling method for the specified id request.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "ids": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Computed: true,
+ Description: "Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "search_engine_bots": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Search engine crawler configuration, used to handle requests from search engine crawlers. the IP, User-Agent, or rDNS results of such requests match known search engine crawlers.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "base_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the action for requests from search engine crawlers. valid values for SecurityAction Name: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_management_action_overrides": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Specifies the handling method for search engine crawler requests.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "ids": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "known_bot_categories": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Commercial or open-source tool UA feature configuration (original UA feature rule), used to handle access requests from known commercial or open-source tools. the User-Agent header of such requests complies with known commercial or open-source tool features.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "base_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Handling method for access requests from known commercial tools or open-source tools. specifies the Name parameter value of SecurityAction: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_management_action_overrides": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Specifies the handling method for access requests from known commercial tools or open-source tools.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "ids": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "ip_reputation": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Threat intelligence database (originally client profile analysis) configuration, used for handling client ips with specific risk characteristics in recent access behavior.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "IP intelligence library (formerly client profile analysis). valid values: on: enable; off: disable..",
+ },
+ "ip_reputation_group": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "IP intelligence library (formerly client profile analysis) configuration content.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "base_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action of the IP intelligence library (formerly client profile analysis). SecurityAction Name parameter supports: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_management_action_overrides": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "The specific configuration of the IP intelligence library (originally client profile analysis), used to override the default configuration in BaseAction. among them, the Ids in BotManagementActionOverrides can be filled with: IPREP_WEB_AND_DDOS_ATTACKERS_LOW: network attack - general confidence; IPREP_WEB_AND_DDOS_ATTACKERS_MID: network attack - medium confidence; IPREP_WEB_AND_DDOS_ATTACKERS_HIGH: network attack - HIGH confidence; IPREP_PROXIES_AND_ANONYMIZERS_LOW: network proxy - general confidence; IPREP_PROXIES_AND_ANONYMIZERS_MID: network proxy - medium confidence; IPREP_PROXIES_AND_ANONYMIZERS_HIGH: network proxy - HIGH confidence; IPREP_SCANNING_TOOLS_LOW: scanner - general confidence; IPREP_SCANNING_TOOLS_MID: scanner - medium confidence; IPREP_SCANNING_TOOLS_HIGH: scanner - HIGH confidence; IPREP_ATO_ATTACKERS_LOW: account takeover attack - general confidence; IPREP_ATO_ATTACKERS_MID: account takeover attack - medium confidence; IPREP_ATO_ATTACKERS_HIGH: account takeover attack - HIGH confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_LOW: malicious BOT - general confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_MID: malicious BOT - medium confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_HIGH: malicious BOT - HIGH confidence..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "ids": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_intelligence": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the configuration for Bot intelligent analysis.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "bot_ratings": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Based on client and request features, divides request sources into human requests, legitimate Bot requests, suspected Bot requests, and high-risk Bot requests, and provides request handling options.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "high_risk_bot_requests_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action for malicious Bot requests. valid values for the Name parameter in SecurityAction: Deny: block; Monitor: observe; Allow: pass; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "likely_bot_requests_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The execution action for suspected Bot requests. valid values for the Name parameter in SecurityAction: Deny: block; Monitor: observe; Allow: pass; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "verified_bot_requests_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action for friendly Bot request. SecurityAction Name parameter supports: Deny: block;Monitor: observe;Allow: pass;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "human_requests_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action for a normal Bot request. valid values for the Name parameter in SecurityAction: Allow: pass..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the switch for Bot intelligent analysis configuration. valid values:.\n\non: enabled.\noff: disabled.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "client_attestation_rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Definition list of client authentication rules. this feature is in beta test. submit a ticket if you need to use it.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "List of client authentication. when using ModifySecurityPolicy to modify Web protection configuration: if Rules in SecurityPolicy.BotManagement.ClientAttestationRules is not specified or the parameter length of Rules is zero: clear all client authentication rule configuration. if ClientAttestationRules in SecurityPolicy.BotManagement parameters is unspecified: keep existing client authentication rule configuration and do not modify. .",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication rule ID. supported rule configuration operations by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing rules not included in the ClientAttestationRule list under BotManagement parameters will be deleted..",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the name of the client authentication rule.",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether the rule is enabled. valid values: `on`: enable `off`: disable.",
+ },
+ "priority": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Priority of rules. a smaller value indicates higher priority execution. value range: 0-100. default value: 0.",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The rule content must comply with expression grammar. for details, see the product document.",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the client authentication option ID.",
+ },
+ "device_profiles": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "Client device configuration. if the DeviceProfiles parameter value is not specified in the ClientAttestationRules parameter, keep the existing client device configuration and do not modify it.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "client_type": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Client device type. valid values: iOS; Android; WebView..",
+ },
+ "high_risk_min_score": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "The minimum value to determine a request as high-risk ranges from 1-99. the larger the value, the higher the request risk, and the closer it resembles a request initiated by a Bot client. the default value is 50, corresponding to high-risk for values 51-100.",
+ },
+ "high_risk_request_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Handling method for high-risk requests. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "medium_risk_min_score": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Specifies the minimum value to determine a request as medium-risk. value range: 1-99. the larger the value, the higher the request risk, resembling requests initiated by a Bot client. default value: 15, corresponding to medium-risk for values 16-50.",
+ },
+ "medium_risk_request_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Handling method for medium-risk requests. SecurityAction Name parameter supports: Deny: block; Monitor: observe; Redirect: Redirect; Challenge: Challenge. default value is Monitor.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "invalid_attestation_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Handling method for failed client authentication. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "browser_impersonation_detection": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Configures browser spoofing identification rules (formerly active feature detection rule). sets the response page range for JavaScript injection, browser check options, and handling method for non-browser clients.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "rules": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ Description: "List of browser spoofing identification Rules. when using ModifySecurityPolicy to modify Web protection configuration:
if Rules parameter in SecurityPolicy.BotManagement.BrowserImpersonationDetection is not specified or parameter length is zero: clear all browser spoofing identification rule configurations. if BrowserImpersonationDetection parameter value is unspecified in SecurityPolicy.BotManagement parameters: keep existing browser spoofing identification rule configurations without modification..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Browser spoofing identification rule ID. rule ID supports different rule configuration operations: add a new rule: ID is empty or without specifying the ID parameter; modify an existing rule: specify the rule ID that needs to be updated/modified; delete an existing rule: existing Rules not included in the Rules list of the BrowserImpersonationDetection parameter will be deleted..",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the name of the browser spoofing identification rule.",
+ },
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether browser spoofing detection is enabled. valid values: on: enabled;off: disabled..",
+ },
+ "condition": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the specific content of browser spoofing identification rules, which only support configuration of request Method (Method), request Path (Path), and request URL, and must comply with expression grammar. for detailed specifications, please refer to the product document.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Describes the handling method for browser spoofing identification rules, including Cookie verification, session tracking configuration, and client behavior validation configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "bot_session_validation": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Configures Cookie verification and session tracking.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "issue_new_bot_session_cookie": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Whether to update Cookie and validate. valid values: on: update Cookie and validate; off: verify only..",
+ },
+ "max_new_session_trigger_config": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the trigger threshold for updating and validating cookies. valid only when IssueNewBotSessionCookie is set to on.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "max_new_session_count_interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Time window for trigger threshold statistics. valid values: 5s: within 5 seconds;10s: within 10 seconds;15s: within 15 seconds;30s: within 30 seconds;60s: within 60 seconds;5m: within 5 minutes;10m: within 10 minutes;30m: within 30 minutes;60m: within 60 minutes..",
+ },
+ "max_new_session_count_threshold": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Trigger threshold cumulative count. value range: 1-100000000.",
+ },
+ },
+ },
+ },
+ "session_expired_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action when no Cookie is carried or the Cookie expired. valid values for the Name parameter in SecurityAction: Deny: block, where Stall can be configured in DenyActionParameters;Monitor: observe;Allow: respond after wait, where MinDelayTime and MaxDelayTime must be configured in AllowActionParameters..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "session_invalid_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action for invalid Cookie. valid values for the Name parameter in SecurityAction: Deny: block, where the DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "session_rate_control": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Specifies the session rate and periodic feature verification configuration.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enabled": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether session rate and periodic feature verification are enabled. valid values: on: enableoff: disable.",
+ },
+ "high_rate_session_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Session rate and periodic feature verification high-risk execution actions. SecurityAction Name valid values: Deny: block, where Stall configuration is supported in DenyActionParameters; Monitor: observation; Allow: respond after wait, where MinDelayTime and MaxDelayTime configuration is required in AllowActionParameters..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "mid_rate_session_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Session rate and periodic feature verification medium-risk execution action. SecurityAction Name parameter supports: Deny: block, where DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "low_rate_session_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Session rate and periodic feature verification low risk execution action. SecurityAction Name parameter supports: Deny: block, where DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "client_behavior_detection": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Configures client behavior validation.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "crypto_challenge_intensity": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the proof-of-work strength. valid values: low: low;medium: medium;high: high..",
+ },
+ "crypto_challenge_delay_before": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the execution mode for client behavior verification. valid values: 0ms: immediate execution; 100ms: delay 100ms execution; 200ms: delay 200ms execution; 300ms: delay 300ms execution; 400ms: delay 400ms execution; 500ms: delay 500ms execution; 600ms: delay 600ms execution; 700ms: delay 700ms execution; 800ms: delay 800ms execution; 900ms: delay 900ms execution; 1000ms: delay 1000ms execution..",
+ },
+ "max_challenge_count_interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Time window for trigger threshold statistics. valid values: 5s: within 5 seconds;10s: within 10 seconds;15s: within 15 seconds;30s: within 30 seconds;60s: within 60 seconds;5m: within 5 minutes;10m: within 10 minutes;30m: within 30 minutes;60m: within 60 minutes..",
+ },
+ "max_challenge_count_threshold": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Trigger threshold cumulative count. value range: 1-100000000.",
+ },
+ "challenge_not_finished_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Execution action when client-side javascript is not enabled (test not completed). valid values for SecurityAction Name: Deny: block, where Stall configuration is supported in DenyActionParameters;Monitor: observe;Allow: respond after waiting, where MinDelayTime and MaxDelayTime configuration is required in AllowActionParameters..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "challenge_timeout_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The execution action for client-side detection timeout. valid values for the Name parameter in SecurityAction: Deny: block, where Stall can be configured in DenyActionParameters; Monitor: observe; Allow: respond after wait, where MinDelayTime and MaxDelayTime must be configured in AllowActionParameters..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "bot_client_action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "The execution action of the Bot client. valid values for the Name parameter in SecurityAction: Deny: block, where the Stall configuration is supported in DenyActionParameters;Monitor: observation;Allow: respond after wait, where MinDelayTime and MaxDelayTime configurations are required in AllowActionParameters..",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Specifies the specific actions for safe execution. valid values:.\nDeny. specifies to block requests from accessing site resources..\nMonitor: observation, only record logs..\nRedirect: Redirect to URL..\nDisabled: specifies that the rule is not enabled..\nAllow: specifies whether to allow access with delayed processing of requests..\nChallenge: specifies the challenge content to respond to..\nTrans: pass and allow requests to directly access site resources..\nBlockIP: to be deprecated. ip block..\nReturnCustomPage: to be deprecated. use specified page for interception..\nJSChallenge: to be deprecated, JavaScript challenge;.\nManagedChallenge: to be deprecated. managed challenge..",
+ },
+ "deny_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Deny.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "block_ip": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to extend the ban on the source IP. valid values.\n`on`: Enable;\n\noff: Disable.\n\nAfter enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.\nNote: this option cannot intersect with ReturnCustomPage or Stall.",
+ },
+ "block_ip_duration": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The ban duration when BlockIP is on.",
+ },
+ "return_custom_page": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to use a custom page. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.\nNote: this option cannot intersect with the BlockIp or Stall option.",
+ },
+ "response_code": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Status code of the custom page.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the page id of the custom page.",
+ },
+ "stall": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies whether to suspend the request source without processing. valid values:.\n`on`: Enable;\n\noff: Disable.\n\nEnabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.\nNote: this option cannot intersect with BlockIp or ReturnCustomPage options.",
+ },
+ },
+ },
+ },
+ "redirect_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Redirect.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Redirect URL.",
+ },
+ },
+ },
+ },
+ "allow_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameters when Name is Allow.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "min_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..",
+ },
+ "max_delay_time": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..",
+ },
+ },
+ },
+ },
+ "challenge_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "Additional parameter when Name is Challenge.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "challenge_option": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..",
+ },
+ "interval": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..",
+ },
+ "attester_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.",
+ },
+ },
+ },
+ },
+ "block_ip_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is BlockIP.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "duration": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..",
+ },
+ },
+ },
+ },
+ "return_custom_page_action_parameters": {
+ Type: schema.TypeList,
+ Optional: true,
+ Computed: true,
+ MaxItems: 1,
+ Description: "To be deprecated, additional parameter when Name is ReturnCustomPage.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "response_code": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom status code.",
+ },
+ "error_page_id": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Response custom page ID.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ // computed
+ "template_id": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Template ID.",
+ },
+ },
+ }
+}
+
+func resourceTencentCloudTeoWebSecurityTemplateCreate(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_teo_web_security_template.create")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ var (
+ logId = tccommon.GetLogId(tccommon.ContextNil)
+ ctx = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+ request = teov20220901.NewCreateWebSecurityTemplateRequest()
+ response = teov20220901.NewCreateWebSecurityTemplateResponse()
+ zoneId string
+ templateId string
+ )
+
+ if v, ok := d.GetOk("zone_id"); ok {
+ request.ZoneId = helper.String(v.(string))
+ zoneId = v.(string)
+ }
+
+ if v, ok := d.GetOk("template_name"); ok {
+ request.TemplateName = helper.String(v.(string))
+ }
+
+ if securityPolicyMap, ok := helper.InterfacesHeadMap(d, "security_policy"); ok {
+ securityPolicy := teov20220901.SecurityPolicy{}
+ if customRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["custom_rules"]); ok {
+ customRules := teov20220901.CustomRules{}
+ if v, ok := customRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ customRule := teov20220901.CustomRule{}
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ customRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ customRule.Condition = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ securityAction := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters.Stall = helper.String(v)
+ }
+
+ securityAction.DenyActionParameters = &denyActionParameters
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters.URL = helper.String(v)
+ }
+
+ securityAction.RedirectActionParameters = &redirectActionParameters
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction.AllowActionParameters = &allowActionParameters
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters.AttesterId = helper.String(v)
+ }
+
+ securityAction.ChallengeActionParameters = &challengeActionParameters
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters.Duration = helper.String(v)
+ }
+
+ securityAction.BlockIPActionParameters = &blockIPActionParameters
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters.ErrorPageId = helper.String(v)
+ }
+
+ securityAction.ReturnCustomPageActionParameters = &returnCustomPageActionParameters
+ }
+
+ customRule.Action = &securityAction
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ customRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ customRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ customRule.Priority = helper.IntInt64(v)
+ }
+
+ customRules.Rules = append(customRules.Rules, &customRule)
+ }
+ }
+
+ securityPolicy.CustomRules = &customRules
+ }
+
+ if managedRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["managed_rules"]); ok {
+ managedRules := teov20220901.ManagedRules{}
+ if v, ok := managedRulesMap["enabled"].(string); ok && v != "" {
+ managedRules.Enabled = helper.String(v)
+ }
+
+ if v, ok := managedRulesMap["detection_only"].(string); ok && v != "" {
+ managedRules.DetectionOnly = helper.String(v)
+ }
+
+ if v, ok := managedRulesMap["semantic_analysis"].(string); ok && v != "" {
+ managedRules.SemanticAnalysis = helper.String(v)
+ }
+
+ if autoUpdateMap, ok := helper.ConvertInterfacesHeadToMap(managedRulesMap["auto_update"]); ok {
+ managedRuleAutoUpdate := teov20220901.ManagedRuleAutoUpdate{}
+ if v, ok := autoUpdateMap["auto_update_to_latest_version"].(string); ok && v != "" {
+ managedRuleAutoUpdate.AutoUpdateToLatestVersion = helper.String(v)
+ }
+
+ managedRules.AutoUpdate = &managedRuleAutoUpdate
+ }
+
+ if v, ok := managedRulesMap["managed_rule_groups"]; ok {
+ for _, item := range v.([]interface{}) {
+ managedRuleGroupsMap := item.(map[string]interface{})
+ managedRuleGroup := teov20220901.ManagedRuleGroup{}
+ if v, ok := managedRuleGroupsMap["group_id"].(string); ok && v != "" {
+ managedRuleGroup.GroupId = helper.String(v)
+ }
+
+ if v, ok := managedRuleGroupsMap["sensitivity_level"].(string); ok && v != "" {
+ managedRuleGroup.SensitivityLevel = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(managedRuleGroupsMap["action"]); ok {
+ securityAction2 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction2.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters2 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters2.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters2.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters2.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters2.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters2.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters2.Stall = helper.String(v)
+ }
+
+ securityAction2.DenyActionParameters = &denyActionParameters2
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters2 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters2.URL = helper.String(v)
+ }
+
+ securityAction2.RedirectActionParameters = &redirectActionParameters2
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters2 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters2.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters2.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction2.AllowActionParameters = &allowActionParameters2
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters2 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters2.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters2.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters2.AttesterId = helper.String(v)
+ }
+
+ securityAction2.ChallengeActionParameters = &challengeActionParameters2
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters2 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters2.Duration = helper.String(v)
+ }
+
+ securityAction2.BlockIPActionParameters = &blockIPActionParameters2
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters2 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters2.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters2.ErrorPageId = helper.String(v)
+ }
+
+ securityAction2.ReturnCustomPageActionParameters = &returnCustomPageActionParameters2
+ }
+
+ managedRuleGroup.Action = &securityAction2
+ }
+
+ if v, ok := managedRuleGroupsMap["rule_actions"]; ok {
+ for _, item := range v.([]interface{}) {
+ ruleActionsMap := item.(map[string]interface{})
+ managedRuleAction := teov20220901.ManagedRuleAction{}
+ if v, ok := ruleActionsMap["rule_id"].(string); ok && v != "" {
+ managedRuleAction.RuleId = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(ruleActionsMap["action"]); ok {
+ securityAction3 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction3.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters3 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters3.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters3.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters3.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters3.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters3.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters3.Stall = helper.String(v)
+ }
+
+ securityAction3.DenyActionParameters = &denyActionParameters3
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters3 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters3.URL = helper.String(v)
+ }
+
+ securityAction3.RedirectActionParameters = &redirectActionParameters3
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters3 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters3.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters3.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction3.AllowActionParameters = &allowActionParameters3
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters3 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters3.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters3.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters3.AttesterId = helper.String(v)
+ }
+
+ securityAction3.ChallengeActionParameters = &challengeActionParameters3
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters3 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters3.Duration = helper.String(v)
+ }
+
+ securityAction3.BlockIPActionParameters = &blockIPActionParameters3
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters3 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters3.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters3.ErrorPageId = helper.String(v)
+ }
+
+ securityAction3.ReturnCustomPageActionParameters = &returnCustomPageActionParameters3
+ }
+
+ managedRuleAction.Action = &securityAction3
+ }
+
+ managedRuleGroup.RuleActions = append(managedRuleGroup.RuleActions, &managedRuleAction)
+ }
+ }
+
+ managedRules.ManagedRuleGroups = append(managedRules.ManagedRuleGroups, &managedRuleGroup)
+ }
+ }
+
+ if frequentScanningProtectionMap, ok := helper.ConvertInterfacesHeadToMap(managedRulesMap["frequent_scanning_protection"]); ok {
+ frequentScanningProtection := teov20220901.FrequentScanningProtection{}
+ if v, ok := frequentScanningProtectionMap["enabled"].(string); ok && v != "" {
+ frequentScanningProtection.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(frequentScanningProtectionMap["action"]); ok {
+ securityAction4 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction4.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters4 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters4.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters4.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters4.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters4.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters4.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters4.Stall = helper.String(v)
+ }
+
+ securityAction4.DenyActionParameters = &denyActionParameters4
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters4 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters4.URL = helper.String(v)
+ }
+
+ securityAction4.RedirectActionParameters = &redirectActionParameters4
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters4 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters4.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters4.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction4.AllowActionParameters = &allowActionParameters4
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters4 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters4.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters4.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters4.AttesterId = helper.String(v)
+ }
+
+ securityAction4.ChallengeActionParameters = &challengeActionParameters4
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters4 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters4.Duration = helper.String(v)
+ }
+
+ securityAction4.BlockIPActionParameters = &blockIPActionParameters4
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters4 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters4.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters4.ErrorPageId = helper.String(v)
+ }
+
+ securityAction4.ReturnCustomPageActionParameters = &returnCustomPageActionParameters4
+ }
+
+ frequentScanningProtection.Action = &securityAction4
+ }
+
+ if v, ok := frequentScanningProtectionMap["count_by"].(string); ok && v != "" {
+ frequentScanningProtection.CountBy = helper.String(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["block_threshold"].(int); ok {
+ frequentScanningProtection.BlockThreshold = helper.IntInt64(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["counting_period"].(string); ok && v != "" {
+ frequentScanningProtection.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["action_duration"].(string); ok && v != "" {
+ frequentScanningProtection.ActionDuration = helper.String(v)
+ }
+
+ managedRules.FrequentScanningProtection = &frequentScanningProtection
+ }
+
+ securityPolicy.ManagedRules = &managedRules
+ }
+
+ if httpDDoSProtectionMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["http_ddos_protection"]); ok {
+ httpDDoSProtection := teov20220901.HttpDDoSProtection{}
+ if adaptiveFrequencyControlMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["adaptive_frequency_control"]); ok {
+ adaptiveFrequencyControl := teov20220901.AdaptiveFrequencyControl{}
+ if v, ok := adaptiveFrequencyControlMap["enabled"].(string); ok && v != "" {
+ adaptiveFrequencyControl.Enabled = helper.String(v)
+ }
+
+ if v, ok := adaptiveFrequencyControlMap["sensitivity"].(string); ok && v != "" {
+ adaptiveFrequencyControl.Sensitivity = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(adaptiveFrequencyControlMap["action"]); ok {
+ securityAction5 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction5.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters5 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters5.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters5.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters5.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters5.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters5.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters5.Stall = helper.String(v)
+ }
+
+ securityAction5.DenyActionParameters = &denyActionParameters5
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters5 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters5.URL = helper.String(v)
+ }
+
+ securityAction5.RedirectActionParameters = &redirectActionParameters5
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters5 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters5.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters5.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction5.AllowActionParameters = &allowActionParameters5
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters5 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters5.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters5.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters5.AttesterId = helper.String(v)
+ }
+
+ securityAction5.ChallengeActionParameters = &challengeActionParameters5
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters5 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters5.Duration = helper.String(v)
+ }
+
+ securityAction5.BlockIPActionParameters = &blockIPActionParameters5
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters5 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters5.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters5.ErrorPageId = helper.String(v)
+ }
+
+ securityAction5.ReturnCustomPageActionParameters = &returnCustomPageActionParameters5
+ }
+
+ adaptiveFrequencyControl.Action = &securityAction5
+ }
+
+ httpDDoSProtection.AdaptiveFrequencyControl = &adaptiveFrequencyControl
+ }
+
+ if clientFilteringMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["client_filtering"]); ok {
+ clientFiltering := teov20220901.ClientFiltering{}
+ if v, ok := clientFilteringMap["enabled"].(string); ok && v != "" {
+ clientFiltering.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(clientFilteringMap["action"]); ok {
+ securityAction6 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction6.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters6 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters6.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters6.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters6.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters6.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters6.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters6.Stall = helper.String(v)
+ }
+
+ securityAction6.DenyActionParameters = &denyActionParameters6
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters6 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters6.URL = helper.String(v)
+ }
+
+ securityAction6.RedirectActionParameters = &redirectActionParameters6
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters6 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters6.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters6.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction6.AllowActionParameters = &allowActionParameters6
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters6 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters6.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters6.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters6.AttesterId = helper.String(v)
+ }
+
+ securityAction6.ChallengeActionParameters = &challengeActionParameters6
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters6 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters6.Duration = helper.String(v)
+ }
+
+ securityAction6.BlockIPActionParameters = &blockIPActionParameters6
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters6 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters6.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters6.ErrorPageId = helper.String(v)
+ }
+
+ securityAction6.ReturnCustomPageActionParameters = &returnCustomPageActionParameters6
+ }
+
+ clientFiltering.Action = &securityAction6
+ }
+
+ httpDDoSProtection.ClientFiltering = &clientFiltering
+ }
+
+ if bandwidthAbuseDefenseMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["bandwidth_abuse_defense"]); ok {
+ bandwidthAbuseDefense := teov20220901.BandwidthAbuseDefense{}
+ if v, ok := bandwidthAbuseDefenseMap["enabled"].(string); ok && v != "" {
+ bandwidthAbuseDefense.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(bandwidthAbuseDefenseMap["action"]); ok {
+ securityAction7 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction7.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters7 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters7.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters7.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters7.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters7.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters7.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters7.Stall = helper.String(v)
+ }
+
+ securityAction7.DenyActionParameters = &denyActionParameters7
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters7 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters7.URL = helper.String(v)
+ }
+
+ securityAction7.RedirectActionParameters = &redirectActionParameters7
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters7 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters7.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters7.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction7.AllowActionParameters = &allowActionParameters7
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters7 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters7.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters7.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters7.AttesterId = helper.String(v)
+ }
+
+ securityAction7.ChallengeActionParameters = &challengeActionParameters7
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters7 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters7.Duration = helper.String(v)
+ }
+
+ securityAction7.BlockIPActionParameters = &blockIPActionParameters7
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters7 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters7.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters7.ErrorPageId = helper.String(v)
+ }
+
+ securityAction7.ReturnCustomPageActionParameters = &returnCustomPageActionParameters7
+ }
+
+ bandwidthAbuseDefense.Action = &securityAction7
+ }
+
+ httpDDoSProtection.BandwidthAbuseDefense = &bandwidthAbuseDefense
+ }
+
+ if slowAttackDefenseMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["slow_attack_defense"]); ok {
+ slowAttackDefense := teov20220901.SlowAttackDefense{}
+ if v, ok := slowAttackDefenseMap["enabled"].(string); ok && v != "" {
+ slowAttackDefense.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["action"]); ok {
+ securityAction8 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction8.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters8 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters8.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters8.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters8.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters8.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters8.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters8.Stall = helper.String(v)
+ }
+
+ securityAction8.DenyActionParameters = &denyActionParameters8
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters8 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters8.URL = helper.String(v)
+ }
+
+ securityAction8.RedirectActionParameters = &redirectActionParameters8
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters8 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters8.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters8.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction8.AllowActionParameters = &allowActionParameters8
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters8 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters8.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters8.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters8.AttesterId = helper.String(v)
+ }
+
+ securityAction8.ChallengeActionParameters = &challengeActionParameters8
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters8 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters8.Duration = helper.String(v)
+ }
+
+ securityAction8.BlockIPActionParameters = &blockIPActionParameters8
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters8 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters8.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters8.ErrorPageId = helper.String(v)
+ }
+
+ securityAction8.ReturnCustomPageActionParameters = &returnCustomPageActionParameters8
+ }
+
+ slowAttackDefense.Action = &securityAction8
+ }
+
+ if minimalRequestBodyTransferRateMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["minimal_request_body_transfer_rate"]); ok {
+ minimalRequestBodyTransferRate := teov20220901.MinimalRequestBodyTransferRate{}
+ if v, ok := minimalRequestBodyTransferRateMap["minimal_avg_transfer_rate_threshold"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.MinimalAvgTransferRateThreshold = helper.String(v)
+ }
+
+ if v, ok := minimalRequestBodyTransferRateMap["counting_period"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := minimalRequestBodyTransferRateMap["enabled"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.Enabled = helper.String(v)
+ }
+
+ slowAttackDefense.MinimalRequestBodyTransferRate = &minimalRequestBodyTransferRate
+ }
+
+ if requestBodyTransferTimeoutMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["request_body_transfer_timeout"]); ok {
+ requestBodyTransferTimeout := teov20220901.RequestBodyTransferTimeout{}
+ if v, ok := requestBodyTransferTimeoutMap["idle_timeout"].(string); ok && v != "" {
+ requestBodyTransferTimeout.IdleTimeout = helper.String(v)
+ }
+
+ if v, ok := requestBodyTransferTimeoutMap["enabled"].(string); ok && v != "" {
+ requestBodyTransferTimeout.Enabled = helper.String(v)
+ }
+
+ slowAttackDefense.RequestBodyTransferTimeout = &requestBodyTransferTimeout
+ }
+
+ httpDDoSProtection.SlowAttackDefense = &slowAttackDefense
+ }
+
+ securityPolicy.HttpDDoSProtection = &httpDDoSProtection
+ }
+
+ if rateLimitingRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["rate_limiting_rules"]); ok {
+ rateLimitingRules := teov20220901.RateLimitingRules{}
+ if v, ok := rateLimitingRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ rateLimitingRule := teov20220901.RateLimitingRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ rateLimitingRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ rateLimitingRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ rateLimitingRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["count_by"]; ok {
+ countBySet := v.(*schema.Set).List()
+ for i := range countBySet {
+ countBy := countBySet[i].(string)
+ rateLimitingRule.CountBy = append(rateLimitingRule.CountBy, helper.String(countBy))
+ }
+ }
+
+ if v, ok := rulesMap["max_request_threshold"].(int); ok {
+ rateLimitingRule.MaxRequestThreshold = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["counting_period"].(string); ok && v != "" {
+ rateLimitingRule.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := rulesMap["action_duration"].(string); ok && v != "" {
+ rateLimitingRule.ActionDuration = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ securityAction9 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction9.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters9 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters9.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters9.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters9.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters9.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters9.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters9.Stall = helper.String(v)
+ }
+
+ securityAction9.DenyActionParameters = &denyActionParameters9
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters9 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters9.URL = helper.String(v)
+ }
+
+ securityAction9.RedirectActionParameters = &redirectActionParameters9
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters9 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters9.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters9.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction9.AllowActionParameters = &allowActionParameters9
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters9 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters9.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters9.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters9.AttesterId = helper.String(v)
+ }
+
+ securityAction9.ChallengeActionParameters = &challengeActionParameters9
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters9 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters9.Duration = helper.String(v)
+ }
+
+ securityAction9.BlockIPActionParameters = &blockIPActionParameters9
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters9 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters9.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters9.ErrorPageId = helper.String(v)
+ }
+
+ securityAction9.ReturnCustomPageActionParameters = &returnCustomPageActionParameters9
+ }
+
+ rateLimitingRule.Action = &securityAction9
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ rateLimitingRule.Priority = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ rateLimitingRule.Enabled = helper.String(v)
+ }
+
+ rateLimitingRules.Rules = append(rateLimitingRules.Rules, &rateLimitingRule)
+ }
+ }
+
+ securityPolicy.RateLimitingRules = &rateLimitingRules
+ }
+
+ if exceptionRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["exception_rules"]); ok {
+ exceptionRules := teov20220901.ExceptionRules{}
+ if v, ok := exceptionRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ exceptionRule := teov20220901.ExceptionRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ exceptionRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ exceptionRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ exceptionRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["skip_scope"].(string); ok && v != "" {
+ exceptionRule.SkipScope = helper.String(v)
+ }
+
+ if v, ok := rulesMap["skip_option"].(string); ok && v != "" {
+ exceptionRule.SkipOption = helper.String(v)
+ }
+
+ if v, ok := rulesMap["web_security_modules_for_exception"]; ok {
+ webSecurityModulesForExceptionSet := v.(*schema.Set).List()
+ for i := range webSecurityModulesForExceptionSet {
+ webSecurityModulesForException := webSecurityModulesForExceptionSet[i].(string)
+ exceptionRule.WebSecurityModulesForException = append(exceptionRule.WebSecurityModulesForException, helper.String(webSecurityModulesForException))
+ }
+ }
+
+ if v, ok := rulesMap["managed_rules_for_exception"]; ok {
+ managedRulesForExceptionSet := v.(*schema.Set).List()
+ for i := range managedRulesForExceptionSet {
+ managedRulesForException := managedRulesForExceptionSet[i].(string)
+ exceptionRule.ManagedRulesForException = append(exceptionRule.ManagedRulesForException, helper.String(managedRulesForException))
+ }
+ }
+
+ if v, ok := rulesMap["managed_rule_groups_for_exception"]; ok {
+ managedRuleGroupsForExceptionSet := v.(*schema.Set).List()
+ for i := range managedRuleGroupsForExceptionSet {
+ managedRuleGroupsForException := managedRuleGroupsForExceptionSet[i].(string)
+ exceptionRule.ManagedRuleGroupsForException = append(exceptionRule.ManagedRuleGroupsForException, helper.String(managedRuleGroupsForException))
+ }
+ }
+
+ if v, ok := rulesMap["request_fields_for_exception"]; ok {
+ for _, item := range v.([]interface{}) {
+ requestFieldsForExceptionMap := item.(map[string]interface{})
+ requestFieldsForException := teov20220901.RequestFieldsForException{}
+ if v, ok := requestFieldsForExceptionMap["scope"].(string); ok && v != "" {
+ requestFieldsForException.Scope = helper.String(v)
+ }
+
+ if v, ok := requestFieldsForExceptionMap["condition"].(string); ok && v != "" {
+ requestFieldsForException.Condition = helper.String(v)
+ }
+
+ if v, ok := requestFieldsForExceptionMap["target_field"].(string); ok && v != "" {
+ requestFieldsForException.TargetField = helper.String(v)
+ }
+
+ exceptionRule.RequestFieldsForException = append(exceptionRule.RequestFieldsForException, &requestFieldsForException)
+ }
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ exceptionRule.Enabled = helper.String(v)
+ }
+
+ exceptionRules.Rules = append(exceptionRules.Rules, &exceptionRule)
+ }
+ }
+
+ securityPolicy.ExceptionRules = &exceptionRules
+ }
+
+ if botManagementMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["bot_management"]); ok {
+ botManagement := teov20220901.BotManagement{}
+ if v, ok := botManagementMap["enabled"].(string); ok && v != "" {
+ botManagement.Enabled = helper.String(v)
+ }
+
+ if customRulesMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["custom_rules"]); ok {
+ botManagementCustomRules := teov20220901.BotManagementCustomRules{}
+ if v, ok := customRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ botManagementCustomRule := teov20220901.BotManagementCustomRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ botManagementCustomRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ botManagementCustomRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ botManagementCustomRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ botManagementCustomRule.Priority = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ botManagementCustomRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["action"]; ok {
+ for _, item := range v.([]interface{}) {
+ actionMap := item.(map[string]interface{})
+ securityWeightedAction := teov20220901.SecurityWeightedAction{}
+ if securityActionMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["security_action"]); ok {
+ securityAction10 := teov20220901.SecurityAction{}
+ if v, ok := securityActionMap["name"].(string); ok && v != "" {
+ securityAction10.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["deny_action_parameters"]); ok {
+ denyActionParameters10 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters10.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters10.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters10.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters10.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters10.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters10.Stall = helper.String(v)
+ }
+
+ securityAction10.DenyActionParameters = &denyActionParameters10
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters10 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters10.URL = helper.String(v)
+ }
+
+ securityAction10.RedirectActionParameters = &redirectActionParameters10
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["allow_action_parameters"]); ok {
+ allowActionParameters10 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters10.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters10.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction10.AllowActionParameters = &allowActionParameters10
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters10 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters10.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters10.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters10.AttesterId = helper.String(v)
+ }
+
+ securityAction10.ChallengeActionParameters = &challengeActionParameters10
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters10 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters10.Duration = helper.String(v)
+ }
+
+ securityAction10.BlockIPActionParameters = &blockIPActionParameters10
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters10 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters10.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters10.ErrorPageId = helper.String(v)
+ }
+
+ securityAction10.ReturnCustomPageActionParameters = &returnCustomPageActionParameters10
+ }
+
+ securityWeightedAction.SecurityAction = &securityAction10
+ }
+
+ if v, ok := actionMap["weight"].(int); ok {
+ securityWeightedAction.Weight = helper.IntInt64(v)
+ }
+
+ botManagementCustomRule.Action = append(botManagementCustomRule.Action, &securityWeightedAction)
+ }
+ }
+
+ botManagementCustomRules.Rules = append(botManagementCustomRules.Rules, &botManagementCustomRule)
+ }
+ }
+
+ botManagement.CustomRules = &botManagementCustomRules
+ }
+
+ if basicBotSettingsMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["basic_bot_settings"]); ok {
+ basicBotSettings := teov20220901.BasicBotSettings{}
+ if sourceIDCMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["source_idc"]); ok {
+ sourceIDC := teov20220901.SourceIDC{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(sourceIDCMap["base_action"]); ok {
+ securityAction11 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction11.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters11 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters11.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters11.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters11.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters11.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters11.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters11.Stall = helper.String(v)
+ }
+
+ securityAction11.DenyActionParameters = &denyActionParameters11
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters11 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters11.URL = helper.String(v)
+ }
+
+ securityAction11.RedirectActionParameters = &redirectActionParameters11
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters11 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters11.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters11.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction11.AllowActionParameters = &allowActionParameters11
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters11 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters11.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters11.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters11.AttesterId = helper.String(v)
+ }
+
+ securityAction11.ChallengeActionParameters = &challengeActionParameters11
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters11 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters11.Duration = helper.String(v)
+ }
+
+ securityAction11.BlockIPActionParameters = &blockIPActionParameters11
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters11 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters11.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters11.ErrorPageId = helper.String(v)
+ }
+
+ securityAction11.ReturnCustomPageActionParameters = &returnCustomPageActionParameters11
+ }
+
+ sourceIDC.BaseAction = &securityAction11
+ }
+
+ if v, ok := sourceIDCMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction12 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction12.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters12 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters12.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters12.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters12.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters12.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters12.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters12.Stall = helper.String(v)
+ }
+
+ securityAction12.DenyActionParameters = &denyActionParameters12
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters12 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters12.URL = helper.String(v)
+ }
+
+ securityAction12.RedirectActionParameters = &redirectActionParameters12
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters12 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters12.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters12.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction12.AllowActionParameters = &allowActionParameters12
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters12 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters12.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters12.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters12.AttesterId = helper.String(v)
+ }
+
+ securityAction12.ChallengeActionParameters = &challengeActionParameters12
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters12 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters12.Duration = helper.String(v)
+ }
+
+ securityAction12.BlockIPActionParameters = &blockIPActionParameters12
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters12 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters12.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters12.ErrorPageId = helper.String(v)
+ }
+
+ securityAction12.ReturnCustomPageActionParameters = &returnCustomPageActionParameters12
+ }
+
+ botManagementActionOverrides.Action = &securityAction12
+ }
+
+ sourceIDC.BotManagementActionOverrides = append(sourceIDC.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.SourceIDC = &sourceIDC
+ }
+
+ if searchEngineBotsMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["search_engine_bots"]); ok {
+ searchEngineBots := teov20220901.SearchEngineBots{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(searchEngineBotsMap["base_action"]); ok {
+ securityAction13 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction13.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters13 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters13.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters13.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters13.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters13.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters13.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters13.Stall = helper.String(v)
+ }
+
+ securityAction13.DenyActionParameters = &denyActionParameters13
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters13 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters13.URL = helper.String(v)
+ }
+
+ securityAction13.RedirectActionParameters = &redirectActionParameters13
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters13 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters13.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters13.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction13.AllowActionParameters = &allowActionParameters13
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters13 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters13.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters13.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters13.AttesterId = helper.String(v)
+ }
+
+ securityAction13.ChallengeActionParameters = &challengeActionParameters13
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters13 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters13.Duration = helper.String(v)
+ }
+
+ securityAction13.BlockIPActionParameters = &blockIPActionParameters13
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters13 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters13.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters13.ErrorPageId = helper.String(v)
+ }
+
+ securityAction13.ReturnCustomPageActionParameters = &returnCustomPageActionParameters13
+ }
+
+ searchEngineBots.BaseAction = &securityAction13
+ }
+
+ if v, ok := searchEngineBotsMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction14 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction14.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters14 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters14.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters14.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters14.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters14.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters14.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters14.Stall = helper.String(v)
+ }
+
+ securityAction14.DenyActionParameters = &denyActionParameters14
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters14 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters14.URL = helper.String(v)
+ }
+
+ securityAction14.RedirectActionParameters = &redirectActionParameters14
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters14 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters14.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters14.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction14.AllowActionParameters = &allowActionParameters14
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters14 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters14.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters14.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters14.AttesterId = helper.String(v)
+ }
+
+ securityAction14.ChallengeActionParameters = &challengeActionParameters14
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters14 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters14.Duration = helper.String(v)
+ }
+
+ securityAction14.BlockIPActionParameters = &blockIPActionParameters14
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters14 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters14.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters14.ErrorPageId = helper.String(v)
+ }
+
+ securityAction14.ReturnCustomPageActionParameters = &returnCustomPageActionParameters14
+ }
+
+ botManagementActionOverrides.Action = &securityAction14
+ }
+
+ searchEngineBots.BotManagementActionOverrides = append(searchEngineBots.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.SearchEngineBots = &searchEngineBots
+ }
+
+ if knownBotCategoriesMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["known_bot_categories"]); ok {
+ knownBotCategories := teov20220901.KnownBotCategories{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(knownBotCategoriesMap["base_action"]); ok {
+ securityAction15 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction15.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters15 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters15.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters15.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters15.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters15.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters15.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters15.Stall = helper.String(v)
+ }
+
+ securityAction15.DenyActionParameters = &denyActionParameters15
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters15 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters15.URL = helper.String(v)
+ }
+
+ securityAction15.RedirectActionParameters = &redirectActionParameters15
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters15 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters15.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters15.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction15.AllowActionParameters = &allowActionParameters15
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters15 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters15.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters15.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters15.AttesterId = helper.String(v)
+ }
+
+ securityAction15.ChallengeActionParameters = &challengeActionParameters15
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters15 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters15.Duration = helper.String(v)
+ }
+
+ securityAction15.BlockIPActionParameters = &blockIPActionParameters15
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters15 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters15.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters15.ErrorPageId = helper.String(v)
+ }
+
+ securityAction15.ReturnCustomPageActionParameters = &returnCustomPageActionParameters15
+ }
+
+ knownBotCategories.BaseAction = &securityAction15
+ }
+
+ if v, ok := knownBotCategoriesMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction16 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction16.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters16 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters16.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters16.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters16.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters16.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters16.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters16.Stall = helper.String(v)
+ }
+
+ securityAction16.DenyActionParameters = &denyActionParameters16
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters16 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters16.URL = helper.String(v)
+ }
+
+ securityAction16.RedirectActionParameters = &redirectActionParameters16
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters16 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters16.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters16.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction16.AllowActionParameters = &allowActionParameters16
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters16 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters16.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters16.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters16.AttesterId = helper.String(v)
+ }
+
+ securityAction16.ChallengeActionParameters = &challengeActionParameters16
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters16 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters16.Duration = helper.String(v)
+ }
+
+ securityAction16.BlockIPActionParameters = &blockIPActionParameters16
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters16 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters16.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters16.ErrorPageId = helper.String(v)
+ }
+
+ securityAction16.ReturnCustomPageActionParameters = &returnCustomPageActionParameters16
+ }
+
+ botManagementActionOverrides.Action = &securityAction16
+ }
+
+ knownBotCategories.BotManagementActionOverrides = append(knownBotCategories.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.KnownBotCategories = &knownBotCategories
+ }
+
+ if iPReputationMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["ip_reputation"]); ok {
+ iPReputation := teov20220901.IPReputation{}
+ if v, ok := iPReputationMap["enabled"].(string); ok && v != "" {
+ iPReputation.Enabled = helper.String(v)
+ }
+
+ if iPReputationGroupMap, ok := helper.ConvertInterfacesHeadToMap(iPReputationMap["ip_reputation_group"]); ok {
+ iPReputationGroup := teov20220901.IPReputationGroup{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(iPReputationGroupMap["base_action"]); ok {
+ securityAction17 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction17.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters17 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters17.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters17.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters17.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters17.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters17.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters17.Stall = helper.String(v)
+ }
+
+ securityAction17.DenyActionParameters = &denyActionParameters17
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters17 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters17.URL = helper.String(v)
+ }
+
+ securityAction17.RedirectActionParameters = &redirectActionParameters17
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters17 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters17.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters17.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction17.AllowActionParameters = &allowActionParameters17
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters17 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters17.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters17.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters17.AttesterId = helper.String(v)
+ }
+
+ securityAction17.ChallengeActionParameters = &challengeActionParameters17
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters17 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters17.Duration = helper.String(v)
+ }
+
+ securityAction17.BlockIPActionParameters = &blockIPActionParameters17
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters17 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters17.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters17.ErrorPageId = helper.String(v)
+ }
+
+ securityAction17.ReturnCustomPageActionParameters = &returnCustomPageActionParameters17
+ }
+
+ iPReputationGroup.BaseAction = &securityAction17
+ }
+
+ if v, ok := iPReputationGroupMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction18 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction18.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters18 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters18.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters18.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters18.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters18.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters18.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters18.Stall = helper.String(v)
+ }
+
+ securityAction18.DenyActionParameters = &denyActionParameters18
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters18 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters18.URL = helper.String(v)
+ }
+
+ securityAction18.RedirectActionParameters = &redirectActionParameters18
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters18 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters18.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters18.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction18.AllowActionParameters = &allowActionParameters18
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters18 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters18.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters18.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters18.AttesterId = helper.String(v)
+ }
+
+ securityAction18.ChallengeActionParameters = &challengeActionParameters18
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters18 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters18.Duration = helper.String(v)
+ }
+
+ securityAction18.BlockIPActionParameters = &blockIPActionParameters18
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters18 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters18.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters18.ErrorPageId = helper.String(v)
+ }
+
+ securityAction18.ReturnCustomPageActionParameters = &returnCustomPageActionParameters18
+ }
+
+ botManagementActionOverrides.Action = &securityAction18
+ }
+
+ iPReputationGroup.BotManagementActionOverrides = append(iPReputationGroup.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ iPReputation.IPReputationGroup = &iPReputationGroup
+ }
+
+ basicBotSettings.IPReputation = &iPReputation
+ }
+
+ if botIntelligenceMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["bot_intelligence"]); ok {
+ botIntelligence := teov20220901.BotIntelligence{}
+ if botRatingsMap, ok := helper.ConvertInterfacesHeadToMap(botIntelligenceMap["bot_ratings"]); ok {
+ botRatings := teov20220901.BotRatings{}
+ if highRiskBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["high_risk_bot_requests_action"]); ok {
+ securityAction19 := teov20220901.SecurityAction{}
+ if v, ok := highRiskBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction19.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters19 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters19.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters19.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters19.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters19.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters19.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters19.Stall = helper.String(v)
+ }
+
+ securityAction19.DenyActionParameters = &denyActionParameters19
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters19 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters19.URL = helper.String(v)
+ }
+
+ securityAction19.RedirectActionParameters = &redirectActionParameters19
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters19 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters19.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters19.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction19.AllowActionParameters = &allowActionParameters19
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters19 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters19.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters19.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters19.AttesterId = helper.String(v)
+ }
+
+ securityAction19.ChallengeActionParameters = &challengeActionParameters19
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters19 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters19.Duration = helper.String(v)
+ }
+
+ securityAction19.BlockIPActionParameters = &blockIPActionParameters19
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters19 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters19.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters19.ErrorPageId = helper.String(v)
+ }
+
+ securityAction19.ReturnCustomPageActionParameters = &returnCustomPageActionParameters19
+ }
+
+ botRatings.HighRiskBotRequestsAction = &securityAction19
+ }
+
+ if likelyBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["likely_bot_requests_action"]); ok {
+ securityAction20 := teov20220901.SecurityAction{}
+ if v, ok := likelyBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction20.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters20 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters20.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters20.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters20.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters20.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters20.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters20.Stall = helper.String(v)
+ }
+
+ securityAction20.DenyActionParameters = &denyActionParameters20
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters20 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters20.URL = helper.String(v)
+ }
+
+ securityAction20.RedirectActionParameters = &redirectActionParameters20
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters20 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters20.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters20.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction20.AllowActionParameters = &allowActionParameters20
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters20 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters20.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters20.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters20.AttesterId = helper.String(v)
+ }
+
+ securityAction20.ChallengeActionParameters = &challengeActionParameters20
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters20 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters20.Duration = helper.String(v)
+ }
+
+ securityAction20.BlockIPActionParameters = &blockIPActionParameters20
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters20 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters20.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters20.ErrorPageId = helper.String(v)
+ }
+
+ securityAction20.ReturnCustomPageActionParameters = &returnCustomPageActionParameters20
+ }
+
+ botRatings.LikelyBotRequestsAction = &securityAction20
+ }
+
+ if verifiedBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["verified_bot_requests_action"]); ok {
+ securityAction21 := teov20220901.SecurityAction{}
+ if v, ok := verifiedBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction21.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters21 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters21.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters21.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters21.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters21.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters21.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters21.Stall = helper.String(v)
+ }
+
+ securityAction21.DenyActionParameters = &denyActionParameters21
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters21 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters21.URL = helper.String(v)
+ }
+
+ securityAction21.RedirectActionParameters = &redirectActionParameters21
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters21 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters21.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters21.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction21.AllowActionParameters = &allowActionParameters21
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters21 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters21.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters21.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters21.AttesterId = helper.String(v)
+ }
+
+ securityAction21.ChallengeActionParameters = &challengeActionParameters21
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters21 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters21.Duration = helper.String(v)
+ }
+
+ securityAction21.BlockIPActionParameters = &blockIPActionParameters21
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters21 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters21.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters21.ErrorPageId = helper.String(v)
+ }
+
+ securityAction21.ReturnCustomPageActionParameters = &returnCustomPageActionParameters21
+ }
+
+ botRatings.VerifiedBotRequestsAction = &securityAction21
+ }
+
+ if humanRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["human_requests_action"]); ok {
+ securityAction22 := teov20220901.SecurityAction{}
+ if v, ok := humanRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction22.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters22 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters22.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters22.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters22.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters22.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters22.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters22.Stall = helper.String(v)
+ }
+
+ securityAction22.DenyActionParameters = &denyActionParameters22
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters22 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters22.URL = helper.String(v)
+ }
+
+ securityAction22.RedirectActionParameters = &redirectActionParameters22
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters22 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters22.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters22.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction22.AllowActionParameters = &allowActionParameters22
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters22 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters22.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters22.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters22.AttesterId = helper.String(v)
+ }
+
+ securityAction22.ChallengeActionParameters = &challengeActionParameters22
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters22 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters22.Duration = helper.String(v)
+ }
+
+ securityAction22.BlockIPActionParameters = &blockIPActionParameters22
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters22 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters22.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters22.ErrorPageId = helper.String(v)
+ }
+
+ securityAction22.ReturnCustomPageActionParameters = &returnCustomPageActionParameters22
+ }
+
+ botRatings.HumanRequestsAction = &securityAction22
+ }
+
+ botIntelligence.BotRatings = &botRatings
+ }
+
+ if v, ok := botIntelligenceMap["enabled"].(string); ok && v != "" {
+ botIntelligence.Enabled = helper.String(v)
+ }
+
+ basicBotSettings.BotIntelligence = &botIntelligence
+ }
+
+ botManagement.BasicBotSettings = &basicBotSettings
+ }
+
+ if clientAttestationRulesMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["client_attestation_rules"]); ok {
+ clientAttestationRules := teov20220901.ClientAttestationRules{}
+ if v, ok := clientAttestationRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ clientAttestationRule := teov20220901.ClientAttestationRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ clientAttestationRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ clientAttestationRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ clientAttestationRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ clientAttestationRule.Priority = helper.IntUint64(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ clientAttestationRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["attester_id"].(string); ok && v != "" {
+ clientAttestationRule.AttesterId = helper.String(v)
+ }
+
+ if v, ok := rulesMap["device_profiles"]; ok {
+ for _, item := range v.([]interface{}) {
+ deviceProfilesMap := item.(map[string]interface{})
+ deviceProfile := teov20220901.DeviceProfile{}
+ if v, ok := deviceProfilesMap["client_type"].(string); ok && v != "" {
+ deviceProfile.ClientType = helper.String(v)
+ }
+
+ if v, ok := deviceProfilesMap["high_risk_min_score"].(int); ok {
+ deviceProfile.HighRiskMinScore = helper.IntUint64(v)
+ }
+
+ if highRiskRequestActionMap, ok := helper.ConvertInterfacesHeadToMap(deviceProfilesMap["high_risk_request_action"]); ok {
+ securityAction23 := teov20220901.SecurityAction{}
+ if v, ok := highRiskRequestActionMap["name"].(string); ok && v != "" {
+ securityAction23.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["deny_action_parameters"]); ok {
+ denyActionParameters23 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters23.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters23.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters23.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters23.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters23.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters23.Stall = helper.String(v)
+ }
+
+ securityAction23.DenyActionParameters = &denyActionParameters23
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters23 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters23.URL = helper.String(v)
+ }
+
+ securityAction23.RedirectActionParameters = &redirectActionParameters23
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["allow_action_parameters"]); ok {
+ allowActionParameters23 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters23.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters23.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction23.AllowActionParameters = &allowActionParameters23
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters23 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters23.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters23.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters23.AttesterId = helper.String(v)
+ }
+
+ securityAction23.ChallengeActionParameters = &challengeActionParameters23
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters23 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters23.Duration = helper.String(v)
+ }
+
+ securityAction23.BlockIPActionParameters = &blockIPActionParameters23
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters23 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters23.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters23.ErrorPageId = helper.String(v)
+ }
+
+ securityAction23.ReturnCustomPageActionParameters = &returnCustomPageActionParameters23
+ }
+
+ deviceProfile.HighRiskRequestAction = &securityAction23
+ }
+
+ if v, ok := deviceProfilesMap["medium_risk_min_score"].(int); ok {
+ deviceProfile.MediumRiskMinScore = helper.IntUint64(v)
+ }
+
+ if mediumRiskRequestActionMap, ok := helper.ConvertInterfacesHeadToMap(deviceProfilesMap["medium_risk_request_action"]); ok {
+ securityAction24 := teov20220901.SecurityAction{}
+ if v, ok := mediumRiskRequestActionMap["name"].(string); ok && v != "" {
+ securityAction24.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["deny_action_parameters"]); ok {
+ denyActionParameters24 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters24.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters24.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters24.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters24.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters24.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters24.Stall = helper.String(v)
+ }
+
+ securityAction24.DenyActionParameters = &denyActionParameters24
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters24 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters24.URL = helper.String(v)
+ }
+
+ securityAction24.RedirectActionParameters = &redirectActionParameters24
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["allow_action_parameters"]); ok {
+ allowActionParameters24 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters24.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters24.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction24.AllowActionParameters = &allowActionParameters24
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters24 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters24.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters24.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters24.AttesterId = helper.String(v)
+ }
+
+ securityAction24.ChallengeActionParameters = &challengeActionParameters24
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters24 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters24.Duration = helper.String(v)
+ }
+
+ securityAction24.BlockIPActionParameters = &blockIPActionParameters24
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters24 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters24.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters24.ErrorPageId = helper.String(v)
+ }
+
+ securityAction24.ReturnCustomPageActionParameters = &returnCustomPageActionParameters24
+ }
+
+ deviceProfile.MediumRiskRequestAction = &securityAction24
+ }
+
+ clientAttestationRule.DeviceProfiles = append(clientAttestationRule.DeviceProfiles, &deviceProfile)
+ }
+ }
+
+ if invalidAttestationActionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["invalid_attestation_action"]); ok {
+ securityAction25 := teov20220901.SecurityAction{}
+ if v, ok := invalidAttestationActionMap["name"].(string); ok && v != "" {
+ securityAction25.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["deny_action_parameters"]); ok {
+ denyActionParameters25 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters25.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters25.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters25.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters25.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters25.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters25.Stall = helper.String(v)
+ }
+
+ securityAction25.DenyActionParameters = &denyActionParameters25
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters25 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters25.URL = helper.String(v)
+ }
+
+ securityAction25.RedirectActionParameters = &redirectActionParameters25
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["allow_action_parameters"]); ok {
+ allowActionParameters25 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters25.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters25.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction25.AllowActionParameters = &allowActionParameters25
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters25 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters25.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters25.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters25.AttesterId = helper.String(v)
+ }
+
+ securityAction25.ChallengeActionParameters = &challengeActionParameters25
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters25 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters25.Duration = helper.String(v)
+ }
+
+ securityAction25.BlockIPActionParameters = &blockIPActionParameters25
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters25 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters25.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters25.ErrorPageId = helper.String(v)
+ }
+
+ securityAction25.ReturnCustomPageActionParameters = &returnCustomPageActionParameters25
+ }
+
+ clientAttestationRule.InvalidAttestationAction = &securityAction25
+ }
+
+ clientAttestationRules.Rules = append(clientAttestationRules.Rules, &clientAttestationRule)
+ }
+ }
+
+ botManagement.ClientAttestationRules = &clientAttestationRules
+ }
+
+ if browserImpersonationDetectionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["browser_impersonation_detection"]); ok {
+ browserImpersonationDetection := teov20220901.BrowserImpersonationDetection{}
+ if v, ok := browserImpersonationDetectionMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ browserImpersonationDetectionRule := teov20220901.BrowserImpersonationDetectionRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Condition = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ browserImpersonationDetectionAction := teov20220901.BrowserImpersonationDetectionAction{}
+ if botSessionValidationMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["bot_session_validation"]); ok {
+ botSessionValidation := teov20220901.BotSessionValidation{}
+ if v, ok := botSessionValidationMap["issue_new_bot_session_cookie"].(string); ok && v != "" {
+ botSessionValidation.IssueNewBotSessionCookie = helper.String(v)
+ }
+
+ if maxNewSessionTriggerConfigMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["max_new_session_trigger_config"]); ok {
+ maxNewSessionTriggerConfig := teov20220901.MaxNewSessionTriggerConfig{}
+ if v, ok := maxNewSessionTriggerConfigMap["max_new_session_count_interval"].(string); ok && v != "" {
+ maxNewSessionTriggerConfig.MaxNewSessionCountInterval = helper.String(v)
+ }
+
+ if v, ok := maxNewSessionTriggerConfigMap["max_new_session_count_threshold"].(int); ok {
+ maxNewSessionTriggerConfig.MaxNewSessionCountThreshold = helper.IntInt64(v)
+ }
+
+ botSessionValidation.MaxNewSessionTriggerConfig = &maxNewSessionTriggerConfig
+ }
+
+ if sessionExpiredActionMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_expired_action"]); ok {
+ securityAction26 := teov20220901.SecurityAction{}
+ if v, ok := sessionExpiredActionMap["name"].(string); ok && v != "" {
+ securityAction26.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["deny_action_parameters"]); ok {
+ denyActionParameters26 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters26.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters26.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters26.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters26.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters26.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters26.Stall = helper.String(v)
+ }
+
+ securityAction26.DenyActionParameters = &denyActionParameters26
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters26 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters26.URL = helper.String(v)
+ }
+
+ securityAction26.RedirectActionParameters = &redirectActionParameters26
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["allow_action_parameters"]); ok {
+ allowActionParameters26 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters26.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters26.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction26.AllowActionParameters = &allowActionParameters26
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters26 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters26.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters26.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters26.AttesterId = helper.String(v)
+ }
+
+ securityAction26.ChallengeActionParameters = &challengeActionParameters26
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters26 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters26.Duration = helper.String(v)
+ }
+
+ securityAction26.BlockIPActionParameters = &blockIPActionParameters26
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters26 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters26.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters26.ErrorPageId = helper.String(v)
+ }
+
+ securityAction26.ReturnCustomPageActionParameters = &returnCustomPageActionParameters26
+ }
+
+ botSessionValidation.SessionExpiredAction = &securityAction26
+ }
+
+ if sessionInvalidActionMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_invalid_action"]); ok {
+ securityAction27 := teov20220901.SecurityAction{}
+ if v, ok := sessionInvalidActionMap["name"].(string); ok && v != "" {
+ securityAction27.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["deny_action_parameters"]); ok {
+ denyActionParameters27 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters27.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters27.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters27.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters27.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters27.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters27.Stall = helper.String(v)
+ }
+
+ securityAction27.DenyActionParameters = &denyActionParameters27
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters27 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters27.URL = helper.String(v)
+ }
+
+ securityAction27.RedirectActionParameters = &redirectActionParameters27
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["allow_action_parameters"]); ok {
+ allowActionParameters27 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters27.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters27.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction27.AllowActionParameters = &allowActionParameters27
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters27 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters27.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters27.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters27.AttesterId = helper.String(v)
+ }
+
+ securityAction27.ChallengeActionParameters = &challengeActionParameters27
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters27 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters27.Duration = helper.String(v)
+ }
+
+ securityAction27.BlockIPActionParameters = &blockIPActionParameters27
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters27 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters27.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters27.ErrorPageId = helper.String(v)
+ }
+
+ securityAction27.ReturnCustomPageActionParameters = &returnCustomPageActionParameters27
+ }
+
+ botSessionValidation.SessionInvalidAction = &securityAction27
+ }
+
+ if sessionRateControlMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_rate_control"]); ok {
+ sessionRateControl := teov20220901.SessionRateControl{}
+ if v, ok := sessionRateControlMap["enabled"].(string); ok && v != "" {
+ sessionRateControl.Enabled = helper.String(v)
+ }
+
+ if highRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["high_rate_session_action"]); ok {
+ securityAction28 := teov20220901.SecurityAction{}
+ if v, ok := highRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction28.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters28 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters28.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters28.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters28.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters28.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters28.ErrorPageId = helper.String(v)
+ }
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters28.Stall = helper.String(v)
+ }
+
+ securityAction28.DenyActionParameters = &denyActionParameters28
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters28 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters28.URL = helper.String(v)
+ }
+
+ securityAction28.RedirectActionParameters = &redirectActionParameters28
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters28 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters28.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters28.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction28.AllowActionParameters = &allowActionParameters28
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters28 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters28.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters28.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters28.AttesterId = helper.String(v)
+ }
+
+ securityAction28.ChallengeActionParameters = &challengeActionParameters28
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters28 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters28.Duration = helper.String(v)
+ }
+
+ securityAction28.BlockIPActionParameters = &blockIPActionParameters28
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters28 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters28.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters28.ErrorPageId = helper.String(v)
+ }
+
+ securityAction28.ReturnCustomPageActionParameters = &returnCustomPageActionParameters28
+ }
+
+ sessionRateControl.HighRateSessionAction = &securityAction28
+ }
+
+ if midRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["mid_rate_session_action"]); ok {
+ securityAction29 := teov20220901.SecurityAction{}
+ if v, ok := midRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction29.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters29 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters29.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters29.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters29.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters29.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters29.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters29.Stall = helper.String(v)
+ }
+
+ securityAction29.DenyActionParameters = &denyActionParameters29
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters29 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters29.URL = helper.String(v)
+ }
+
+ securityAction29.RedirectActionParameters = &redirectActionParameters29
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters29 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters29.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters29.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction29.AllowActionParameters = &allowActionParameters29
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters29 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters29.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters29.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters29.AttesterId = helper.String(v)
+ }
+
+ securityAction29.ChallengeActionParameters = &challengeActionParameters29
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters29 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters29.Duration = helper.String(v)
+ }
+
+ securityAction29.BlockIPActionParameters = &blockIPActionParameters29
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters29 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters29.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters29.ErrorPageId = helper.String(v)
+ }
+
+ securityAction29.ReturnCustomPageActionParameters = &returnCustomPageActionParameters29
+ }
+
+ sessionRateControl.MidRateSessionAction = &securityAction29
+ }
+
+ if lowRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["low_rate_session_action"]); ok {
+ securityAction30 := teov20220901.SecurityAction{}
+ if v, ok := lowRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction30.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters30 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters30.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters30.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters30.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters30.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters30.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters30.Stall = helper.String(v)
+ }
+
+ securityAction30.DenyActionParameters = &denyActionParameters30
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters30 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters30.URL = helper.String(v)
+ }
+
+ securityAction30.RedirectActionParameters = &redirectActionParameters30
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters30 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters30.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters30.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction30.AllowActionParameters = &allowActionParameters30
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters30 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters30.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters30.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters30.AttesterId = helper.String(v)
+ }
+
+ securityAction30.ChallengeActionParameters = &challengeActionParameters30
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters30 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters30.Duration = helper.String(v)
+ }
+
+ securityAction30.BlockIPActionParameters = &blockIPActionParameters30
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters30 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters30.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters30.ErrorPageId = helper.String(v)
+ }
+
+ securityAction30.ReturnCustomPageActionParameters = &returnCustomPageActionParameters30
+ }
+
+ sessionRateControl.LowRateSessionAction = &securityAction30
+ }
+
+ botSessionValidation.SessionRateControl = &sessionRateControl
+ }
+
+ browserImpersonationDetectionAction.BotSessionValidation = &botSessionValidation
+ }
+
+ if clientBehaviorDetectionMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["client_behavior_detection"]); ok {
+ clientBehaviorDetection := teov20220901.ClientBehaviorDetection{}
+ if v, ok := clientBehaviorDetectionMap["crypto_challenge_intensity"].(string); ok && v != "" {
+ clientBehaviorDetection.CryptoChallengeIntensity = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["crypto_challenge_delay_before"].(string); ok && v != "" {
+ clientBehaviorDetection.CryptoChallengeDelayBefore = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["max_challenge_count_interval"].(string); ok && v != "" {
+ clientBehaviorDetection.MaxChallengeCountInterval = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["max_challenge_count_threshold"].(int); ok {
+ clientBehaviorDetection.MaxChallengeCountThreshold = helper.IntInt64(v)
+ }
+
+ if challengeNotFinishedActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["challenge_not_finished_action"]); ok {
+ securityAction31 := teov20220901.SecurityAction{}
+ if v, ok := challengeNotFinishedActionMap["name"].(string); ok && v != "" {
+ securityAction31.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["deny_action_parameters"]); ok {
+ denyActionParameters31 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters31.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters31.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters31.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters31.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters31.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters31.Stall = helper.String(v)
+ }
+
+ securityAction31.DenyActionParameters = &denyActionParameters31
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters31 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters31.URL = helper.String(v)
+ }
+
+ securityAction31.RedirectActionParameters = &redirectActionParameters31
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["allow_action_parameters"]); ok {
+ allowActionParameters31 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters31.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters31.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction31.AllowActionParameters = &allowActionParameters31
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters31 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters31.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters31.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters31.AttesterId = helper.String(v)
+ }
+
+ securityAction31.ChallengeActionParameters = &challengeActionParameters31
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters31 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters31.Duration = helper.String(v)
+ }
+
+ securityAction31.BlockIPActionParameters = &blockIPActionParameters31
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters31 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters31.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters31.ErrorPageId = helper.String(v)
+ }
+
+ securityAction31.ReturnCustomPageActionParameters = &returnCustomPageActionParameters31
+ }
+
+ clientBehaviorDetection.ChallengeNotFinishedAction = &securityAction31
+ }
+
+ if challengeTimeoutActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["challenge_timeout_action"]); ok {
+ securityAction32 := teov20220901.SecurityAction{}
+ if v, ok := challengeTimeoutActionMap["name"].(string); ok && v != "" {
+ securityAction32.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["deny_action_parameters"]); ok {
+ denyActionParameters32 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters32.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters32.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters32.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters32.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters32.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters32.Stall = helper.String(v)
+ }
+
+ securityAction32.DenyActionParameters = &denyActionParameters32
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters32 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters32.URL = helper.String(v)
+ }
+
+ securityAction32.RedirectActionParameters = &redirectActionParameters32
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["allow_action_parameters"]); ok {
+ allowActionParameters32 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters32.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters32.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction32.AllowActionParameters = &allowActionParameters32
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters32 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters32.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters32.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters32.AttesterId = helper.String(v)
+ }
+
+ securityAction32.ChallengeActionParameters = &challengeActionParameters32
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters32 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters32.Duration = helper.String(v)
+ }
+
+ securityAction32.BlockIPActionParameters = &blockIPActionParameters32
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters32 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters32.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters32.ErrorPageId = helper.String(v)
+ }
+
+ securityAction32.ReturnCustomPageActionParameters = &returnCustomPageActionParameters32
+ }
+
+ clientBehaviorDetection.ChallengeTimeoutAction = &securityAction32
+ }
+
+ if botClientActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["bot_client_action"]); ok {
+ securityAction33 := teov20220901.SecurityAction{}
+ if v, ok := botClientActionMap["name"].(string); ok && v != "" {
+ securityAction33.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["deny_action_parameters"]); ok {
+ denyActionParameters33 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters33.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters33.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters33.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters33.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters33.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters33.Stall = helper.String(v)
+ }
+
+ securityAction33.DenyActionParameters = &denyActionParameters33
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters33 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters33.URL = helper.String(v)
+ }
+
+ securityAction33.RedirectActionParameters = &redirectActionParameters33
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["allow_action_parameters"]); ok {
+ allowActionParameters33 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters33.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters33.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction33.AllowActionParameters = &allowActionParameters33
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters33 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters33.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters33.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters33.AttesterId = helper.String(v)
+ }
+
+ securityAction33.ChallengeActionParameters = &challengeActionParameters33
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters33 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters33.Duration = helper.String(v)
+ }
+
+ securityAction33.BlockIPActionParameters = &blockIPActionParameters33
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters33 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters33.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters33.ErrorPageId = helper.String(v)
+ }
+
+ securityAction33.ReturnCustomPageActionParameters = &returnCustomPageActionParameters33
+ }
+
+ clientBehaviorDetection.BotClientAction = &securityAction33
+ }
+
+ browserImpersonationDetectionAction.ClientBehaviorDetection = &clientBehaviorDetection
+ }
+
+ browserImpersonationDetectionRule.Action = &browserImpersonationDetectionAction
+ }
+
+ browserImpersonationDetection.Rules = append(browserImpersonationDetection.Rules, &browserImpersonationDetectionRule)
+ }
+ }
+
+ botManagement.BrowserImpersonationDetection = &browserImpersonationDetection
+ }
+
+ securityPolicy.BotManagement = &botManagement
+ }
+
+ request.SecurityPolicy = &securityPolicy
+ }
+
+ reqErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseTeoV20220901Client().CreateWebSecurityTemplateWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ if result == nil || result.Response == nil {
+ return resource.NonRetryableError(fmt.Errorf("Create teo web security template failed, Response is nil."))
+ }
+
+ response = result
+ return nil
+ })
+
+ if reqErr != nil {
+ log.Printf("[CRITAL]%s create teo web security template failed, reason:%+v", logId, reqErr)
+ return reqErr
+ }
+
+ if response.Response.TemplateId == nil {
+ return fmt.Errorf("TemplateId is nil.")
+ }
+
+ templateId = *response.Response.TemplateId
+ d.SetId(strings.Join([]string{zoneId, templateId}, tccommon.FILED_SP))
+ return resourceTencentCloudTeoWebSecurityTemplateRead(d, meta)
+}
+
+func resourceTencentCloudTeoWebSecurityTemplateRead(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_teo_web_security_template.read")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ var (
+ logId = tccommon.GetLogId(tccommon.ContextNil)
+ ctx = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+ service = TeoService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+ )
+
+ idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", d.Id())
+ }
+
+ zoneId := idSplit[0]
+ templateId := idSplit[1]
+
+ respData, err := service.DescribeTeoWebSecurityTemplateById(ctx, zoneId, templateId)
+ if err != nil {
+ return err
+ }
+
+ respData1, err := service.DescribeTeoWebSecurityTemplatesById(ctx, zoneId, templateId)
+ if err != nil {
+ return err
+ }
+
+ if respData == nil || respData1 == nil {
+ log.Printf("[WARN]%s resource `tencentcloud_teo_web_security_template` [%s] not found, please check if it has been deleted.", logId, d.Id())
+ d.SetId("")
+ return nil
+ }
+
+ if respData1.ZoneId != nil {
+ _ = d.Set("zone_id", respData1.ZoneId)
+ }
+
+ if respData1.TemplateId != nil {
+ _ = d.Set("template_id", respData1.TemplateId)
+ }
+
+ if respData1.TemplateName != nil {
+ _ = d.Set("template_name", respData1.TemplateName)
+ }
+
+ tmpList := make([]map[string]interface{}, 0, 1)
+ tmpMap := make(map[string]interface{}, 0)
+ if respData.CustomRules != nil {
+ customRulesMap := map[string]interface{}{}
+ rulesList := make([]map[string]interface{}, 0, len(respData.CustomRules.Rules))
+ if respData.CustomRules.Rules != nil {
+ for _, rules := range respData.CustomRules.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if rules.Action != nil {
+ if rules.Action.Name != nil {
+ actionMap["name"] = rules.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.DenyActionParameters != nil {
+ if rules.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.RedirectActionParameters != nil {
+ if rules.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.AllowActionParameters != nil {
+ if rules.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ChallengeActionParameters != nil {
+ if rules.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BlockIPActionParameters != nil {
+ if rules.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ReturnCustomPageActionParameters != nil {
+ if rules.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ rulesMap["action"] = []interface{}{actionMap}
+ }
+
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.RuleType != nil {
+ rulesMap["rule_type"] = rules.RuleType
+ }
+
+ if rules.Priority != nil {
+ rulesMap["priority"] = rules.Priority
+ }
+
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ customRulesMap["rules"] = rulesList
+ }
+
+ tmpMap["custom_rules"] = []interface{}{customRulesMap}
+ }
+
+ if respData.ManagedRules != nil {
+ managedRulesMap := map[string]interface{}{}
+ if respData.ManagedRules.Enabled != nil {
+ managedRulesMap["enabled"] = respData.ManagedRules.Enabled
+ }
+
+ if respData.ManagedRules.DetectionOnly != nil {
+ managedRulesMap["detection_only"] = respData.ManagedRules.DetectionOnly
+ }
+
+ if respData.ManagedRules.SemanticAnalysis != nil {
+ managedRulesMap["semantic_analysis"] = respData.ManagedRules.SemanticAnalysis
+ }
+
+ autoUpdateMap := map[string]interface{}{}
+
+ if respData.ManagedRules.AutoUpdate != nil {
+ if respData.ManagedRules.AutoUpdate.AutoUpdateToLatestVersion != nil {
+ autoUpdateMap["auto_update_to_latest_version"] = respData.ManagedRules.AutoUpdate.AutoUpdateToLatestVersion
+ }
+
+ if respData.ManagedRules.AutoUpdate.RulesetVersion != nil {
+ autoUpdateMap["ruleset_version"] = respData.ManagedRules.AutoUpdate.RulesetVersion
+ }
+
+ managedRulesMap["auto_update"] = []interface{}{autoUpdateMap}
+ }
+
+ managedRuleGroupsList := make([]map[string]interface{}, 0, len(respData.ManagedRules.ManagedRuleGroups))
+ if respData.ManagedRules.ManagedRuleGroups != nil {
+ for _, managedRuleGroups := range respData.ManagedRules.ManagedRuleGroups {
+ managedRuleGroupsMap := map[string]interface{}{}
+
+ if managedRuleGroups.GroupId != nil {
+ managedRuleGroupsMap["group_id"] = managedRuleGroups.GroupId
+ }
+
+ if managedRuleGroups.SensitivityLevel != nil {
+ managedRuleGroupsMap["sensitivity_level"] = managedRuleGroups.SensitivityLevel
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action != nil {
+ if managedRuleGroups.Action.Name != nil {
+ actionMap["name"] = managedRuleGroups.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.DenyActionParameters != nil {
+ if managedRuleGroups.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = managedRuleGroups.Action.DenyActionParameters.BlockIp
+ }
+
+ if managedRuleGroups.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = managedRuleGroups.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if managedRuleGroups.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = managedRuleGroups.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if managedRuleGroups.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = managedRuleGroups.Action.DenyActionParameters.ResponseCode
+ }
+
+ if managedRuleGroups.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = managedRuleGroups.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if managedRuleGroups.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = managedRuleGroups.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.RedirectActionParameters != nil {
+ if managedRuleGroups.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = managedRuleGroups.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.AllowActionParameters != nil {
+ if managedRuleGroups.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = managedRuleGroups.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if managedRuleGroups.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = managedRuleGroups.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.ChallengeActionParameters != nil {
+ if managedRuleGroups.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = managedRuleGroups.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if managedRuleGroups.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = managedRuleGroups.Action.ChallengeActionParameters.Interval
+ }
+
+ if managedRuleGroups.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = managedRuleGroups.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.BlockIPActionParameters != nil {
+ if managedRuleGroups.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = managedRuleGroups.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if managedRuleGroups.Action.ReturnCustomPageActionParameters != nil {
+ if managedRuleGroups.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = managedRuleGroups.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if managedRuleGroups.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = managedRuleGroups.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ managedRuleGroupsMap["action"] = []interface{}{actionMap}
+ }
+
+ ruleActionsList := make([]map[string]interface{}, 0, len(managedRuleGroups.RuleActions))
+ if managedRuleGroups.RuleActions != nil {
+ for _, ruleActions := range managedRuleGroups.RuleActions {
+ ruleActionsMap := map[string]interface{}{}
+
+ if ruleActions.RuleId != nil {
+ ruleActionsMap["rule_id"] = ruleActions.RuleId
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if ruleActions.Action != nil {
+ if ruleActions.Action.Name != nil {
+ actionMap["name"] = ruleActions.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.DenyActionParameters != nil {
+ if ruleActions.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = ruleActions.Action.DenyActionParameters.BlockIp
+ }
+
+ if ruleActions.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = ruleActions.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if ruleActions.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = ruleActions.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if ruleActions.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = ruleActions.Action.DenyActionParameters.ResponseCode
+ }
+
+ if ruleActions.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = ruleActions.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if ruleActions.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = ruleActions.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.RedirectActionParameters != nil {
+ if ruleActions.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = ruleActions.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.AllowActionParameters != nil {
+ if ruleActions.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = ruleActions.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if ruleActions.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = ruleActions.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.ChallengeActionParameters != nil {
+ if ruleActions.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = ruleActions.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if ruleActions.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = ruleActions.Action.ChallengeActionParameters.Interval
+ }
+
+ if ruleActions.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = ruleActions.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.BlockIPActionParameters != nil {
+ if ruleActions.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = ruleActions.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if ruleActions.Action.ReturnCustomPageActionParameters != nil {
+ if ruleActions.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = ruleActions.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if ruleActions.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = ruleActions.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ ruleActionsMap["action"] = []interface{}{actionMap}
+ }
+
+ ruleActionsList = append(ruleActionsList, ruleActionsMap)
+ }
+
+ managedRuleGroupsMap["rule_actions"] = ruleActionsList
+ }
+ metaDataMap := map[string]interface{}{}
+
+ if managedRuleGroups.MetaData != nil {
+ if managedRuleGroups.MetaData.GroupDetail != nil {
+ metaDataMap["group_detail"] = managedRuleGroups.MetaData.GroupDetail
+ }
+
+ if managedRuleGroups.MetaData.GroupName != nil {
+ metaDataMap["group_name"] = managedRuleGroups.MetaData.GroupName
+ }
+
+ ruleDetailsList := make([]map[string]interface{}, 0, len(managedRuleGroups.MetaData.RuleDetails))
+ if managedRuleGroups.MetaData.RuleDetails != nil {
+ for _, ruleDetails := range managedRuleGroups.MetaData.RuleDetails {
+ ruleDetailsMap := map[string]interface{}{}
+
+ if ruleDetails.RuleId != nil {
+ ruleDetailsMap["rule_id"] = ruleDetails.RuleId
+ }
+
+ if ruleDetails.RiskLevel != nil {
+ ruleDetailsMap["risk_level"] = ruleDetails.RiskLevel
+ }
+
+ if ruleDetails.Description != nil {
+ ruleDetailsMap["description"] = ruleDetails.Description
+ }
+
+ if ruleDetails.Tags != nil {
+ ruleDetailsMap["tags"] = ruleDetails.Tags
+ }
+
+ if ruleDetails.RuleVersion != nil {
+ ruleDetailsMap["rule_version"] = ruleDetails.RuleVersion
+ }
+
+ ruleDetailsList = append(ruleDetailsList, ruleDetailsMap)
+ }
+
+ metaDataMap["rule_details"] = ruleDetailsList
+ }
+ managedRuleGroupsMap["meta_data"] = []interface{}{metaDataMap}
+ }
+
+ managedRuleGroupsList = append(managedRuleGroupsList, managedRuleGroupsMap)
+ }
+
+ managedRulesMap["managed_rule_groups"] = managedRuleGroupsList
+ }
+ frequentScanningProtectionMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Enabled != nil {
+ frequentScanningProtectionMap["enabled"] = respData.ManagedRules.FrequentScanningProtection.Enabled
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.Name != nil {
+ actionMap["name"] = respData.ManagedRules.FrequentScanningProtection.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.BlockIp
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ResponseCode
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.ManagedRules.FrequentScanningProtection.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.RedirectActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.ManagedRules.FrequentScanningProtection.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.AllowActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.ManagedRules.FrequentScanningProtection.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.ManagedRules.FrequentScanningProtection.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.Interval
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.ManagedRules.FrequentScanningProtection.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.BlockIPActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.ManagedRules.FrequentScanningProtection.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.ReturnCustomPageActionParameters != nil {
+ if respData.ManagedRules.FrequentScanningProtection.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.ManagedRules.FrequentScanningProtection.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.ManagedRules.FrequentScanningProtection.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ frequentScanningProtectionMap["action"] = []interface{}{actionMap}
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.CountBy != nil {
+ frequentScanningProtectionMap["count_by"] = respData.ManagedRules.FrequentScanningProtection.CountBy
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.BlockThreshold != nil {
+ frequentScanningProtectionMap["block_threshold"] = respData.ManagedRules.FrequentScanningProtection.BlockThreshold
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.CountingPeriod != nil {
+ frequentScanningProtectionMap["counting_period"] = respData.ManagedRules.FrequentScanningProtection.CountingPeriod
+ }
+
+ if respData.ManagedRules.FrequentScanningProtection.ActionDuration != nil {
+ frequentScanningProtectionMap["action_duration"] = respData.ManagedRules.FrequentScanningProtection.ActionDuration
+ }
+
+ managedRulesMap["frequent_scanning_protection"] = []interface{}{frequentScanningProtectionMap}
+ }
+
+ tmpMap["managed_rules"] = []interface{}{managedRulesMap}
+ }
+
+ if respData.HttpDDoSProtection != nil {
+ httpDDoSProtectionMap := map[string]interface{}{}
+ adaptiveFrequencyControlMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Enabled != nil {
+ adaptiveFrequencyControlMap["enabled"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Enabled
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Sensitivity != nil {
+ adaptiveFrequencyControlMap["sensitivity"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Sensitivity
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.Name != nil {
+ actionMap["name"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.BlockIp
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.RedirectActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.AllowActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.Interval
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.BlockIPActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ReturnCustomPageActionParameters != nil {
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.AdaptiveFrequencyControl.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ adaptiveFrequencyControlMap["action"] = []interface{}{actionMap}
+ }
+
+ httpDDoSProtectionMap["adaptive_frequency_control"] = []interface{}{adaptiveFrequencyControlMap}
+ }
+
+ clientFilteringMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Enabled != nil {
+ clientFilteringMap["enabled"] = respData.HttpDDoSProtection.ClientFiltering.Enabled
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.Name != nil {
+ actionMap["name"] = respData.HttpDDoSProtection.ClientFiltering.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.BlockIp
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.HttpDDoSProtection.ClientFiltering.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.RedirectActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.HttpDDoSProtection.ClientFiltering.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.AllowActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.HttpDDoSProtection.ClientFiltering.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.HttpDDoSProtection.ClientFiltering.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.Interval
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.HttpDDoSProtection.ClientFiltering.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.BlockIPActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.HttpDDoSProtection.ClientFiltering.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ReturnCustomPageActionParameters != nil {
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.HttpDDoSProtection.ClientFiltering.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.ClientFiltering.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.ClientFiltering.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ clientFilteringMap["action"] = []interface{}{actionMap}
+ }
+
+ httpDDoSProtectionMap["client_filtering"] = []interface{}{clientFilteringMap}
+ }
+
+ bandwidthAbuseDefenseMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Enabled != nil {
+ bandwidthAbuseDefenseMap["enabled"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Enabled
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.Name != nil {
+ actionMap["name"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.BlockIp
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.RedirectActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.AllowActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.Interval
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.BlockIPActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ReturnCustomPageActionParameters != nil {
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.BandwidthAbuseDefense.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ bandwidthAbuseDefenseMap["action"] = []interface{}{actionMap}
+ }
+
+ httpDDoSProtectionMap["bandwidth_abuse_defense"] = []interface{}{bandwidthAbuseDefenseMap}
+ }
+
+ slowAttackDefenseMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Enabled != nil {
+ slowAttackDefenseMap["enabled"] = respData.HttpDDoSProtection.SlowAttackDefense.Enabled
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.Name != nil {
+ actionMap["name"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.BlockIp
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.RedirectActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.AllowActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.Interval
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.BlockIPActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ReturnCustomPageActionParameters != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.HttpDDoSProtection.SlowAttackDefense.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ slowAttackDefenseMap["action"] = []interface{}{actionMap}
+ }
+
+ minimalRequestBodyTransferRateMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.MinimalAvgTransferRateThreshold != nil {
+ minimalRequestBodyTransferRateMap["minimal_avg_transfer_rate_threshold"] = respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.MinimalAvgTransferRateThreshold
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.CountingPeriod != nil {
+ minimalRequestBodyTransferRateMap["counting_period"] = respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.CountingPeriod
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.Enabled != nil {
+ minimalRequestBodyTransferRateMap["enabled"] = respData.HttpDDoSProtection.SlowAttackDefense.MinimalRequestBodyTransferRate.Enabled
+ }
+
+ slowAttackDefenseMap["minimal_request_body_transfer_rate"] = []interface{}{minimalRequestBodyTransferRateMap}
+ }
+
+ requestBodyTransferTimeoutMap := map[string]interface{}{}
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.RequestBodyTransferTimeout != nil {
+ if respData.HttpDDoSProtection.SlowAttackDefense.RequestBodyTransferTimeout.IdleTimeout != nil {
+ requestBodyTransferTimeoutMap["idle_timeout"] = respData.HttpDDoSProtection.SlowAttackDefense.RequestBodyTransferTimeout.IdleTimeout
+ }
+
+ if respData.HttpDDoSProtection.SlowAttackDefense.RequestBodyTransferTimeout.Enabled != nil {
+ requestBodyTransferTimeoutMap["enabled"] = respData.HttpDDoSProtection.SlowAttackDefense.RequestBodyTransferTimeout.Enabled
+ }
+
+ slowAttackDefenseMap["request_body_transfer_timeout"] = []interface{}{requestBodyTransferTimeoutMap}
+ }
+
+ httpDDoSProtectionMap["slow_attack_defense"] = []interface{}{slowAttackDefenseMap}
+ }
+
+ tmpMap["http_ddos_protection"] = []interface{}{httpDDoSProtectionMap}
+ }
+
+ if respData.RateLimitingRules != nil {
+ rateLimitingRulesMap := map[string]interface{}{}
+ rulesList := make([]map[string]interface{}, 0, len(respData.RateLimitingRules.Rules))
+ if respData.RateLimitingRules.Rules != nil {
+ for _, rules := range respData.RateLimitingRules.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ if rules.CountBy != nil {
+ rulesMap["count_by"] = rules.CountBy
+ }
+
+ if rules.MaxRequestThreshold != nil {
+ rulesMap["max_request_threshold"] = rules.MaxRequestThreshold
+ }
+
+ if rules.CountingPeriod != nil {
+ rulesMap["counting_period"] = rules.CountingPeriod
+ }
+
+ if rules.ActionDuration != nil {
+ rulesMap["action_duration"] = rules.ActionDuration
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if rules.Action != nil {
+ if rules.Action.Name != nil {
+ actionMap["name"] = rules.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.DenyActionParameters != nil {
+ if rules.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.RedirectActionParameters != nil {
+ if rules.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.AllowActionParameters != nil {
+ if rules.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ChallengeActionParameters != nil {
+ if rules.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BlockIPActionParameters != nil {
+ if rules.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ReturnCustomPageActionParameters != nil {
+ if rules.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ rulesMap["action"] = []interface{}{actionMap}
+ }
+
+ if rules.Priority != nil {
+ rulesMap["priority"] = rules.Priority
+ }
+
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ rateLimitingRulesMap["rules"] = rulesList
+ }
+
+ tmpMap["rate_limiting_rules"] = []interface{}{rateLimitingRulesMap}
+ }
+
+ if respData.ExceptionRules != nil {
+ exceptionRulesMap := map[string]interface{}{}
+ rulesList := make([]map[string]interface{}, 0, len(respData.ExceptionRules.Rules))
+ if respData.ExceptionRules.Rules != nil {
+ for _, rules := range respData.ExceptionRules.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ if rules.SkipScope != nil {
+ rulesMap["skip_scope"] = rules.SkipScope
+ }
+
+ if rules.SkipOption != nil {
+ rulesMap["skip_option"] = rules.SkipOption
+ }
+
+ if rules.WebSecurityModulesForException != nil {
+ rulesMap["web_security_modules_for_exception"] = rules.WebSecurityModulesForException
+ }
+
+ if rules.ManagedRulesForException != nil {
+ rulesMap["managed_rules_for_exception"] = rules.ManagedRulesForException
+ }
+
+ if rules.ManagedRuleGroupsForException != nil {
+ rulesMap["managed_rule_groups_for_exception"] = rules.ManagedRuleGroupsForException
+ }
+
+ requestFieldsForExceptionList := make([]map[string]interface{}, 0, len(rules.RequestFieldsForException))
+ if rules.RequestFieldsForException != nil {
+ for _, requestFieldsForException := range rules.RequestFieldsForException {
+ requestFieldsForExceptionMap := map[string]interface{}{}
+
+ if requestFieldsForException.Scope != nil {
+ requestFieldsForExceptionMap["scope"] = requestFieldsForException.Scope
+ }
+
+ if requestFieldsForException.Condition != nil {
+ requestFieldsForExceptionMap["condition"] = requestFieldsForException.Condition
+ }
+
+ if requestFieldsForException.TargetField != nil {
+ requestFieldsForExceptionMap["target_field"] = requestFieldsForException.TargetField
+ }
+
+ requestFieldsForExceptionList = append(requestFieldsForExceptionList, requestFieldsForExceptionMap)
+ }
+
+ rulesMap["request_fields_for_exception"] = requestFieldsForExceptionList
+ }
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ exceptionRulesMap["rules"] = rulesList
+ }
+
+ tmpMap["exception_rules"] = []interface{}{exceptionRulesMap}
+ }
+
+ if respData.BotManagement != nil {
+ botManagementMap := map[string]interface{}{}
+ if respData.BotManagement.Enabled != nil {
+ botManagementMap["enabled"] = respData.BotManagement.Enabled
+ }
+
+ customRulesMap := map[string]interface{}{}
+
+ if respData.BotManagement.CustomRules != nil {
+ rulesList := make([]map[string]interface{}, 0, len(respData.BotManagement.CustomRules.Rules))
+ if respData.BotManagement.CustomRules.Rules != nil {
+ for _, rules := range respData.BotManagement.CustomRules.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ if rules.Priority != nil {
+ rulesMap["priority"] = rules.Priority
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ actionList := make([]map[string]interface{}, 0, len(rules.Action))
+ if rules.Action != nil {
+ for _, action := range rules.Action {
+ actionMap := map[string]interface{}{}
+
+ securityActionMap := map[string]interface{}{}
+
+ if action.SecurityAction != nil {
+ if action.SecurityAction.Name != nil {
+ securityActionMap["name"] = action.SecurityAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.DenyActionParameters != nil {
+ if action.SecurityAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = action.SecurityAction.DenyActionParameters.BlockIp
+ }
+
+ if action.SecurityAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = action.SecurityAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if action.SecurityAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = action.SecurityAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if action.SecurityAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = action.SecurityAction.DenyActionParameters.ResponseCode
+ }
+
+ if action.SecurityAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = action.SecurityAction.DenyActionParameters.ErrorPageId
+ }
+
+ if action.SecurityAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = action.SecurityAction.DenyActionParameters.Stall
+ }
+
+ securityActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.RedirectActionParameters != nil {
+ if action.SecurityAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = action.SecurityAction.RedirectActionParameters.URL
+ }
+
+ securityActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.AllowActionParameters != nil {
+ if action.SecurityAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = action.SecurityAction.AllowActionParameters.MinDelayTime
+ }
+
+ if action.SecurityAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = action.SecurityAction.AllowActionParameters.MaxDelayTime
+ }
+
+ securityActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.ChallengeActionParameters != nil {
+ if action.SecurityAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = action.SecurityAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if action.SecurityAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = action.SecurityAction.ChallengeActionParameters.Interval
+ }
+
+ if action.SecurityAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = action.SecurityAction.ChallengeActionParameters.AttesterId
+ }
+
+ securityActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.BlockIPActionParameters != nil {
+ if action.SecurityAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = action.SecurityAction.BlockIPActionParameters.Duration
+ }
+
+ securityActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if action.SecurityAction.ReturnCustomPageActionParameters != nil {
+ if action.SecurityAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = action.SecurityAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if action.SecurityAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = action.SecurityAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ securityActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ actionMap["security_action"] = []interface{}{securityActionMap}
+ }
+
+ if action.Weight != nil {
+ actionMap["weight"] = action.Weight
+ }
+
+ actionList = append(actionList, actionMap)
+ }
+
+ rulesMap["action"] = actionList
+ }
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ customRulesMap["rules"] = rulesList
+ }
+ botManagementMap["custom_rules"] = []interface{}{customRulesMap}
+ }
+
+ basicBotSettingsMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings != nil {
+ sourceIDCMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC != nil {
+ baseActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.Name != nil {
+ baseActionMap["name"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.DenyActionParameters.Stall
+ }
+
+ baseActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.RedirectActionParameters.URL
+ }
+
+ baseActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.AllowActionParameters.MaxDelayTime
+ }
+
+ baseActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ChallengeActionParameters.AttesterId
+ }
+
+ baseActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.BlockIPActionParameters.Duration
+ }
+
+ baseActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.SourceIDC.BaseAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ baseActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ sourceIDCMap["base_action"] = []interface{}{baseActionMap}
+ }
+
+ botManagementActionOverridesList := make([]map[string]interface{}, 0, len(respData.BotManagement.BasicBotSettings.SourceIDC.BotManagementActionOverrides))
+ if respData.BotManagement.BasicBotSettings.SourceIDC.BotManagementActionOverrides != nil {
+ for _, botManagementActionOverrides := range respData.BotManagement.BasicBotSettings.SourceIDC.BotManagementActionOverrides {
+ botManagementActionOverridesMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Ids != nil {
+ botManagementActionOverridesMap["ids"] = botManagementActionOverrides.Ids
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action != nil {
+ if botManagementActionOverrides.Action.Name != nil {
+ actionMap["name"] = botManagementActionOverrides.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.DenyActionParameters != nil {
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIp
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = botManagementActionOverrides.Action.DenyActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = botManagementActionOverrides.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.RedirectActionParameters != nil {
+ if botManagementActionOverrides.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = botManagementActionOverrides.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.AllowActionParameters != nil {
+ if botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters != nil {
+ if botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = botManagementActionOverrides.Action.ChallengeActionParameters.Interval
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.BlockIPActionParameters != nil {
+ if botManagementActionOverrides.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = botManagementActionOverrides.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters != nil {
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botManagementActionOverridesMap["action"] = []interface{}{actionMap}
+ }
+
+ botManagementActionOverridesList = append(botManagementActionOverridesList, botManagementActionOverridesMap)
+ }
+
+ sourceIDCMap["bot_management_action_overrides"] = botManagementActionOverridesList
+ }
+ basicBotSettingsMap["source_idc"] = []interface{}{sourceIDCMap}
+ }
+
+ searchEngineBotsMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots != nil {
+ baseActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.Name != nil {
+ baseActionMap["name"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.DenyActionParameters.Stall
+ }
+
+ baseActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.RedirectActionParameters.URL
+ }
+
+ baseActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.AllowActionParameters.MaxDelayTime
+ }
+
+ baseActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ChallengeActionParameters.AttesterId
+ }
+
+ baseActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.BlockIPActionParameters.Duration
+ }
+
+ baseActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.SearchEngineBots.BaseAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ baseActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ searchEngineBotsMap["base_action"] = []interface{}{baseActionMap}
+ }
+
+ botManagementActionOverridesList := make([]map[string]interface{}, 0, len(respData.BotManagement.BasicBotSettings.SearchEngineBots.BotManagementActionOverrides))
+ if respData.BotManagement.BasicBotSettings.SearchEngineBots.BotManagementActionOverrides != nil {
+ for _, botManagementActionOverrides := range respData.BotManagement.BasicBotSettings.SearchEngineBots.BotManagementActionOverrides {
+ botManagementActionOverridesMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Ids != nil {
+ botManagementActionOverridesMap["ids"] = botManagementActionOverrides.Ids
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action != nil {
+ if botManagementActionOverrides.Action.Name != nil {
+ actionMap["name"] = botManagementActionOverrides.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.DenyActionParameters != nil {
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIp
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = botManagementActionOverrides.Action.DenyActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = botManagementActionOverrides.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.RedirectActionParameters != nil {
+ if botManagementActionOverrides.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = botManagementActionOverrides.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.AllowActionParameters != nil {
+ if botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters != nil {
+ if botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = botManagementActionOverrides.Action.ChallengeActionParameters.Interval
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.BlockIPActionParameters != nil {
+ if botManagementActionOverrides.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = botManagementActionOverrides.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters != nil {
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botManagementActionOverridesMap["action"] = []interface{}{actionMap}
+ }
+
+ botManagementActionOverridesList = append(botManagementActionOverridesList, botManagementActionOverridesMap)
+ }
+
+ searchEngineBotsMap["bot_management_action_overrides"] = botManagementActionOverridesList
+ }
+ basicBotSettingsMap["search_engine_bots"] = []interface{}{searchEngineBotsMap}
+ }
+
+ knownBotCategoriesMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories != nil {
+ baseActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.Name != nil {
+ baseActionMap["name"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.DenyActionParameters.Stall
+ }
+
+ baseActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.RedirectActionParameters.URL
+ }
+
+ baseActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.AllowActionParameters.MaxDelayTime
+ }
+
+ baseActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ChallengeActionParameters.AttesterId
+ }
+
+ baseActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.BlockIPActionParameters.Duration
+ }
+
+ baseActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.KnownBotCategories.BaseAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ baseActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ knownBotCategoriesMap["base_action"] = []interface{}{baseActionMap}
+ }
+
+ botManagementActionOverridesList := make([]map[string]interface{}, 0, len(respData.BotManagement.BasicBotSettings.KnownBotCategories.BotManagementActionOverrides))
+ if respData.BotManagement.BasicBotSettings.KnownBotCategories.BotManagementActionOverrides != nil {
+ for _, botManagementActionOverrides := range respData.BotManagement.BasicBotSettings.KnownBotCategories.BotManagementActionOverrides {
+ botManagementActionOverridesMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Ids != nil {
+ botManagementActionOverridesMap["ids"] = botManagementActionOverrides.Ids
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action != nil {
+ if botManagementActionOverrides.Action.Name != nil {
+ actionMap["name"] = botManagementActionOverrides.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.DenyActionParameters != nil {
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIp
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = botManagementActionOverrides.Action.DenyActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = botManagementActionOverrides.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.RedirectActionParameters != nil {
+ if botManagementActionOverrides.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = botManagementActionOverrides.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.AllowActionParameters != nil {
+ if botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters != nil {
+ if botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = botManagementActionOverrides.Action.ChallengeActionParameters.Interval
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.BlockIPActionParameters != nil {
+ if botManagementActionOverrides.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = botManagementActionOverrides.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters != nil {
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botManagementActionOverridesMap["action"] = []interface{}{actionMap}
+ }
+
+ botManagementActionOverridesList = append(botManagementActionOverridesList, botManagementActionOverridesMap)
+ }
+
+ knownBotCategoriesMap["bot_management_action_overrides"] = botManagementActionOverridesList
+ }
+ basicBotSettingsMap["known_bot_categories"] = []interface{}{knownBotCategoriesMap}
+ }
+
+ iPReputationMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.Enabled != nil {
+ iPReputationMap["enabled"] = respData.BotManagement.BasicBotSettings.IPReputation.Enabled
+ }
+
+ iPReputationGroupMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup != nil {
+ baseActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.Name != nil {
+ baseActionMap["name"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.DenyActionParameters.Stall
+ }
+
+ baseActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.RedirectActionParameters.URL
+ }
+
+ baseActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.AllowActionParameters.MaxDelayTime
+ }
+
+ baseActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ChallengeActionParameters.AttesterId
+ }
+
+ baseActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.BlockIPActionParameters.Duration
+ }
+
+ baseActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BaseAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ baseActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ iPReputationGroupMap["base_action"] = []interface{}{baseActionMap}
+ }
+
+ botManagementActionOverridesList := make([]map[string]interface{}, 0, len(respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BotManagementActionOverrides))
+ if respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BotManagementActionOverrides != nil {
+ for _, botManagementActionOverrides := range respData.BotManagement.BasicBotSettings.IPReputation.IPReputationGroup.BotManagementActionOverrides {
+ botManagementActionOverridesMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Ids != nil {
+ botManagementActionOverridesMap["ids"] = botManagementActionOverrides.Ids
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action != nil {
+ if botManagementActionOverrides.Action.Name != nil {
+ actionMap["name"] = botManagementActionOverrides.Action.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.DenyActionParameters != nil {
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIp
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = botManagementActionOverrides.Action.DenyActionParameters.BlockIpDuration
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = botManagementActionOverrides.Action.DenyActionParameters.ReturnCustomPage
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = botManagementActionOverrides.Action.DenyActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.DenyActionParameters.ErrorPageId
+ }
+
+ if botManagementActionOverrides.Action.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = botManagementActionOverrides.Action.DenyActionParameters.Stall
+ }
+
+ actionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.RedirectActionParameters != nil {
+ if botManagementActionOverrides.Action.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = botManagementActionOverrides.Action.RedirectActionParameters.URL
+ }
+
+ actionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.AllowActionParameters != nil {
+ if botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MinDelayTime
+ }
+
+ if botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = botManagementActionOverrides.Action.AllowActionParameters.MaxDelayTime
+ }
+
+ actionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters != nil {
+ if botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = botManagementActionOverrides.Action.ChallengeActionParameters.ChallengeOption
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = botManagementActionOverrides.Action.ChallengeActionParameters.Interval
+ }
+
+ if botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = botManagementActionOverrides.Action.ChallengeActionParameters.AttesterId
+ }
+
+ actionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.BlockIPActionParameters != nil {
+ if botManagementActionOverrides.Action.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = botManagementActionOverrides.Action.BlockIPActionParameters.Duration
+ }
+
+ actionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters != nil {
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = botManagementActionOverrides.Action.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ actionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botManagementActionOverridesMap["action"] = []interface{}{actionMap}
+ }
+
+ botManagementActionOverridesList = append(botManagementActionOverridesList, botManagementActionOverridesMap)
+ }
+
+ iPReputationGroupMap["bot_management_action_overrides"] = botManagementActionOverridesList
+ }
+ iPReputationMap["ip_reputation_group"] = []interface{}{iPReputationGroupMap}
+ }
+
+ basicBotSettingsMap["ip_reputation"] = []interface{}{iPReputationMap}
+ }
+
+ botIntelligenceMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence != nil {
+ botRatingsMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings != nil {
+ highRiskBotRequestsActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.Name != nil {
+ highRiskBotRequestsActionMap["name"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.DenyActionParameters.Stall
+ }
+
+ highRiskBotRequestsActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.RedirectActionParameters.URL
+ }
+
+ highRiskBotRequestsActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.AllowActionParameters.MaxDelayTime
+ }
+
+ highRiskBotRequestsActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ChallengeActionParameters.AttesterId
+ }
+
+ highRiskBotRequestsActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.BlockIPActionParameters.Duration
+ }
+
+ highRiskBotRequestsActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HighRiskBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ highRiskBotRequestsActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botRatingsMap["high_risk_bot_requests_action"] = []interface{}{highRiskBotRequestsActionMap}
+ }
+
+ likelyBotRequestsActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.Name != nil {
+ likelyBotRequestsActionMap["name"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.DenyActionParameters.Stall
+ }
+
+ likelyBotRequestsActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.RedirectActionParameters.URL
+ }
+
+ likelyBotRequestsActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.AllowActionParameters.MaxDelayTime
+ }
+
+ likelyBotRequestsActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ChallengeActionParameters.AttesterId
+ }
+
+ likelyBotRequestsActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.BlockIPActionParameters.Duration
+ }
+
+ likelyBotRequestsActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.LikelyBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ likelyBotRequestsActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botRatingsMap["likely_bot_requests_action"] = []interface{}{likelyBotRequestsActionMap}
+ }
+
+ verifiedBotRequestsActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.Name != nil {
+ verifiedBotRequestsActionMap["name"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.DenyActionParameters.Stall
+ }
+
+ verifiedBotRequestsActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.RedirectActionParameters.URL
+ }
+
+ verifiedBotRequestsActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.AllowActionParameters.MaxDelayTime
+ }
+
+ verifiedBotRequestsActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ChallengeActionParameters.AttesterId
+ }
+
+ verifiedBotRequestsActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.BlockIPActionParameters.Duration
+ }
+
+ verifiedBotRequestsActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.VerifiedBotRequestsAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ verifiedBotRequestsActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botRatingsMap["verified_bot_requests_action"] = []interface{}{verifiedBotRequestsActionMap}
+ }
+
+ humanRequestsActionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.Name != nil {
+ humanRequestsActionMap["name"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.BlockIp
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.ErrorPageId
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.DenyActionParameters.Stall
+ }
+
+ humanRequestsActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.RedirectActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.RedirectActionParameters.URL
+ }
+
+ humanRequestsActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.AllowActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.AllowActionParameters.MinDelayTime
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.AllowActionParameters.MaxDelayTime
+ }
+
+ humanRequestsActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.Interval
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ChallengeActionParameters.AttesterId
+ }
+
+ humanRequestsActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.BlockIPActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.BlockIPActionParameters.Duration
+ }
+
+ humanRequestsActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ReturnCustomPageActionParameters != nil {
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = respData.BotManagement.BasicBotSettings.BotIntelligence.BotRatings.HumanRequestsAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ humanRequestsActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botRatingsMap["human_requests_action"] = []interface{}{humanRequestsActionMap}
+ }
+
+ botIntelligenceMap["bot_ratings"] = []interface{}{botRatingsMap}
+ }
+
+ if respData.BotManagement.BasicBotSettings.BotIntelligence.Enabled != nil {
+ botIntelligenceMap["enabled"] = respData.BotManagement.BasicBotSettings.BotIntelligence.Enabled
+ }
+
+ basicBotSettingsMap["bot_intelligence"] = []interface{}{botIntelligenceMap}
+ }
+
+ botManagementMap["basic_bot_settings"] = []interface{}{basicBotSettingsMap}
+ }
+
+ clientAttestationRulesMap := map[string]interface{}{}
+
+ if respData.BotManagement.ClientAttestationRules != nil {
+ rulesList := make([]map[string]interface{}, 0, len(respData.BotManagement.ClientAttestationRules.Rules))
+ if respData.BotManagement.ClientAttestationRules.Rules != nil {
+ for _, rules := range respData.BotManagement.ClientAttestationRules.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ if rules.Priority != nil {
+ rulesMap["priority"] = rules.Priority
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ if rules.AttesterId != nil {
+ rulesMap["attester_id"] = rules.AttesterId
+ }
+
+ deviceProfilesList := make([]map[string]interface{}, 0, len(rules.DeviceProfiles))
+ if rules.DeviceProfiles != nil {
+ for _, deviceProfiles := range rules.DeviceProfiles {
+ deviceProfilesMap := map[string]interface{}{}
+
+ if deviceProfiles.ClientType != nil {
+ deviceProfilesMap["client_type"] = deviceProfiles.ClientType
+ }
+
+ if deviceProfiles.HighRiskMinScore != nil {
+ deviceProfilesMap["high_risk_min_score"] = deviceProfiles.HighRiskMinScore
+ }
+
+ highRiskRequestActionMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction != nil {
+ if deviceProfiles.HighRiskRequestAction.Name != nil {
+ highRiskRequestActionMap["name"] = deviceProfiles.HighRiskRequestAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.BlockIp
+ }
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.ResponseCode
+ }
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.ErrorPageId
+ }
+
+ if deviceProfiles.HighRiskRequestAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = deviceProfiles.HighRiskRequestAction.DenyActionParameters.Stall
+ }
+
+ highRiskRequestActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.RedirectActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = deviceProfiles.HighRiskRequestAction.RedirectActionParameters.URL
+ }
+
+ highRiskRequestActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.AllowActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = deviceProfiles.HighRiskRequestAction.AllowActionParameters.MinDelayTime
+ }
+
+ if deviceProfiles.HighRiskRequestAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = deviceProfiles.HighRiskRequestAction.AllowActionParameters.MaxDelayTime
+ }
+
+ highRiskRequestActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.ChallengeActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.Interval
+ }
+
+ if deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = deviceProfiles.HighRiskRequestAction.ChallengeActionParameters.AttesterId
+ }
+
+ highRiskRequestActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.BlockIPActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = deviceProfiles.HighRiskRequestAction.BlockIPActionParameters.Duration
+ }
+
+ highRiskRequestActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.HighRiskRequestAction.ReturnCustomPageActionParameters != nil {
+ if deviceProfiles.HighRiskRequestAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = deviceProfiles.HighRiskRequestAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if deviceProfiles.HighRiskRequestAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = deviceProfiles.HighRiskRequestAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ highRiskRequestActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ deviceProfilesMap["high_risk_request_action"] = []interface{}{highRiskRequestActionMap}
+ }
+
+ if deviceProfiles.MediumRiskMinScore != nil {
+ deviceProfilesMap["medium_risk_min_score"] = deviceProfiles.MediumRiskMinScore
+ }
+
+ mediumRiskRequestActionMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction != nil {
+ if deviceProfiles.MediumRiskRequestAction.Name != nil {
+ mediumRiskRequestActionMap["name"] = deviceProfiles.MediumRiskRequestAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.BlockIp
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ResponseCode
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.ErrorPageId
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = deviceProfiles.MediumRiskRequestAction.DenyActionParameters.Stall
+ }
+
+ mediumRiskRequestActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.RedirectActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = deviceProfiles.MediumRiskRequestAction.RedirectActionParameters.URL
+ }
+
+ mediumRiskRequestActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.AllowActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = deviceProfiles.MediumRiskRequestAction.AllowActionParameters.MinDelayTime
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = deviceProfiles.MediumRiskRequestAction.AllowActionParameters.MaxDelayTime
+ }
+
+ mediumRiskRequestActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.Interval
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = deviceProfiles.MediumRiskRequestAction.ChallengeActionParameters.AttesterId
+ }
+
+ mediumRiskRequestActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.BlockIPActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = deviceProfiles.MediumRiskRequestAction.BlockIPActionParameters.Duration
+ }
+
+ mediumRiskRequestActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if deviceProfiles.MediumRiskRequestAction.ReturnCustomPageActionParameters != nil {
+ if deviceProfiles.MediumRiskRequestAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = deviceProfiles.MediumRiskRequestAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if deviceProfiles.MediumRiskRequestAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = deviceProfiles.MediumRiskRequestAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ mediumRiskRequestActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ deviceProfilesMap["medium_risk_request_action"] = []interface{}{mediumRiskRequestActionMap}
+ }
+
+ deviceProfilesList = append(deviceProfilesList, deviceProfilesMap)
+ }
+
+ rulesMap["device_profiles"] = deviceProfilesList
+ }
+ invalidAttestationActionMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction != nil {
+ if rules.InvalidAttestationAction.Name != nil {
+ invalidAttestationActionMap["name"] = rules.InvalidAttestationAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.DenyActionParameters != nil {
+ if rules.InvalidAttestationAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.InvalidAttestationAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.InvalidAttestationAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.InvalidAttestationAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.InvalidAttestationAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.InvalidAttestationAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.InvalidAttestationAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.InvalidAttestationAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.InvalidAttestationAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.InvalidAttestationAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.InvalidAttestationAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.InvalidAttestationAction.DenyActionParameters.Stall
+ }
+
+ invalidAttestationActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.RedirectActionParameters != nil {
+ if rules.InvalidAttestationAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.InvalidAttestationAction.RedirectActionParameters.URL
+ }
+
+ invalidAttestationActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.AllowActionParameters != nil {
+ if rules.InvalidAttestationAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.InvalidAttestationAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.InvalidAttestationAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.InvalidAttestationAction.AllowActionParameters.MaxDelayTime
+ }
+
+ invalidAttestationActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.ChallengeActionParameters != nil {
+ if rules.InvalidAttestationAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.InvalidAttestationAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.InvalidAttestationAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.InvalidAttestationAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.InvalidAttestationAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.InvalidAttestationAction.ChallengeActionParameters.AttesterId
+ }
+
+ invalidAttestationActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.BlockIPActionParameters != nil {
+ if rules.InvalidAttestationAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.InvalidAttestationAction.BlockIPActionParameters.Duration
+ }
+
+ invalidAttestationActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.InvalidAttestationAction.ReturnCustomPageActionParameters != nil {
+ if rules.InvalidAttestationAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.InvalidAttestationAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.InvalidAttestationAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.InvalidAttestationAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ invalidAttestationActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ rulesMap["invalid_attestation_action"] = []interface{}{invalidAttestationActionMap}
+ }
+
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ clientAttestationRulesMap["rules"] = rulesList
+ }
+ botManagementMap["client_attestation_rules"] = []interface{}{clientAttestationRulesMap}
+ }
+
+ browserImpersonationDetectionMap := map[string]interface{}{}
+
+ if respData.BotManagement.BrowserImpersonationDetection != nil {
+ rulesList := make([]map[string]interface{}, 0, len(respData.BotManagement.BrowserImpersonationDetection.Rules))
+ if respData.BotManagement.BrowserImpersonationDetection.Rules != nil {
+ for _, rules := range respData.BotManagement.BrowserImpersonationDetection.Rules {
+ rulesMap := map[string]interface{}{}
+
+ if rules.Id != nil {
+ rulesMap["id"] = rules.Id
+ }
+
+ if rules.Name != nil {
+ rulesMap["name"] = rules.Name
+ }
+
+ if rules.Enabled != nil {
+ rulesMap["enabled"] = rules.Enabled
+ }
+
+ if rules.Condition != nil {
+ rulesMap["condition"] = rules.Condition
+ }
+
+ actionMap := map[string]interface{}{}
+
+ if rules.Action != nil {
+ botSessionValidationMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation != nil {
+ if rules.Action.BotSessionValidation.IssueNewBotSessionCookie != nil {
+ botSessionValidationMap["issue_new_bot_session_cookie"] = rules.Action.BotSessionValidation.IssueNewBotSessionCookie
+ }
+
+ maxNewSessionTriggerConfigMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.MaxNewSessionTriggerConfig != nil {
+ if rules.Action.BotSessionValidation.MaxNewSessionTriggerConfig.MaxNewSessionCountInterval != nil {
+ maxNewSessionTriggerConfigMap["max_new_session_count_interval"] = rules.Action.BotSessionValidation.MaxNewSessionTriggerConfig.MaxNewSessionCountInterval
+ }
+
+ if rules.Action.BotSessionValidation.MaxNewSessionTriggerConfig.MaxNewSessionCountThreshold != nil {
+ maxNewSessionTriggerConfigMap["max_new_session_count_threshold"] = rules.Action.BotSessionValidation.MaxNewSessionTriggerConfig.MaxNewSessionCountThreshold
+ }
+
+ botSessionValidationMap["max_new_session_trigger_config"] = []interface{}{maxNewSessionTriggerConfigMap}
+ }
+
+ sessionExpiredActionMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.Name != nil {
+ sessionExpiredActionMap["name"] = rules.Action.BotSessionValidation.SessionExpiredAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.BotSessionValidation.SessionExpiredAction.DenyActionParameters.Stall
+ }
+
+ sessionExpiredActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.RedirectActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.BotSessionValidation.SessionExpiredAction.RedirectActionParameters.URL
+ }
+
+ sessionExpiredActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.AllowActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.BotSessionValidation.SessionExpiredAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.BotSessionValidation.SessionExpiredAction.AllowActionParameters.MaxDelayTime
+ }
+
+ sessionExpiredActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.BotSessionValidation.SessionExpiredAction.ChallengeActionParameters.AttesterId
+ }
+
+ sessionExpiredActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.BlockIPActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BotSessionValidation.SessionExpiredAction.BlockIPActionParameters.Duration
+ }
+
+ sessionExpiredActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionExpiredAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionExpiredAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionExpiredAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ sessionExpiredActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botSessionValidationMap["session_expired_action"] = []interface{}{sessionExpiredActionMap}
+ }
+
+ sessionInvalidActionMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.Name != nil {
+ sessionInvalidActionMap["name"] = rules.Action.BotSessionValidation.SessionInvalidAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.BotSessionValidation.SessionInvalidAction.DenyActionParameters.Stall
+ }
+
+ sessionInvalidActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.RedirectActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.BotSessionValidation.SessionInvalidAction.RedirectActionParameters.URL
+ }
+
+ sessionInvalidActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.AllowActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.BotSessionValidation.SessionInvalidAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.BotSessionValidation.SessionInvalidAction.AllowActionParameters.MaxDelayTime
+ }
+
+ sessionInvalidActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.BotSessionValidation.SessionInvalidAction.ChallengeActionParameters.AttesterId
+ }
+
+ sessionInvalidActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.BlockIPActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BotSessionValidation.SessionInvalidAction.BlockIPActionParameters.Duration
+ }
+
+ sessionInvalidActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionInvalidAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionInvalidAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionInvalidAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ sessionInvalidActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ botSessionValidationMap["session_invalid_action"] = []interface{}{sessionInvalidActionMap}
+ }
+
+ sessionRateControlMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.Enabled != nil {
+ sessionRateControlMap["enabled"] = rules.Action.BotSessionValidation.SessionRateControl.Enabled
+ }
+
+ highRateSessionActionMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.Name != nil {
+ highRateSessionActionMap["name"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.DenyActionParameters.Stall
+ }
+
+ highRateSessionActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.RedirectActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.RedirectActionParameters.URL
+ }
+
+ highRateSessionActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.AllowActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.AllowActionParameters.MaxDelayTime
+ }
+
+ highRateSessionActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ChallengeActionParameters.AttesterId
+ }
+
+ highRateSessionActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.BlockIPActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.BlockIPActionParameters.Duration
+ }
+
+ highRateSessionActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.HighRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ highRateSessionActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ sessionRateControlMap["high_rate_session_action"] = []interface{}{highRateSessionActionMap}
+ }
+
+ midRateSessionActionMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.Name != nil {
+ midRateSessionActionMap["name"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.DenyActionParameters.Stall
+ }
+
+ midRateSessionActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.RedirectActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.RedirectActionParameters.URL
+ }
+
+ midRateSessionActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.AllowActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.AllowActionParameters.MaxDelayTime
+ }
+
+ midRateSessionActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ChallengeActionParameters.AttesterId
+ }
+
+ midRateSessionActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.BlockIPActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.BlockIPActionParameters.Duration
+ }
+
+ midRateSessionActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.MidRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ midRateSessionActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ sessionRateControlMap["mid_rate_session_action"] = []interface{}{midRateSessionActionMap}
+ }
+
+ lowRateSessionActionMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.Name != nil {
+ lowRateSessionActionMap["name"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.DenyActionParameters.Stall
+ }
+
+ lowRateSessionActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.RedirectActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.RedirectActionParameters.URL
+ }
+
+ lowRateSessionActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.AllowActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.AllowActionParameters.MaxDelayTime
+ }
+
+ lowRateSessionActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ChallengeActionParameters.AttesterId
+ }
+
+ lowRateSessionActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.BlockIPActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.BlockIPActionParameters.Duration
+ }
+
+ lowRateSessionActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.BotSessionValidation.SessionRateControl.LowRateSessionAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ lowRateSessionActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ sessionRateControlMap["low_rate_session_action"] = []interface{}{lowRateSessionActionMap}
+ }
+
+ botSessionValidationMap["session_rate_control"] = []interface{}{sessionRateControlMap}
+ }
+
+ actionMap["bot_session_validation"] = []interface{}{botSessionValidationMap}
+ }
+
+ clientBehaviorDetectionMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection != nil {
+ if rules.Action.ClientBehaviorDetection.CryptoChallengeIntensity != nil {
+ clientBehaviorDetectionMap["crypto_challenge_intensity"] = rules.Action.ClientBehaviorDetection.CryptoChallengeIntensity
+ }
+
+ if rules.Action.ClientBehaviorDetection.CryptoChallengeDelayBefore != nil {
+ clientBehaviorDetectionMap["crypto_challenge_delay_before"] = rules.Action.ClientBehaviorDetection.CryptoChallengeDelayBefore
+ }
+
+ if rules.Action.ClientBehaviorDetection.MaxChallengeCountInterval != nil {
+ clientBehaviorDetectionMap["max_challenge_count_interval"] = rules.Action.ClientBehaviorDetection.MaxChallengeCountInterval
+ }
+
+ if rules.Action.ClientBehaviorDetection.MaxChallengeCountThreshold != nil {
+ clientBehaviorDetectionMap["max_challenge_count_threshold"] = rules.Action.ClientBehaviorDetection.MaxChallengeCountThreshold
+ }
+
+ challengeNotFinishedActionMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.Name != nil {
+ challengeNotFinishedActionMap["name"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.DenyActionParameters.Stall
+ }
+
+ challengeNotFinishedActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.RedirectActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.RedirectActionParameters.URL
+ }
+
+ challengeNotFinishedActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.AllowActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.AllowActionParameters.MaxDelayTime
+ }
+
+ challengeNotFinishedActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ChallengeActionParameters.AttesterId
+ }
+
+ challengeNotFinishedActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.BlockIPActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.BlockIPActionParameters.Duration
+ }
+
+ challengeNotFinishedActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.ChallengeNotFinishedAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ challengeNotFinishedActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ clientBehaviorDetectionMap["challenge_not_finished_action"] = []interface{}{challengeNotFinishedActionMap}
+ }
+
+ challengeTimeoutActionMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.Name != nil {
+ challengeTimeoutActionMap["name"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.DenyActionParameters.Stall
+ }
+
+ challengeTimeoutActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.RedirectActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.RedirectActionParameters.URL
+ }
+
+ challengeTimeoutActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.AllowActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.AllowActionParameters.MaxDelayTime
+ }
+
+ challengeTimeoutActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ChallengeActionParameters.AttesterId
+ }
+
+ challengeTimeoutActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.BlockIPActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.BlockIPActionParameters.Duration
+ }
+
+ challengeTimeoutActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.ChallengeTimeoutAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ challengeTimeoutActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ clientBehaviorDetectionMap["challenge_timeout_action"] = []interface{}{challengeTimeoutActionMap}
+ }
+
+ botClientActionMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.Name != nil {
+ botClientActionMap["name"] = rules.Action.ClientBehaviorDetection.BotClientAction.Name
+ }
+
+ denyActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.BlockIp != nil {
+ denyActionParametersMap["block_ip"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.BlockIp
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.BlockIpDuration != nil {
+ denyActionParametersMap["block_ip_duration"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.BlockIpDuration
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ReturnCustomPage != nil {
+ denyActionParametersMap["return_custom_page"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ReturnCustomPage
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ResponseCode != nil {
+ denyActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ErrorPageId != nil {
+ denyActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.ErrorPageId
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.Stall != nil {
+ denyActionParametersMap["stall"] = rules.Action.ClientBehaviorDetection.BotClientAction.DenyActionParameters.Stall
+ }
+
+ botClientActionMap["deny_action_parameters"] = []interface{}{denyActionParametersMap}
+ }
+
+ redirectActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.RedirectActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.RedirectActionParameters.URL != nil {
+ redirectActionParametersMap["url"] = rules.Action.ClientBehaviorDetection.BotClientAction.RedirectActionParameters.URL
+ }
+
+ botClientActionMap["redirect_action_parameters"] = []interface{}{redirectActionParametersMap}
+ }
+
+ allowActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.AllowActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.AllowActionParameters.MinDelayTime != nil {
+ allowActionParametersMap["min_delay_time"] = rules.Action.ClientBehaviorDetection.BotClientAction.AllowActionParameters.MinDelayTime
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.AllowActionParameters.MaxDelayTime != nil {
+ allowActionParametersMap["max_delay_time"] = rules.Action.ClientBehaviorDetection.BotClientAction.AllowActionParameters.MaxDelayTime
+ }
+
+ botClientActionMap["allow_action_parameters"] = []interface{}{allowActionParametersMap}
+ }
+
+ challengeActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.ChallengeOption != nil {
+ challengeActionParametersMap["challenge_option"] = rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.ChallengeOption
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.Interval != nil {
+ challengeActionParametersMap["interval"] = rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.Interval
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.AttesterId != nil {
+ challengeActionParametersMap["attester_id"] = rules.Action.ClientBehaviorDetection.BotClientAction.ChallengeActionParameters.AttesterId
+ }
+
+ botClientActionMap["challenge_action_parameters"] = []interface{}{challengeActionParametersMap}
+ }
+
+ blockIPActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.BlockIPActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.BlockIPActionParameters.Duration != nil {
+ blockIPActionParametersMap["duration"] = rules.Action.ClientBehaviorDetection.BotClientAction.BlockIPActionParameters.Duration
+ }
+
+ botClientActionMap["block_ip_action_parameters"] = []interface{}{blockIPActionParametersMap}
+ }
+
+ returnCustomPageActionParametersMap := map[string]interface{}{}
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ReturnCustomPageActionParameters != nil {
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ReturnCustomPageActionParameters.ResponseCode != nil {
+ returnCustomPageActionParametersMap["response_code"] = rules.Action.ClientBehaviorDetection.BotClientAction.ReturnCustomPageActionParameters.ResponseCode
+ }
+
+ if rules.Action.ClientBehaviorDetection.BotClientAction.ReturnCustomPageActionParameters.ErrorPageId != nil {
+ returnCustomPageActionParametersMap["error_page_id"] = rules.Action.ClientBehaviorDetection.BotClientAction.ReturnCustomPageActionParameters.ErrorPageId
+ }
+
+ botClientActionMap["return_custom_page_action_parameters"] = []interface{}{returnCustomPageActionParametersMap}
+ }
+
+ clientBehaviorDetectionMap["bot_client_action"] = []interface{}{botClientActionMap}
+ }
+
+ actionMap["client_behavior_detection"] = []interface{}{clientBehaviorDetectionMap}
+ }
+
+ rulesMap["action"] = []interface{}{actionMap}
+ }
+
+ rulesList = append(rulesList, rulesMap)
+ }
+
+ browserImpersonationDetectionMap["rules"] = rulesList
+ }
+ botManagementMap["browser_impersonation_detection"] = []interface{}{browserImpersonationDetectionMap}
+ }
+
+ tmpMap["bot_management"] = []interface{}{botManagementMap}
+ }
+
+ tmpList = append(tmpList, tmpMap)
+ _ = d.Set("security_policy", tmpList)
+ return nil
+}
+
+func resourceTencentCloudTeoWebSecurityTemplateUpdate(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_teo_web_security_template.update")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ var (
+ logId = tccommon.GetLogId(tccommon.ContextNil)
+ ctx = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+ )
+
+ idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", d.Id())
+ }
+
+ zoneId := idSplit[0]
+ templateId := idSplit[1]
+
+ needChange := false
+ mutableArgs := []string{"template_name", "security_policy"}
+ for _, v := range mutableArgs {
+ if d.HasChange(v) {
+ needChange = true
+ break
+ }
+ }
+
+ if needChange {
+ request := teov20220901.NewModifyWebSecurityTemplateRequest()
+ if v, ok := d.GetOk("template_name"); ok {
+ request.TemplateName = helper.String(v.(string))
+ }
+
+ if securityPolicyMap, ok := helper.InterfacesHeadMap(d, "security_policy"); ok {
+ securityPolicy := teov20220901.SecurityPolicy{}
+ if customRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["custom_rules"]); ok {
+ customRules := teov20220901.CustomRules{}
+ if v, ok := customRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ customRule := teov20220901.CustomRule{}
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ customRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ customRule.Condition = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ securityAction := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters.Stall = helper.String(v)
+ }
+
+ securityAction.DenyActionParameters = &denyActionParameters
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters.URL = helper.String(v)
+ }
+
+ securityAction.RedirectActionParameters = &redirectActionParameters
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction.AllowActionParameters = &allowActionParameters
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters.AttesterId = helper.String(v)
+ }
+
+ securityAction.ChallengeActionParameters = &challengeActionParameters
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters.Duration = helper.String(v)
+ }
+
+ securityAction.BlockIPActionParameters = &blockIPActionParameters
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters.ErrorPageId = helper.String(v)
+ }
+
+ securityAction.ReturnCustomPageActionParameters = &returnCustomPageActionParameters
+ }
+
+ customRule.Action = &securityAction
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ customRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ customRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ customRule.Priority = helper.IntInt64(v)
+ }
+
+ customRules.Rules = append(customRules.Rules, &customRule)
+ }
+ }
+
+ securityPolicy.CustomRules = &customRules
+ }
+
+ if managedRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["managed_rules"]); ok {
+ managedRules := teov20220901.ManagedRules{}
+ if v, ok := managedRulesMap["enabled"].(string); ok && v != "" {
+ managedRules.Enabled = helper.String(v)
+ }
+
+ if v, ok := managedRulesMap["detection_only"].(string); ok && v != "" {
+ managedRules.DetectionOnly = helper.String(v)
+ }
+
+ if v, ok := managedRulesMap["semantic_analysis"].(string); ok && v != "" {
+ managedRules.SemanticAnalysis = helper.String(v)
+ }
+
+ if autoUpdateMap, ok := helper.ConvertInterfacesHeadToMap(managedRulesMap["auto_update"]); ok {
+ managedRuleAutoUpdate := teov20220901.ManagedRuleAutoUpdate{}
+ if v, ok := autoUpdateMap["auto_update_to_latest_version"].(string); ok && v != "" {
+ managedRuleAutoUpdate.AutoUpdateToLatestVersion = helper.String(v)
+ }
+
+ managedRules.AutoUpdate = &managedRuleAutoUpdate
+ }
+
+ if v, ok := managedRulesMap["managed_rule_groups"]; ok {
+ for _, item := range v.([]interface{}) {
+ managedRuleGroupsMap := item.(map[string]interface{})
+ managedRuleGroup := teov20220901.ManagedRuleGroup{}
+ if v, ok := managedRuleGroupsMap["group_id"].(string); ok && v != "" {
+ managedRuleGroup.GroupId = helper.String(v)
+ }
+
+ if v, ok := managedRuleGroupsMap["sensitivity_level"].(string); ok && v != "" {
+ managedRuleGroup.SensitivityLevel = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(managedRuleGroupsMap["action"]); ok {
+ securityAction2 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction2.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters2 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters2.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters2.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters2.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters2.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters2.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters2.Stall = helper.String(v)
+ }
+
+ securityAction2.DenyActionParameters = &denyActionParameters2
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters2 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters2.URL = helper.String(v)
+ }
+
+ securityAction2.RedirectActionParameters = &redirectActionParameters2
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters2 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters2.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters2.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction2.AllowActionParameters = &allowActionParameters2
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters2 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters2.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters2.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters2.AttesterId = helper.String(v)
+ }
+
+ securityAction2.ChallengeActionParameters = &challengeActionParameters2
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters2 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters2.Duration = helper.String(v)
+ }
+
+ securityAction2.BlockIPActionParameters = &blockIPActionParameters2
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters2 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters2.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters2.ErrorPageId = helper.String(v)
+ }
+
+ securityAction2.ReturnCustomPageActionParameters = &returnCustomPageActionParameters2
+ }
+
+ managedRuleGroup.Action = &securityAction2
+ }
+
+ if v, ok := managedRuleGroupsMap["rule_actions"]; ok {
+ for _, item := range v.([]interface{}) {
+ ruleActionsMap := item.(map[string]interface{})
+ managedRuleAction := teov20220901.ManagedRuleAction{}
+ if v, ok := ruleActionsMap["rule_id"].(string); ok && v != "" {
+ managedRuleAction.RuleId = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(ruleActionsMap["action"]); ok {
+ securityAction3 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction3.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters3 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters3.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters3.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters3.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters3.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters3.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters3.Stall = helper.String(v)
+ }
+
+ securityAction3.DenyActionParameters = &denyActionParameters3
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters3 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters3.URL = helper.String(v)
+ }
+
+ securityAction3.RedirectActionParameters = &redirectActionParameters3
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters3 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters3.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters3.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction3.AllowActionParameters = &allowActionParameters3
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters3 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters3.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters3.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters3.AttesterId = helper.String(v)
+ }
+
+ securityAction3.ChallengeActionParameters = &challengeActionParameters3
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters3 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters3.Duration = helper.String(v)
+ }
+
+ securityAction3.BlockIPActionParameters = &blockIPActionParameters3
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters3 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters3.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters3.ErrorPageId = helper.String(v)
+ }
+
+ securityAction3.ReturnCustomPageActionParameters = &returnCustomPageActionParameters3
+ }
+
+ managedRuleAction.Action = &securityAction3
+ }
+
+ managedRuleGroup.RuleActions = append(managedRuleGroup.RuleActions, &managedRuleAction)
+ }
+ }
+
+ managedRules.ManagedRuleGroups = append(managedRules.ManagedRuleGroups, &managedRuleGroup)
+ }
+ }
+
+ if frequentScanningProtectionMap, ok := helper.ConvertInterfacesHeadToMap(managedRulesMap["frequent_scanning_protection"]); ok {
+ frequentScanningProtection := teov20220901.FrequentScanningProtection{}
+ if v, ok := frequentScanningProtectionMap["enabled"].(string); ok && v != "" {
+ frequentScanningProtection.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(frequentScanningProtectionMap["action"]); ok {
+ securityAction4 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction4.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters4 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters4.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters4.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters4.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters4.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters4.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters4.Stall = helper.String(v)
+ }
+
+ securityAction4.DenyActionParameters = &denyActionParameters4
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters4 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters4.URL = helper.String(v)
+ }
+
+ securityAction4.RedirectActionParameters = &redirectActionParameters4
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters4 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters4.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters4.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction4.AllowActionParameters = &allowActionParameters4
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters4 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters4.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters4.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters4.AttesterId = helper.String(v)
+ }
+
+ securityAction4.ChallengeActionParameters = &challengeActionParameters4
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters4 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters4.Duration = helper.String(v)
+ }
+
+ securityAction4.BlockIPActionParameters = &blockIPActionParameters4
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters4 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters4.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters4.ErrorPageId = helper.String(v)
+ }
+
+ securityAction4.ReturnCustomPageActionParameters = &returnCustomPageActionParameters4
+ }
+
+ frequentScanningProtection.Action = &securityAction4
+ }
+
+ if v, ok := frequentScanningProtectionMap["count_by"].(string); ok && v != "" {
+ frequentScanningProtection.CountBy = helper.String(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["block_threshold"].(int); ok {
+ frequentScanningProtection.BlockThreshold = helper.IntInt64(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["counting_period"].(string); ok && v != "" {
+ frequentScanningProtection.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := frequentScanningProtectionMap["action_duration"].(string); ok && v != "" {
+ frequentScanningProtection.ActionDuration = helper.String(v)
+ }
+
+ managedRules.FrequentScanningProtection = &frequentScanningProtection
+ }
+
+ securityPolicy.ManagedRules = &managedRules
+ }
+
+ if httpDDoSProtectionMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["http_ddos_protection"]); ok {
+ httpDDoSProtection := teov20220901.HttpDDoSProtection{}
+ if adaptiveFrequencyControlMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["adaptive_frequency_control"]); ok {
+ adaptiveFrequencyControl := teov20220901.AdaptiveFrequencyControl{}
+ if v, ok := adaptiveFrequencyControlMap["enabled"].(string); ok && v != "" {
+ adaptiveFrequencyControl.Enabled = helper.String(v)
+ }
+
+ if v, ok := adaptiveFrequencyControlMap["sensitivity"].(string); ok && v != "" {
+ adaptiveFrequencyControl.Sensitivity = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(adaptiveFrequencyControlMap["action"]); ok {
+ securityAction5 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction5.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters5 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters5.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters5.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters5.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters5.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters5.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters5.Stall = helper.String(v)
+ }
+
+ securityAction5.DenyActionParameters = &denyActionParameters5
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters5 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters5.URL = helper.String(v)
+ }
+
+ securityAction5.RedirectActionParameters = &redirectActionParameters5
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters5 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters5.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters5.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction5.AllowActionParameters = &allowActionParameters5
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters5 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters5.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters5.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters5.AttesterId = helper.String(v)
+ }
+
+ securityAction5.ChallengeActionParameters = &challengeActionParameters5
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters5 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters5.Duration = helper.String(v)
+ }
+
+ securityAction5.BlockIPActionParameters = &blockIPActionParameters5
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters5 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters5.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters5.ErrorPageId = helper.String(v)
+ }
+
+ securityAction5.ReturnCustomPageActionParameters = &returnCustomPageActionParameters5
+ }
+
+ adaptiveFrequencyControl.Action = &securityAction5
+ }
+
+ httpDDoSProtection.AdaptiveFrequencyControl = &adaptiveFrequencyControl
+ }
+
+ if clientFilteringMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["client_filtering"]); ok {
+ clientFiltering := teov20220901.ClientFiltering{}
+ if v, ok := clientFilteringMap["enabled"].(string); ok && v != "" {
+ clientFiltering.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(clientFilteringMap["action"]); ok {
+ securityAction6 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction6.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters6 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters6.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters6.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters6.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters6.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters6.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters6.Stall = helper.String(v)
+ }
+
+ securityAction6.DenyActionParameters = &denyActionParameters6
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters6 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters6.URL = helper.String(v)
+ }
+
+ securityAction6.RedirectActionParameters = &redirectActionParameters6
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters6 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters6.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters6.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction6.AllowActionParameters = &allowActionParameters6
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters6 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters6.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters6.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters6.AttesterId = helper.String(v)
+ }
+
+ securityAction6.ChallengeActionParameters = &challengeActionParameters6
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters6 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters6.Duration = helper.String(v)
+ }
+
+ securityAction6.BlockIPActionParameters = &blockIPActionParameters6
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters6 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters6.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters6.ErrorPageId = helper.String(v)
+ }
+
+ securityAction6.ReturnCustomPageActionParameters = &returnCustomPageActionParameters6
+ }
+
+ clientFiltering.Action = &securityAction6
+ }
+
+ httpDDoSProtection.ClientFiltering = &clientFiltering
+ }
+
+ if bandwidthAbuseDefenseMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["bandwidth_abuse_defense"]); ok {
+ bandwidthAbuseDefense := teov20220901.BandwidthAbuseDefense{}
+ if v, ok := bandwidthAbuseDefenseMap["enabled"].(string); ok && v != "" {
+ bandwidthAbuseDefense.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(bandwidthAbuseDefenseMap["action"]); ok {
+ securityAction7 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction7.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters7 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters7.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters7.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters7.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters7.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters7.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters7.Stall = helper.String(v)
+ }
+
+ securityAction7.DenyActionParameters = &denyActionParameters7
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters7 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters7.URL = helper.String(v)
+ }
+
+ securityAction7.RedirectActionParameters = &redirectActionParameters7
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters7 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters7.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters7.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction7.AllowActionParameters = &allowActionParameters7
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters7 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters7.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters7.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters7.AttesterId = helper.String(v)
+ }
+
+ securityAction7.ChallengeActionParameters = &challengeActionParameters7
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters7 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters7.Duration = helper.String(v)
+ }
+
+ securityAction7.BlockIPActionParameters = &blockIPActionParameters7
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters7 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters7.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters7.ErrorPageId = helper.String(v)
+ }
+
+ securityAction7.ReturnCustomPageActionParameters = &returnCustomPageActionParameters7
+ }
+
+ bandwidthAbuseDefense.Action = &securityAction7
+ }
+
+ httpDDoSProtection.BandwidthAbuseDefense = &bandwidthAbuseDefense
+ }
+
+ if slowAttackDefenseMap, ok := helper.ConvertInterfacesHeadToMap(httpDDoSProtectionMap["slow_attack_defense"]); ok {
+ slowAttackDefense := teov20220901.SlowAttackDefense{}
+ if v, ok := slowAttackDefenseMap["enabled"].(string); ok && v != "" {
+ slowAttackDefense.Enabled = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["action"]); ok {
+ securityAction8 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction8.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters8 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters8.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters8.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters8.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters8.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters8.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters8.Stall = helper.String(v)
+ }
+
+ securityAction8.DenyActionParameters = &denyActionParameters8
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters8 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters8.URL = helper.String(v)
+ }
+
+ securityAction8.RedirectActionParameters = &redirectActionParameters8
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters8 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters8.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters8.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction8.AllowActionParameters = &allowActionParameters8
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters8 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters8.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters8.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters8.AttesterId = helper.String(v)
+ }
+
+ securityAction8.ChallengeActionParameters = &challengeActionParameters8
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters8 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters8.Duration = helper.String(v)
+ }
+
+ securityAction8.BlockIPActionParameters = &blockIPActionParameters8
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters8 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters8.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters8.ErrorPageId = helper.String(v)
+ }
+
+ securityAction8.ReturnCustomPageActionParameters = &returnCustomPageActionParameters8
+ }
+
+ slowAttackDefense.Action = &securityAction8
+ }
+
+ if minimalRequestBodyTransferRateMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["minimal_request_body_transfer_rate"]); ok {
+ minimalRequestBodyTransferRate := teov20220901.MinimalRequestBodyTransferRate{}
+ if v, ok := minimalRequestBodyTransferRateMap["minimal_avg_transfer_rate_threshold"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.MinimalAvgTransferRateThreshold = helper.String(v)
+ }
+
+ if v, ok := minimalRequestBodyTransferRateMap["counting_period"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := minimalRequestBodyTransferRateMap["enabled"].(string); ok && v != "" {
+ minimalRequestBodyTransferRate.Enabled = helper.String(v)
+ }
+
+ slowAttackDefense.MinimalRequestBodyTransferRate = &minimalRequestBodyTransferRate
+ }
+
+ if requestBodyTransferTimeoutMap, ok := helper.ConvertInterfacesHeadToMap(slowAttackDefenseMap["request_body_transfer_timeout"]); ok {
+ requestBodyTransferTimeout := teov20220901.RequestBodyTransferTimeout{}
+ if v, ok := requestBodyTransferTimeoutMap["idle_timeout"].(string); ok && v != "" {
+ requestBodyTransferTimeout.IdleTimeout = helper.String(v)
+ }
+
+ if v, ok := requestBodyTransferTimeoutMap["enabled"].(string); ok && v != "" {
+ requestBodyTransferTimeout.Enabled = helper.String(v)
+ }
+
+ slowAttackDefense.RequestBodyTransferTimeout = &requestBodyTransferTimeout
+ }
+
+ httpDDoSProtection.SlowAttackDefense = &slowAttackDefense
+ }
+
+ securityPolicy.HttpDDoSProtection = &httpDDoSProtection
+ }
+
+ if rateLimitingRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["rate_limiting_rules"]); ok {
+ rateLimitingRules := teov20220901.RateLimitingRules{}
+ if v, ok := rateLimitingRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ rateLimitingRule := teov20220901.RateLimitingRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ rateLimitingRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ rateLimitingRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ rateLimitingRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["count_by"]; ok {
+ countBySet := v.(*schema.Set).List()
+ for i := range countBySet {
+ countBy := countBySet[i].(string)
+ rateLimitingRule.CountBy = append(rateLimitingRule.CountBy, helper.String(countBy))
+ }
+ }
+
+ if v, ok := rulesMap["max_request_threshold"].(int); ok {
+ rateLimitingRule.MaxRequestThreshold = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["counting_period"].(string); ok && v != "" {
+ rateLimitingRule.CountingPeriod = helper.String(v)
+ }
+
+ if v, ok := rulesMap["action_duration"].(string); ok && v != "" {
+ rateLimitingRule.ActionDuration = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ securityAction9 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction9.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters9 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters9.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters9.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters9.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters9.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters9.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters9.Stall = helper.String(v)
+ }
+
+ securityAction9.DenyActionParameters = &denyActionParameters9
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters9 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters9.URL = helper.String(v)
+ }
+
+ securityAction9.RedirectActionParameters = &redirectActionParameters9
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters9 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters9.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters9.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction9.AllowActionParameters = &allowActionParameters9
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters9 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters9.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters9.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters9.AttesterId = helper.String(v)
+ }
+
+ securityAction9.ChallengeActionParameters = &challengeActionParameters9
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters9 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters9.Duration = helper.String(v)
+ }
+
+ securityAction9.BlockIPActionParameters = &blockIPActionParameters9
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters9 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters9.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters9.ErrorPageId = helper.String(v)
+ }
+
+ securityAction9.ReturnCustomPageActionParameters = &returnCustomPageActionParameters9
+ }
+
+ rateLimitingRule.Action = &securityAction9
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ rateLimitingRule.Priority = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ rateLimitingRule.Enabled = helper.String(v)
+ }
+
+ rateLimitingRules.Rules = append(rateLimitingRules.Rules, &rateLimitingRule)
+ }
+ }
+
+ securityPolicy.RateLimitingRules = &rateLimitingRules
+ }
+
+ if exceptionRulesMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["exception_rules"]); ok {
+ exceptionRules := teov20220901.ExceptionRules{}
+ if v, ok := exceptionRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ exceptionRule := teov20220901.ExceptionRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ exceptionRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ exceptionRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ exceptionRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["skip_scope"].(string); ok && v != "" {
+ exceptionRule.SkipScope = helper.String(v)
+ }
+
+ if v, ok := rulesMap["skip_option"].(string); ok && v != "" {
+ exceptionRule.SkipOption = helper.String(v)
+ }
+
+ if v, ok := rulesMap["web_security_modules_for_exception"]; ok {
+ webSecurityModulesForExceptionSet := v.(*schema.Set).List()
+ for i := range webSecurityModulesForExceptionSet {
+ webSecurityModulesForException := webSecurityModulesForExceptionSet[i].(string)
+ exceptionRule.WebSecurityModulesForException = append(exceptionRule.WebSecurityModulesForException, helper.String(webSecurityModulesForException))
+ }
+ }
+
+ if v, ok := rulesMap["managed_rules_for_exception"]; ok {
+ managedRulesForExceptionSet := v.(*schema.Set).List()
+ for i := range managedRulesForExceptionSet {
+ managedRulesForException := managedRulesForExceptionSet[i].(string)
+ exceptionRule.ManagedRulesForException = append(exceptionRule.ManagedRulesForException, helper.String(managedRulesForException))
+ }
+ }
+
+ if v, ok := rulesMap["managed_rule_groups_for_exception"]; ok {
+ managedRuleGroupsForExceptionSet := v.(*schema.Set).List()
+ for i := range managedRuleGroupsForExceptionSet {
+ managedRuleGroupsForException := managedRuleGroupsForExceptionSet[i].(string)
+ exceptionRule.ManagedRuleGroupsForException = append(exceptionRule.ManagedRuleGroupsForException, helper.String(managedRuleGroupsForException))
+ }
+ }
+
+ if v, ok := rulesMap["request_fields_for_exception"]; ok {
+ for _, item := range v.([]interface{}) {
+ requestFieldsForExceptionMap := item.(map[string]interface{})
+ requestFieldsForException := teov20220901.RequestFieldsForException{}
+ if v, ok := requestFieldsForExceptionMap["scope"].(string); ok && v != "" {
+ requestFieldsForException.Scope = helper.String(v)
+ }
+
+ if v, ok := requestFieldsForExceptionMap["condition"].(string); ok && v != "" {
+ requestFieldsForException.Condition = helper.String(v)
+ }
+
+ if v, ok := requestFieldsForExceptionMap["target_field"].(string); ok && v != "" {
+ requestFieldsForException.TargetField = helper.String(v)
+ }
+
+ exceptionRule.RequestFieldsForException = append(exceptionRule.RequestFieldsForException, &requestFieldsForException)
+ }
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ exceptionRule.Enabled = helper.String(v)
+ }
+
+ exceptionRules.Rules = append(exceptionRules.Rules, &exceptionRule)
+ }
+ }
+
+ securityPolicy.ExceptionRules = &exceptionRules
+ }
+
+ if botManagementMap, ok := helper.ConvertInterfacesHeadToMap(securityPolicyMap["bot_management"]); ok {
+ botManagement := teov20220901.BotManagement{}
+ if v, ok := botManagementMap["enabled"].(string); ok && v != "" {
+ botManagement.Enabled = helper.String(v)
+ }
+
+ if customRulesMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["custom_rules"]); ok {
+ botManagementCustomRules := teov20220901.BotManagementCustomRules{}
+ if v, ok := customRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ botManagementCustomRule := teov20220901.BotManagementCustomRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ botManagementCustomRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ botManagementCustomRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ botManagementCustomRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ botManagementCustomRule.Priority = helper.IntInt64(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ botManagementCustomRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["action"]; ok {
+ for _, item := range v.([]interface{}) {
+ actionMap := item.(map[string]interface{})
+ securityWeightedAction := teov20220901.SecurityWeightedAction{}
+ if securityActionMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["security_action"]); ok {
+ securityAction10 := teov20220901.SecurityAction{}
+ if v, ok := securityActionMap["name"].(string); ok && v != "" {
+ securityAction10.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["deny_action_parameters"]); ok {
+ denyActionParameters10 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters10.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters10.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters10.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters10.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters10.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters10.Stall = helper.String(v)
+ }
+
+ securityAction10.DenyActionParameters = &denyActionParameters10
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters10 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters10.URL = helper.String(v)
+ }
+
+ securityAction10.RedirectActionParameters = &redirectActionParameters10
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["allow_action_parameters"]); ok {
+ allowActionParameters10 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters10.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters10.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction10.AllowActionParameters = &allowActionParameters10
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters10 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters10.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters10.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters10.AttesterId = helper.String(v)
+ }
+
+ securityAction10.ChallengeActionParameters = &challengeActionParameters10
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters10 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters10.Duration = helper.String(v)
+ }
+
+ securityAction10.BlockIPActionParameters = &blockIPActionParameters10
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(securityActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters10 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters10.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters10.ErrorPageId = helper.String(v)
+ }
+
+ securityAction10.ReturnCustomPageActionParameters = &returnCustomPageActionParameters10
+ }
+
+ securityWeightedAction.SecurityAction = &securityAction10
+ }
+
+ if v, ok := actionMap["weight"].(int); ok {
+ securityWeightedAction.Weight = helper.IntInt64(v)
+ }
+
+ botManagementCustomRule.Action = append(botManagementCustomRule.Action, &securityWeightedAction)
+ }
+ }
+
+ botManagementCustomRules.Rules = append(botManagementCustomRules.Rules, &botManagementCustomRule)
+ }
+ }
+
+ botManagement.CustomRules = &botManagementCustomRules
+ }
+
+ if basicBotSettingsMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["basic_bot_settings"]); ok {
+ basicBotSettings := teov20220901.BasicBotSettings{}
+ if sourceIDCMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["source_idc"]); ok {
+ sourceIDC := teov20220901.SourceIDC{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(sourceIDCMap["base_action"]); ok {
+ securityAction11 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction11.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters11 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters11.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters11.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters11.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters11.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters11.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters11.Stall = helper.String(v)
+ }
+
+ securityAction11.DenyActionParameters = &denyActionParameters11
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters11 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters11.URL = helper.String(v)
+ }
+
+ securityAction11.RedirectActionParameters = &redirectActionParameters11
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters11 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters11.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters11.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction11.AllowActionParameters = &allowActionParameters11
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters11 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters11.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters11.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters11.AttesterId = helper.String(v)
+ }
+
+ securityAction11.ChallengeActionParameters = &challengeActionParameters11
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters11 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters11.Duration = helper.String(v)
+ }
+
+ securityAction11.BlockIPActionParameters = &blockIPActionParameters11
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters11 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters11.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters11.ErrorPageId = helper.String(v)
+ }
+
+ securityAction11.ReturnCustomPageActionParameters = &returnCustomPageActionParameters11
+ }
+
+ sourceIDC.BaseAction = &securityAction11
+ }
+
+ if v, ok := sourceIDCMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction12 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction12.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters12 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters12.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters12.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters12.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters12.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters12.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters12.Stall = helper.String(v)
+ }
+
+ securityAction12.DenyActionParameters = &denyActionParameters12
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters12 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters12.URL = helper.String(v)
+ }
+
+ securityAction12.RedirectActionParameters = &redirectActionParameters12
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters12 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters12.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters12.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction12.AllowActionParameters = &allowActionParameters12
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters12 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters12.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters12.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters12.AttesterId = helper.String(v)
+ }
+
+ securityAction12.ChallengeActionParameters = &challengeActionParameters12
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters12 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters12.Duration = helper.String(v)
+ }
+
+ securityAction12.BlockIPActionParameters = &blockIPActionParameters12
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters12 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters12.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters12.ErrorPageId = helper.String(v)
+ }
+
+ securityAction12.ReturnCustomPageActionParameters = &returnCustomPageActionParameters12
+ }
+
+ botManagementActionOverrides.Action = &securityAction12
+ }
+
+ sourceIDC.BotManagementActionOverrides = append(sourceIDC.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.SourceIDC = &sourceIDC
+ }
+
+ if searchEngineBotsMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["search_engine_bots"]); ok {
+ searchEngineBots := teov20220901.SearchEngineBots{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(searchEngineBotsMap["base_action"]); ok {
+ securityAction13 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction13.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters13 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters13.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters13.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters13.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters13.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters13.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters13.Stall = helper.String(v)
+ }
+
+ securityAction13.DenyActionParameters = &denyActionParameters13
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters13 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters13.URL = helper.String(v)
+ }
+
+ securityAction13.RedirectActionParameters = &redirectActionParameters13
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters13 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters13.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters13.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction13.AllowActionParameters = &allowActionParameters13
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters13 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters13.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters13.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters13.AttesterId = helper.String(v)
+ }
+
+ securityAction13.ChallengeActionParameters = &challengeActionParameters13
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters13 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters13.Duration = helper.String(v)
+ }
+
+ securityAction13.BlockIPActionParameters = &blockIPActionParameters13
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters13 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters13.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters13.ErrorPageId = helper.String(v)
+ }
+
+ securityAction13.ReturnCustomPageActionParameters = &returnCustomPageActionParameters13
+ }
+
+ searchEngineBots.BaseAction = &securityAction13
+ }
+
+ if v, ok := searchEngineBotsMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction14 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction14.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters14 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters14.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters14.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters14.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters14.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters14.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters14.Stall = helper.String(v)
+ }
+
+ securityAction14.DenyActionParameters = &denyActionParameters14
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters14 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters14.URL = helper.String(v)
+ }
+
+ securityAction14.RedirectActionParameters = &redirectActionParameters14
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters14 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters14.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters14.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction14.AllowActionParameters = &allowActionParameters14
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters14 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters14.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters14.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters14.AttesterId = helper.String(v)
+ }
+
+ securityAction14.ChallengeActionParameters = &challengeActionParameters14
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters14 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters14.Duration = helper.String(v)
+ }
+
+ securityAction14.BlockIPActionParameters = &blockIPActionParameters14
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters14 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters14.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters14.ErrorPageId = helper.String(v)
+ }
+
+ securityAction14.ReturnCustomPageActionParameters = &returnCustomPageActionParameters14
+ }
+
+ botManagementActionOverrides.Action = &securityAction14
+ }
+
+ searchEngineBots.BotManagementActionOverrides = append(searchEngineBots.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.SearchEngineBots = &searchEngineBots
+ }
+
+ if knownBotCategoriesMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["known_bot_categories"]); ok {
+ knownBotCategories := teov20220901.KnownBotCategories{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(knownBotCategoriesMap["base_action"]); ok {
+ securityAction15 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction15.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters15 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters15.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters15.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters15.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters15.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters15.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters15.Stall = helper.String(v)
+ }
+
+ securityAction15.DenyActionParameters = &denyActionParameters15
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters15 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters15.URL = helper.String(v)
+ }
+
+ securityAction15.RedirectActionParameters = &redirectActionParameters15
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters15 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters15.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters15.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction15.AllowActionParameters = &allowActionParameters15
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters15 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters15.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters15.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters15.AttesterId = helper.String(v)
+ }
+
+ securityAction15.ChallengeActionParameters = &challengeActionParameters15
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters15 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters15.Duration = helper.String(v)
+ }
+
+ securityAction15.BlockIPActionParameters = &blockIPActionParameters15
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters15 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters15.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters15.ErrorPageId = helper.String(v)
+ }
+
+ securityAction15.ReturnCustomPageActionParameters = &returnCustomPageActionParameters15
+ }
+
+ knownBotCategories.BaseAction = &securityAction15
+ }
+
+ if v, ok := knownBotCategoriesMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction16 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction16.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters16 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters16.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters16.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters16.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters16.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters16.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters16.Stall = helper.String(v)
+ }
+
+ securityAction16.DenyActionParameters = &denyActionParameters16
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters16 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters16.URL = helper.String(v)
+ }
+
+ securityAction16.RedirectActionParameters = &redirectActionParameters16
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters16 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters16.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters16.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction16.AllowActionParameters = &allowActionParameters16
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters16 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters16.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters16.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters16.AttesterId = helper.String(v)
+ }
+
+ securityAction16.ChallengeActionParameters = &challengeActionParameters16
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters16 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters16.Duration = helper.String(v)
+ }
+
+ securityAction16.BlockIPActionParameters = &blockIPActionParameters16
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters16 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters16.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters16.ErrorPageId = helper.String(v)
+ }
+
+ securityAction16.ReturnCustomPageActionParameters = &returnCustomPageActionParameters16
+ }
+
+ botManagementActionOverrides.Action = &securityAction16
+ }
+
+ knownBotCategories.BotManagementActionOverrides = append(knownBotCategories.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ basicBotSettings.KnownBotCategories = &knownBotCategories
+ }
+
+ if iPReputationMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["ip_reputation"]); ok {
+ iPReputation := teov20220901.IPReputation{}
+ if v, ok := iPReputationMap["enabled"].(string); ok && v != "" {
+ iPReputation.Enabled = helper.String(v)
+ }
+
+ if iPReputationGroupMap, ok := helper.ConvertInterfacesHeadToMap(iPReputationMap["ip_reputation_group"]); ok {
+ iPReputationGroup := teov20220901.IPReputationGroup{}
+ if baseActionMap, ok := helper.ConvertInterfacesHeadToMap(iPReputationGroupMap["base_action"]); ok {
+ securityAction17 := teov20220901.SecurityAction{}
+ if v, ok := baseActionMap["name"].(string); ok && v != "" {
+ securityAction17.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["deny_action_parameters"]); ok {
+ denyActionParameters17 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters17.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters17.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters17.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters17.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters17.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters17.Stall = helper.String(v)
+ }
+
+ securityAction17.DenyActionParameters = &denyActionParameters17
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters17 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters17.URL = helper.String(v)
+ }
+
+ securityAction17.RedirectActionParameters = &redirectActionParameters17
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["allow_action_parameters"]); ok {
+ allowActionParameters17 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters17.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters17.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction17.AllowActionParameters = &allowActionParameters17
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters17 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters17.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters17.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters17.AttesterId = helper.String(v)
+ }
+
+ securityAction17.ChallengeActionParameters = &challengeActionParameters17
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters17 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters17.Duration = helper.String(v)
+ }
+
+ securityAction17.BlockIPActionParameters = &blockIPActionParameters17
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(baseActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters17 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters17.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters17.ErrorPageId = helper.String(v)
+ }
+
+ securityAction17.ReturnCustomPageActionParameters = &returnCustomPageActionParameters17
+ }
+
+ iPReputationGroup.BaseAction = &securityAction17
+ }
+
+ if v, ok := iPReputationGroupMap["bot_management_action_overrides"]; ok {
+ for _, item := range v.([]interface{}) {
+ botManagementActionOverridesMap := item.(map[string]interface{})
+ botManagementActionOverrides := teov20220901.BotManagementActionOverrides{}
+ if v, ok := botManagementActionOverridesMap["ids"]; ok {
+ idsSet := v.(*schema.Set).List()
+ for i := range idsSet {
+ ids := idsSet[i].(string)
+ botManagementActionOverrides.Ids = append(botManagementActionOverrides.Ids, helper.String(ids))
+ }
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementActionOverridesMap["action"]); ok {
+ securityAction18 := teov20220901.SecurityAction{}
+ if v, ok := actionMap["name"].(string); ok && v != "" {
+ securityAction18.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["deny_action_parameters"]); ok {
+ denyActionParameters18 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters18.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters18.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters18.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters18.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters18.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters18.Stall = helper.String(v)
+ }
+
+ securityAction18.DenyActionParameters = &denyActionParameters18
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters18 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters18.URL = helper.String(v)
+ }
+
+ securityAction18.RedirectActionParameters = &redirectActionParameters18
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["allow_action_parameters"]); ok {
+ allowActionParameters18 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters18.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters18.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction18.AllowActionParameters = &allowActionParameters18
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters18 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters18.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters18.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters18.AttesterId = helper.String(v)
+ }
+
+ securityAction18.ChallengeActionParameters = &challengeActionParameters18
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters18 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters18.Duration = helper.String(v)
+ }
+
+ securityAction18.BlockIPActionParameters = &blockIPActionParameters18
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters18 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters18.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters18.ErrorPageId = helper.String(v)
+ }
+
+ securityAction18.ReturnCustomPageActionParameters = &returnCustomPageActionParameters18
+ }
+
+ botManagementActionOverrides.Action = &securityAction18
+ }
+
+ iPReputationGroup.BotManagementActionOverrides = append(iPReputationGroup.BotManagementActionOverrides, &botManagementActionOverrides)
+ }
+ }
+
+ iPReputation.IPReputationGroup = &iPReputationGroup
+ }
+
+ basicBotSettings.IPReputation = &iPReputation
+ }
+
+ if botIntelligenceMap, ok := helper.ConvertInterfacesHeadToMap(basicBotSettingsMap["bot_intelligence"]); ok {
+ botIntelligence := teov20220901.BotIntelligence{}
+ if botRatingsMap, ok := helper.ConvertInterfacesHeadToMap(botIntelligenceMap["bot_ratings"]); ok {
+ botRatings := teov20220901.BotRatings{}
+ if highRiskBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["high_risk_bot_requests_action"]); ok {
+ securityAction19 := teov20220901.SecurityAction{}
+ if v, ok := highRiskBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction19.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters19 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters19.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters19.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters19.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters19.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters19.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters19.Stall = helper.String(v)
+ }
+
+ securityAction19.DenyActionParameters = &denyActionParameters19
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters19 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters19.URL = helper.String(v)
+ }
+
+ securityAction19.RedirectActionParameters = &redirectActionParameters19
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters19 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters19.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters19.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction19.AllowActionParameters = &allowActionParameters19
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters19 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters19.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters19.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters19.AttesterId = helper.String(v)
+ }
+
+ securityAction19.ChallengeActionParameters = &challengeActionParameters19
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters19 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters19.Duration = helper.String(v)
+ }
+
+ securityAction19.BlockIPActionParameters = &blockIPActionParameters19
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters19 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters19.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters19.ErrorPageId = helper.String(v)
+ }
+
+ securityAction19.ReturnCustomPageActionParameters = &returnCustomPageActionParameters19
+ }
+
+ botRatings.HighRiskBotRequestsAction = &securityAction19
+ }
+
+ if likelyBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["likely_bot_requests_action"]); ok {
+ securityAction20 := teov20220901.SecurityAction{}
+ if v, ok := likelyBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction20.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters20 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters20.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters20.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters20.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters20.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters20.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters20.Stall = helper.String(v)
+ }
+
+ securityAction20.DenyActionParameters = &denyActionParameters20
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters20 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters20.URL = helper.String(v)
+ }
+
+ securityAction20.RedirectActionParameters = &redirectActionParameters20
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters20 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters20.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters20.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction20.AllowActionParameters = &allowActionParameters20
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters20 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters20.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters20.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters20.AttesterId = helper.String(v)
+ }
+
+ securityAction20.ChallengeActionParameters = &challengeActionParameters20
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters20 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters20.Duration = helper.String(v)
+ }
+
+ securityAction20.BlockIPActionParameters = &blockIPActionParameters20
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(likelyBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters20 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters20.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters20.ErrorPageId = helper.String(v)
+ }
+
+ securityAction20.ReturnCustomPageActionParameters = &returnCustomPageActionParameters20
+ }
+
+ botRatings.LikelyBotRequestsAction = &securityAction20
+ }
+
+ if verifiedBotRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["verified_bot_requests_action"]); ok {
+ securityAction21 := teov20220901.SecurityAction{}
+ if v, ok := verifiedBotRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction21.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters21 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters21.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters21.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters21.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters21.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters21.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters21.Stall = helper.String(v)
+ }
+
+ securityAction21.DenyActionParameters = &denyActionParameters21
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters21 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters21.URL = helper.String(v)
+ }
+
+ securityAction21.RedirectActionParameters = &redirectActionParameters21
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters21 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters21.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters21.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction21.AllowActionParameters = &allowActionParameters21
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters21 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters21.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters21.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters21.AttesterId = helper.String(v)
+ }
+
+ securityAction21.ChallengeActionParameters = &challengeActionParameters21
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters21 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters21.Duration = helper.String(v)
+ }
+
+ securityAction21.BlockIPActionParameters = &blockIPActionParameters21
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(verifiedBotRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters21 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters21.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters21.ErrorPageId = helper.String(v)
+ }
+
+ securityAction21.ReturnCustomPageActionParameters = &returnCustomPageActionParameters21
+ }
+
+ botRatings.VerifiedBotRequestsAction = &securityAction21
+ }
+
+ if humanRequestsActionMap, ok := helper.ConvertInterfacesHeadToMap(botRatingsMap["human_requests_action"]); ok {
+ securityAction22 := teov20220901.SecurityAction{}
+ if v, ok := humanRequestsActionMap["name"].(string); ok && v != "" {
+ securityAction22.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["deny_action_parameters"]); ok {
+ denyActionParameters22 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters22.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters22.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters22.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters22.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters22.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters22.Stall = helper.String(v)
+ }
+
+ securityAction22.DenyActionParameters = &denyActionParameters22
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters22 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters22.URL = helper.String(v)
+ }
+
+ securityAction22.RedirectActionParameters = &redirectActionParameters22
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["allow_action_parameters"]); ok {
+ allowActionParameters22 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters22.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters22.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction22.AllowActionParameters = &allowActionParameters22
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters22 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters22.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters22.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters22.AttesterId = helper.String(v)
+ }
+
+ securityAction22.ChallengeActionParameters = &challengeActionParameters22
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters22 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters22.Duration = helper.String(v)
+ }
+
+ securityAction22.BlockIPActionParameters = &blockIPActionParameters22
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(humanRequestsActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters22 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters22.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters22.ErrorPageId = helper.String(v)
+ }
+
+ securityAction22.ReturnCustomPageActionParameters = &returnCustomPageActionParameters22
+ }
+
+ botRatings.HumanRequestsAction = &securityAction22
+ }
+
+ botIntelligence.BotRatings = &botRatings
+ }
+
+ if v, ok := botIntelligenceMap["enabled"].(string); ok && v != "" {
+ botIntelligence.Enabled = helper.String(v)
+ }
+
+ basicBotSettings.BotIntelligence = &botIntelligence
+ }
+
+ botManagement.BasicBotSettings = &basicBotSettings
+ }
+
+ if clientAttestationRulesMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["client_attestation_rules"]); ok {
+ clientAttestationRules := teov20220901.ClientAttestationRules{}
+ if v, ok := clientAttestationRulesMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ clientAttestationRule := teov20220901.ClientAttestationRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ clientAttestationRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ clientAttestationRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ clientAttestationRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["priority"].(int); ok {
+ clientAttestationRule.Priority = helper.IntUint64(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ clientAttestationRule.Condition = helper.String(v)
+ }
+
+ if v, ok := rulesMap["attester_id"].(string); ok && v != "" {
+ clientAttestationRule.AttesterId = helper.String(v)
+ }
+
+ if v, ok := rulesMap["device_profiles"]; ok {
+ for _, item := range v.([]interface{}) {
+ deviceProfilesMap := item.(map[string]interface{})
+ deviceProfile := teov20220901.DeviceProfile{}
+ if v, ok := deviceProfilesMap["client_type"].(string); ok && v != "" {
+ deviceProfile.ClientType = helper.String(v)
+ }
+
+ if v, ok := deviceProfilesMap["high_risk_min_score"].(int); ok {
+ deviceProfile.HighRiskMinScore = helper.IntUint64(v)
+ }
+
+ if highRiskRequestActionMap, ok := helper.ConvertInterfacesHeadToMap(deviceProfilesMap["high_risk_request_action"]); ok {
+ securityAction23 := teov20220901.SecurityAction{}
+ if v, ok := highRiskRequestActionMap["name"].(string); ok && v != "" {
+ securityAction23.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["deny_action_parameters"]); ok {
+ denyActionParameters23 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters23.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters23.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters23.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters23.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters23.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters23.Stall = helper.String(v)
+ }
+
+ securityAction23.DenyActionParameters = &denyActionParameters23
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters23 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters23.URL = helper.String(v)
+ }
+
+ securityAction23.RedirectActionParameters = &redirectActionParameters23
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["allow_action_parameters"]); ok {
+ allowActionParameters23 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters23.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters23.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction23.AllowActionParameters = &allowActionParameters23
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters23 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters23.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters23.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters23.AttesterId = helper.String(v)
+ }
+
+ securityAction23.ChallengeActionParameters = &challengeActionParameters23
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters23 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters23.Duration = helper.String(v)
+ }
+
+ securityAction23.BlockIPActionParameters = &blockIPActionParameters23
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRiskRequestActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters23 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters23.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters23.ErrorPageId = helper.String(v)
+ }
+
+ securityAction23.ReturnCustomPageActionParameters = &returnCustomPageActionParameters23
+ }
+
+ deviceProfile.HighRiskRequestAction = &securityAction23
+ }
+
+ if v, ok := deviceProfilesMap["medium_risk_min_score"].(int); ok {
+ deviceProfile.MediumRiskMinScore = helper.IntUint64(v)
+ }
+
+ if mediumRiskRequestActionMap, ok := helper.ConvertInterfacesHeadToMap(deviceProfilesMap["medium_risk_request_action"]); ok {
+ securityAction24 := teov20220901.SecurityAction{}
+ if v, ok := mediumRiskRequestActionMap["name"].(string); ok && v != "" {
+ securityAction24.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["deny_action_parameters"]); ok {
+ denyActionParameters24 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters24.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters24.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters24.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters24.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters24.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters24.Stall = helper.String(v)
+ }
+
+ securityAction24.DenyActionParameters = &denyActionParameters24
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters24 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters24.URL = helper.String(v)
+ }
+
+ securityAction24.RedirectActionParameters = &redirectActionParameters24
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["allow_action_parameters"]); ok {
+ allowActionParameters24 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters24.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters24.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction24.AllowActionParameters = &allowActionParameters24
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters24 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters24.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters24.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters24.AttesterId = helper.String(v)
+ }
+
+ securityAction24.ChallengeActionParameters = &challengeActionParameters24
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters24 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters24.Duration = helper.String(v)
+ }
+
+ securityAction24.BlockIPActionParameters = &blockIPActionParameters24
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(mediumRiskRequestActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters24 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters24.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters24.ErrorPageId = helper.String(v)
+ }
+
+ securityAction24.ReturnCustomPageActionParameters = &returnCustomPageActionParameters24
+ }
+
+ deviceProfile.MediumRiskRequestAction = &securityAction24
+ }
+
+ clientAttestationRule.DeviceProfiles = append(clientAttestationRule.DeviceProfiles, &deviceProfile)
+ }
+ }
+
+ if invalidAttestationActionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["invalid_attestation_action"]); ok {
+ securityAction25 := teov20220901.SecurityAction{}
+ if v, ok := invalidAttestationActionMap["name"].(string); ok && v != "" {
+ securityAction25.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["deny_action_parameters"]); ok {
+ denyActionParameters25 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters25.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters25.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters25.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters25.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters25.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters25.Stall = helper.String(v)
+ }
+
+ securityAction25.DenyActionParameters = &denyActionParameters25
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters25 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters25.URL = helper.String(v)
+ }
+
+ securityAction25.RedirectActionParameters = &redirectActionParameters25
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["allow_action_parameters"]); ok {
+ allowActionParameters25 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters25.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters25.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction25.AllowActionParameters = &allowActionParameters25
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters25 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters25.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters25.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters25.AttesterId = helper.String(v)
+ }
+
+ securityAction25.ChallengeActionParameters = &challengeActionParameters25
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters25 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters25.Duration = helper.String(v)
+ }
+
+ securityAction25.BlockIPActionParameters = &blockIPActionParameters25
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(invalidAttestationActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters25 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters25.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters25.ErrorPageId = helper.String(v)
+ }
+
+ securityAction25.ReturnCustomPageActionParameters = &returnCustomPageActionParameters25
+ }
+
+ clientAttestationRule.InvalidAttestationAction = &securityAction25
+ }
+
+ clientAttestationRules.Rules = append(clientAttestationRules.Rules, &clientAttestationRule)
+ }
+ }
+
+ botManagement.ClientAttestationRules = &clientAttestationRules
+ }
+
+ if browserImpersonationDetectionMap, ok := helper.ConvertInterfacesHeadToMap(botManagementMap["browser_impersonation_detection"]); ok {
+ browserImpersonationDetection := teov20220901.BrowserImpersonationDetection{}
+ if v, ok := browserImpersonationDetectionMap["rules"]; ok {
+ for _, item := range v.([]interface{}) {
+ rulesMap := item.(map[string]interface{})
+ browserImpersonationDetectionRule := teov20220901.BrowserImpersonationDetectionRule{}
+ if v, ok := rulesMap["id"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Id = helper.String(v)
+ }
+
+ if v, ok := rulesMap["name"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Name = helper.String(v)
+ }
+
+ if v, ok := rulesMap["enabled"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Enabled = helper.String(v)
+ }
+
+ if v, ok := rulesMap["condition"].(string); ok && v != "" {
+ browserImpersonationDetectionRule.Condition = helper.String(v)
+ }
+
+ if actionMap, ok := helper.ConvertInterfacesHeadToMap(rulesMap["action"]); ok {
+ browserImpersonationDetectionAction := teov20220901.BrowserImpersonationDetectionAction{}
+ if botSessionValidationMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["bot_session_validation"]); ok {
+ botSessionValidation := teov20220901.BotSessionValidation{}
+ if v, ok := botSessionValidationMap["issue_new_bot_session_cookie"].(string); ok && v != "" {
+ botSessionValidation.IssueNewBotSessionCookie = helper.String(v)
+ }
+
+ if maxNewSessionTriggerConfigMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["max_new_session_trigger_config"]); ok {
+ maxNewSessionTriggerConfig := teov20220901.MaxNewSessionTriggerConfig{}
+ if v, ok := maxNewSessionTriggerConfigMap["max_new_session_count_interval"].(string); ok && v != "" {
+ maxNewSessionTriggerConfig.MaxNewSessionCountInterval = helper.String(v)
+ }
+
+ if v, ok := maxNewSessionTriggerConfigMap["max_new_session_count_threshold"].(int); ok {
+ maxNewSessionTriggerConfig.MaxNewSessionCountThreshold = helper.IntInt64(v)
+ }
+
+ botSessionValidation.MaxNewSessionTriggerConfig = &maxNewSessionTriggerConfig
+ }
+
+ if sessionExpiredActionMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_expired_action"]); ok {
+ securityAction26 := teov20220901.SecurityAction{}
+ if v, ok := sessionExpiredActionMap["name"].(string); ok && v != "" {
+ securityAction26.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["deny_action_parameters"]); ok {
+ denyActionParameters26 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters26.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters26.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters26.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters26.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters26.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters26.Stall = helper.String(v)
+ }
+
+ securityAction26.DenyActionParameters = &denyActionParameters26
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters26 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters26.URL = helper.String(v)
+ }
+
+ securityAction26.RedirectActionParameters = &redirectActionParameters26
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["allow_action_parameters"]); ok {
+ allowActionParameters26 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters26.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters26.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction26.AllowActionParameters = &allowActionParameters26
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters26 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters26.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters26.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters26.AttesterId = helper.String(v)
+ }
+
+ securityAction26.ChallengeActionParameters = &challengeActionParameters26
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters26 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters26.Duration = helper.String(v)
+ }
+
+ securityAction26.BlockIPActionParameters = &blockIPActionParameters26
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionExpiredActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters26 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters26.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters26.ErrorPageId = helper.String(v)
+ }
+
+ securityAction26.ReturnCustomPageActionParameters = &returnCustomPageActionParameters26
+ }
+
+ botSessionValidation.SessionExpiredAction = &securityAction26
+ }
+
+ if sessionInvalidActionMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_invalid_action"]); ok {
+ securityAction27 := teov20220901.SecurityAction{}
+ if v, ok := sessionInvalidActionMap["name"].(string); ok && v != "" {
+ securityAction27.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["deny_action_parameters"]); ok {
+ denyActionParameters27 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters27.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters27.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters27.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters27.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters27.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters27.Stall = helper.String(v)
+ }
+
+ securityAction27.DenyActionParameters = &denyActionParameters27
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters27 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters27.URL = helper.String(v)
+ }
+
+ securityAction27.RedirectActionParameters = &redirectActionParameters27
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["allow_action_parameters"]); ok {
+ allowActionParameters27 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters27.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters27.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction27.AllowActionParameters = &allowActionParameters27
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters27 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters27.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters27.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters27.AttesterId = helper.String(v)
+ }
+
+ securityAction27.ChallengeActionParameters = &challengeActionParameters27
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters27 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters27.Duration = helper.String(v)
+ }
+
+ securityAction27.BlockIPActionParameters = &blockIPActionParameters27
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(sessionInvalidActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters27 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters27.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters27.ErrorPageId = helper.String(v)
+ }
+
+ securityAction27.ReturnCustomPageActionParameters = &returnCustomPageActionParameters27
+ }
+
+ botSessionValidation.SessionInvalidAction = &securityAction27
+ }
+
+ if sessionRateControlMap, ok := helper.ConvertInterfacesHeadToMap(botSessionValidationMap["session_rate_control"]); ok {
+ sessionRateControl := teov20220901.SessionRateControl{}
+ if v, ok := sessionRateControlMap["enabled"].(string); ok && v != "" {
+ sessionRateControl.Enabled = helper.String(v)
+ }
+
+ if highRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["high_rate_session_action"]); ok {
+ securityAction28 := teov20220901.SecurityAction{}
+ if v, ok := highRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction28.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters28 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters28.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters28.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters28.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters28.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters28.ErrorPageId = helper.String(v)
+ }
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters28.Stall = helper.String(v)
+ }
+
+ securityAction28.DenyActionParameters = &denyActionParameters28
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters28 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters28.URL = helper.String(v)
+ }
+
+ securityAction28.RedirectActionParameters = &redirectActionParameters28
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters28 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters28.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters28.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction28.AllowActionParameters = &allowActionParameters28
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters28 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters28.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters28.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters28.AttesterId = helper.String(v)
+ }
+
+ securityAction28.ChallengeActionParameters = &challengeActionParameters28
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters28 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters28.Duration = helper.String(v)
+ }
+
+ securityAction28.BlockIPActionParameters = &blockIPActionParameters28
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(highRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters28 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters28.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters28.ErrorPageId = helper.String(v)
+ }
+
+ securityAction28.ReturnCustomPageActionParameters = &returnCustomPageActionParameters28
+ }
+
+ sessionRateControl.HighRateSessionAction = &securityAction28
+ }
+
+ if midRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["mid_rate_session_action"]); ok {
+ securityAction29 := teov20220901.SecurityAction{}
+ if v, ok := midRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction29.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters29 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters29.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters29.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters29.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters29.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters29.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters29.Stall = helper.String(v)
+ }
+
+ securityAction29.DenyActionParameters = &denyActionParameters29
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters29 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters29.URL = helper.String(v)
+ }
+
+ securityAction29.RedirectActionParameters = &redirectActionParameters29
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters29 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters29.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters29.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction29.AllowActionParameters = &allowActionParameters29
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters29 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters29.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters29.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters29.AttesterId = helper.String(v)
+ }
+
+ securityAction29.ChallengeActionParameters = &challengeActionParameters29
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters29 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters29.Duration = helper.String(v)
+ }
+
+ securityAction29.BlockIPActionParameters = &blockIPActionParameters29
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(midRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters29 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters29.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters29.ErrorPageId = helper.String(v)
+ }
+
+ securityAction29.ReturnCustomPageActionParameters = &returnCustomPageActionParameters29
+ }
+
+ sessionRateControl.MidRateSessionAction = &securityAction29
+ }
+
+ if lowRateSessionActionMap, ok := helper.ConvertInterfacesHeadToMap(sessionRateControlMap["low_rate_session_action"]); ok {
+ securityAction30 := teov20220901.SecurityAction{}
+ if v, ok := lowRateSessionActionMap["name"].(string); ok && v != "" {
+ securityAction30.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["deny_action_parameters"]); ok {
+ denyActionParameters30 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters30.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters30.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters30.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters30.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters30.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters30.Stall = helper.String(v)
+ }
+
+ securityAction30.DenyActionParameters = &denyActionParameters30
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters30 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters30.URL = helper.String(v)
+ }
+
+ securityAction30.RedirectActionParameters = &redirectActionParameters30
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["allow_action_parameters"]); ok {
+ allowActionParameters30 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters30.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters30.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction30.AllowActionParameters = &allowActionParameters30
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters30 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters30.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters30.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters30.AttesterId = helper.String(v)
+ }
+
+ securityAction30.ChallengeActionParameters = &challengeActionParameters30
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters30 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters30.Duration = helper.String(v)
+ }
+
+ securityAction30.BlockIPActionParameters = &blockIPActionParameters30
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(lowRateSessionActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters30 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters30.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters30.ErrorPageId = helper.String(v)
+ }
+
+ securityAction30.ReturnCustomPageActionParameters = &returnCustomPageActionParameters30
+ }
+
+ sessionRateControl.LowRateSessionAction = &securityAction30
+ }
+
+ botSessionValidation.SessionRateControl = &sessionRateControl
+ }
+
+ browserImpersonationDetectionAction.BotSessionValidation = &botSessionValidation
+ }
+
+ if clientBehaviorDetectionMap, ok := helper.ConvertInterfacesHeadToMap(actionMap["client_behavior_detection"]); ok {
+ clientBehaviorDetection := teov20220901.ClientBehaviorDetection{}
+ if v, ok := clientBehaviorDetectionMap["crypto_challenge_intensity"].(string); ok && v != "" {
+ clientBehaviorDetection.CryptoChallengeIntensity = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["crypto_challenge_delay_before"].(string); ok && v != "" {
+ clientBehaviorDetection.CryptoChallengeDelayBefore = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["max_challenge_count_interval"].(string); ok && v != "" {
+ clientBehaviorDetection.MaxChallengeCountInterval = helper.String(v)
+ }
+
+ if v, ok := clientBehaviorDetectionMap["max_challenge_count_threshold"].(int); ok {
+ clientBehaviorDetection.MaxChallengeCountThreshold = helper.IntInt64(v)
+ }
+
+ if challengeNotFinishedActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["challenge_not_finished_action"]); ok {
+ securityAction31 := teov20220901.SecurityAction{}
+ if v, ok := challengeNotFinishedActionMap["name"].(string); ok && v != "" {
+ securityAction31.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["deny_action_parameters"]); ok {
+ denyActionParameters31 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters31.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters31.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters31.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters31.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters31.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters31.Stall = helper.String(v)
+ }
+
+ securityAction31.DenyActionParameters = &denyActionParameters31
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters31 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters31.URL = helper.String(v)
+ }
+
+ securityAction31.RedirectActionParameters = &redirectActionParameters31
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["allow_action_parameters"]); ok {
+ allowActionParameters31 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters31.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters31.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction31.AllowActionParameters = &allowActionParameters31
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters31 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters31.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters31.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters31.AttesterId = helper.String(v)
+ }
+
+ securityAction31.ChallengeActionParameters = &challengeActionParameters31
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters31 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters31.Duration = helper.String(v)
+ }
+
+ securityAction31.BlockIPActionParameters = &blockIPActionParameters31
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeNotFinishedActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters31 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters31.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters31.ErrorPageId = helper.String(v)
+ }
+
+ securityAction31.ReturnCustomPageActionParameters = &returnCustomPageActionParameters31
+ }
+
+ clientBehaviorDetection.ChallengeNotFinishedAction = &securityAction31
+ }
+
+ if challengeTimeoutActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["challenge_timeout_action"]); ok {
+ securityAction32 := teov20220901.SecurityAction{}
+ if v, ok := challengeTimeoutActionMap["name"].(string); ok && v != "" {
+ securityAction32.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["deny_action_parameters"]); ok {
+ denyActionParameters32 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters32.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters32.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters32.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters32.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters32.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters32.Stall = helper.String(v)
+ }
+
+ securityAction32.DenyActionParameters = &denyActionParameters32
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters32 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters32.URL = helper.String(v)
+ }
+
+ securityAction32.RedirectActionParameters = &redirectActionParameters32
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["allow_action_parameters"]); ok {
+ allowActionParameters32 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters32.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters32.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction32.AllowActionParameters = &allowActionParameters32
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters32 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters32.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters32.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters32.AttesterId = helper.String(v)
+ }
+
+ securityAction32.ChallengeActionParameters = &challengeActionParameters32
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters32 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters32.Duration = helper.String(v)
+ }
+
+ securityAction32.BlockIPActionParameters = &blockIPActionParameters32
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(challengeTimeoutActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters32 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters32.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters32.ErrorPageId = helper.String(v)
+ }
+
+ securityAction32.ReturnCustomPageActionParameters = &returnCustomPageActionParameters32
+ }
+
+ clientBehaviorDetection.ChallengeTimeoutAction = &securityAction32
+ }
+
+ if botClientActionMap, ok := helper.ConvertInterfacesHeadToMap(clientBehaviorDetectionMap["bot_client_action"]); ok {
+ securityAction33 := teov20220901.SecurityAction{}
+ if v, ok := botClientActionMap["name"].(string); ok && v != "" {
+ securityAction33.Name = helper.String(v)
+ }
+
+ if denyActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["deny_action_parameters"]); ok {
+ denyActionParameters33 := teov20220901.DenyActionParameters{}
+ if v, ok := denyActionParametersMap["block_ip"].(string); ok && v != "" {
+ denyActionParameters33.BlockIp = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["block_ip_duration"].(string); ok && v != "" {
+ denyActionParameters33.BlockIpDuration = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["return_custom_page"].(string); ok && v != "" {
+ denyActionParameters33.ReturnCustomPage = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["response_code"].(string); ok && v != "" {
+ denyActionParameters33.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["error_page_id"].(string); ok && v != "" {
+ denyActionParameters33.ErrorPageId = helper.String(v)
+ }
+
+ if v, ok := denyActionParametersMap["stall"].(string); ok && v != "" {
+ denyActionParameters33.Stall = helper.String(v)
+ }
+
+ securityAction33.DenyActionParameters = &denyActionParameters33
+ }
+
+ if redirectActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["redirect_action_parameters"]); ok {
+ redirectActionParameters33 := teov20220901.RedirectActionParameters{}
+ if v, ok := redirectActionParametersMap["url"].(string); ok && v != "" {
+ redirectActionParameters33.URL = helper.String(v)
+ }
+
+ securityAction33.RedirectActionParameters = &redirectActionParameters33
+ }
+
+ if allowActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["allow_action_parameters"]); ok {
+ allowActionParameters33 := teov20220901.AllowActionParameters{}
+ if v, ok := allowActionParametersMap["min_delay_time"].(string); ok && v != "" {
+ allowActionParameters33.MinDelayTime = helper.String(v)
+ }
+
+ if v, ok := allowActionParametersMap["max_delay_time"].(string); ok && v != "" {
+ allowActionParameters33.MaxDelayTime = helper.String(v)
+ }
+
+ securityAction33.AllowActionParameters = &allowActionParameters33
+ }
+
+ if challengeActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["challenge_action_parameters"]); ok {
+ challengeActionParameters33 := teov20220901.ChallengeActionParameters{}
+ if v, ok := challengeActionParametersMap["challenge_option"].(string); ok && v != "" {
+ challengeActionParameters33.ChallengeOption = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["interval"].(string); ok && v != "" {
+ challengeActionParameters33.Interval = helper.String(v)
+ }
+
+ if v, ok := challengeActionParametersMap["attester_id"].(string); ok && v != "" {
+ challengeActionParameters33.AttesterId = helper.String(v)
+ }
+
+ securityAction33.ChallengeActionParameters = &challengeActionParameters33
+ }
+
+ if blockIPActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["block_ip_action_parameters"]); ok {
+ blockIPActionParameters33 := teov20220901.BlockIPActionParameters{}
+ if v, ok := blockIPActionParametersMap["duration"].(string); ok && v != "" {
+ blockIPActionParameters33.Duration = helper.String(v)
+ }
+
+ securityAction33.BlockIPActionParameters = &blockIPActionParameters33
+ }
+
+ if returnCustomPageActionParametersMap, ok := helper.ConvertInterfacesHeadToMap(botClientActionMap["return_custom_page_action_parameters"]); ok {
+ returnCustomPageActionParameters33 := teov20220901.ReturnCustomPageActionParameters{}
+ if v, ok := returnCustomPageActionParametersMap["response_code"].(string); ok && v != "" {
+ returnCustomPageActionParameters33.ResponseCode = helper.String(v)
+ }
+
+ if v, ok := returnCustomPageActionParametersMap["error_page_id"].(string); ok && v != "" {
+ returnCustomPageActionParameters33.ErrorPageId = helper.String(v)
+ }
+
+ securityAction33.ReturnCustomPageActionParameters = &returnCustomPageActionParameters33
+ }
+
+ clientBehaviorDetection.BotClientAction = &securityAction33
+ }
+
+ browserImpersonationDetectionAction.ClientBehaviorDetection = &clientBehaviorDetection
+ }
+
+ browserImpersonationDetectionRule.Action = &browserImpersonationDetectionAction
+ }
+
+ browserImpersonationDetection.Rules = append(browserImpersonationDetection.Rules, &browserImpersonationDetectionRule)
+ }
+ }
+
+ botManagement.BrowserImpersonationDetection = &browserImpersonationDetection
+ }
+
+ securityPolicy.BotManagement = &botManagement
+ }
+
+ request.SecurityPolicy = &securityPolicy
+ }
+
+ request.ZoneId = &zoneId
+ request.TemplateId = &templateId
+ reqErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseTeoV20220901Client().ModifyWebSecurityTemplateWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ return nil
+ })
+
+ if reqErr != nil {
+ log.Printf("[CRITAL]%s update teo web security template failed, reason:%+v", logId, reqErr)
+ return reqErr
+ }
+ }
+
+ return resourceTencentCloudTeoWebSecurityTemplateRead(d, meta)
+}
+
+func resourceTencentCloudTeoWebSecurityTemplateDelete(d *schema.ResourceData, meta interface{}) error {
+ defer tccommon.LogElapsed("resource.tencentcloud_teo_web_security_template.delete")()
+ defer tccommon.InconsistentCheck(d, meta)()
+
+ var (
+ logId = tccommon.GetLogId(tccommon.ContextNil)
+ ctx = tccommon.NewResourceLifeCycleHandleFuncContext(context.Background(), logId, d, meta)
+ request = teov20220901.NewDeleteWebSecurityTemplateRequest()
+ )
+
+ idSplit := strings.Split(d.Id(), tccommon.FILED_SP)
+ if len(idSplit) != 2 {
+ return fmt.Errorf("id is broken,%s", d.Id())
+ }
+
+ zoneId := idSplit[0]
+ templateId := idSplit[1]
+
+ request.ZoneId = &zoneId
+ request.TemplateId = &templateId
+ reqErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+ result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseTeoV20220901Client().DeleteWebSecurityTemplateWithContext(ctx, request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ return nil
+ })
+
+ if reqErr != nil {
+ log.Printf("[CRITAL]%s delete teo web security template failed, reason:%+v", logId, reqErr)
+ return reqErr
+ }
+
+ return nil
+}
diff --git a/tencentcloud/services/teo/resource_tc_teo_web_security_template.md b/tencentcloud/services/teo/resource_tc_teo_web_security_template.md
new file mode 100644
index 0000000000..36e11a9241
--- /dev/null
+++ b/tencentcloud/services/teo/resource_tc_teo_web_security_template.md
@@ -0,0 +1,249 @@
+Provides a resource to create a TEO web security template
+
+Example Usage
+
+```hcl
+resource "tencentcloud_teo_web_security_template" "example" {
+ zone_id = "zone-3fkff38fyw8s"
+ template_name = "example"
+ security_policy {
+ bot_management {
+ enabled = "off"
+ basic_bot_settings {
+ bot_intelligence {
+ enabled = "off"
+ bot_ratings {
+ high_risk_bot_requests_action {
+ name = "Monitor"
+ }
+
+ human_requests_action {
+ name = "Allow"
+ }
+
+ likely_bot_requests_action {
+ name = "Monitor"
+ }
+
+ verified_bot_requests_action {
+ name = "Monitor"
+ }
+ }
+ }
+
+ ip_reputation {
+ enabled = "off"
+ }
+ }
+ }
+
+ http_ddos_protection {
+ adaptive_frequency_control {
+ enabled = "on"
+ sensitivity = "Loose"
+
+ action {
+ name = "Challenge"
+ challenge_action_parameters {
+ attester_id = null
+ challenge_option = "JSChallenge"
+ interval = null
+ }
+ }
+ }
+
+ bandwidth_abuse_defense {
+ enabled = "off"
+ action {
+ name = "Monitor"
+ }
+ }
+
+ client_filtering {
+ enabled = "on"
+ action {
+ name = "Challenge"
+ challenge_action_parameters {
+ attester_id = null
+ challenge_option = "JSChallenge"
+ interval = null
+ }
+ }
+ }
+
+ slow_attack_defense {
+ enabled = "off"
+ action {
+ name = "Deny"
+ }
+
+ minimal_request_body_transfer_rate {
+ counting_period = "60s"
+ enabled = "off"
+ minimal_avg_transfer_rate_threshold = "80bps"
+ }
+
+ request_body_transfer_timeout {
+ enabled = "off"
+ idle_timeout = "5s"
+ }
+ }
+ }
+
+ managed_rules {
+ detection_only = "on"
+ enabled = "on"
+ semantic_analysis = "off"
+
+ auto_update {
+ auto_update_to_latest_version = "off"
+ }
+
+ managed_rule_groups {
+ group_id = "wafgroup-webshell-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-xss-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-xxe-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-vulnerability-scanners"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-non-compliant-protocol-usages"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-cms-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-file-upload-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-other-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-command-and-code-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-sql-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-shiro-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-unauthorized-file-accesses"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ldap-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-oa-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ssrf-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ssti-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-unauthorized-accesses"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ }
+ }
+}
+```
+
+Import
+
+TEO web security template can be imported using the zoneId#templateId, e.g.
+
+```
+terraform import tencentcloud_teo_web_security_template.example zone-3fkff38fyw8s#temp-p3p973nu
+```
diff --git a/tencentcloud/services/teo/resource_tc_teo_web_security_template_test.go b/tencentcloud/services/teo/resource_tc_teo_web_security_template_test.go
new file mode 100644
index 0000000000..720ca44764
--- /dev/null
+++ b/tencentcloud/services/teo/resource_tc_teo_web_security_template_test.go
@@ -0,0 +1,237 @@
+package teo_test
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+ tcacctest "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/acctest"
+)
+
+func TestAccTencentCloudTeoWebSecurityTemplateResource_basic(t *testing.T) {
+ t.Parallel()
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() {
+ tcacctest.AccPreCheck(t)
+ },
+ Providers: tcacctest.AccProviders,
+ Steps: []resource.TestStep{{
+ Config: testAccTeoWebSecurityTemplate,
+ Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_teo_web_security_template.teo_web_security_template", "id")),
+ }, {
+ ResourceName: "tencentcloud_teo_web_security_template.teo_web_security_template",
+ ImportState: true,
+ ImportStateVerify: true,
+ }},
+ })
+}
+
+const testAccTeoWebSecurityTemplate = `
+
+resource "tencentcloud_teo_web_security_template" "teo_web_security_template" {
+ security_policy = {
+ custom_rules = {
+ rules = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ }
+ managed_rules = {
+ auto_update = {
+ }
+ managed_rule_groups = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ rule_actions = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ meta_data = {
+ rule_details = {
+ }
+ }
+ }
+ }
+ http_d_do_s_protection = {
+ adaptive_frequency_control = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ client_filtering = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ bandwidth_abuse_defense = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ slow_attack_defense = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ minimal_request_body_transfer_rate = {
+ }
+ request_body_transfer_timeout = {
+ }
+ }
+ }
+ rate_limiting_rules = {
+ rules = {
+ action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ }
+ exception_rules = {
+ rules = {
+ request_fields_for_exception = {
+ }
+ }
+ }
+ bot_management = {
+ client_attestation_rules = {
+ rules = {
+ device_profiles = {
+ high_risk_request_action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ medium_risk_request_action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ invalid_attestation_action = {
+ deny_action_parameters = {
+ }
+ redirect_action_parameters = {
+ }
+ allow_action_parameters = {
+ }
+ challenge_action_parameters = {
+ }
+ block_ip_action_parameters = {
+ }
+ return_custom_page_action_parameters = {
+ }
+ }
+ }
+ }
+ }
+ }
+}
+`
diff --git a/tencentcloud/services/teo/service_tencentcloud_teo.go b/tencentcloud/services/teo/service_tencentcloud_teo.go
index 99d48d91af..83649c0490 100644
--- a/tencentcloud/services/teo/service_tencentcloud_teo.go
+++ b/tencentcloud/services/teo/service_tencentcloud_teo.go
@@ -2227,3 +2227,133 @@ func (me *TeoService) DescribeTeoOriginAclByFilter(ctx context.Context, param ma
ret = response.Response
return
}
+
+func (me *TeoService) DescribeTeoWebSecurityTemplatesByFilter(ctx context.Context, param map[string]interface{}) (ret []*teo.SecurityPolicyTemplateInfo, errRet error) {
+ var (
+ logId = tccommon.GetLogId(ctx)
+ request = teo.NewDescribeWebSecurityTemplatesRequest()
+ response = teo.NewDescribeWebSecurityTemplatesResponse()
+ )
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ for k, v := range param {
+ if k == "ZoneIds" {
+ request.ZoneIds = v.([]*string)
+ }
+ }
+
+ err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+ ratelimit.Check(request.GetAction())
+ result, e := me.client.UseTeoV20220901Client().DescribeWebSecurityTemplates(request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ if result == nil || result.Response == nil {
+ return resource.NonRetryableError(fmt.Errorf("Describe web security templates failed, Response is nil."))
+ }
+
+ response = result
+ return nil
+ })
+
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ ret = response.Response.SecurityPolicyTemplates
+ return
+}
+
+func (me *TeoService) DescribeTeoWebSecurityTemplateById(ctx context.Context, zoneId, templateId string) (ret *teo.SecurityPolicy, errRet error) {
+ logId := tccommon.GetLogId(ctx)
+
+ request := teo.NewDescribeWebSecurityTemplateRequest()
+ response := teo.NewDescribeWebSecurityTemplateResponse()
+ request.ZoneId = &zoneId
+ request.TemplateId = &templateId
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+ ratelimit.Check(request.GetAction())
+ result, e := me.client.UseTeoV20220901Client().DescribeWebSecurityTemplate(request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ if result == nil || result.Response == nil || result.Response.SecurityPolicy == nil {
+ return resource.NonRetryableError(fmt.Errorf("Describe web security templates failed, Response is nil."))
+ }
+
+ response = result
+ return nil
+ })
+
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ ret = response.Response.SecurityPolicy
+ return
+}
+
+func (me *TeoService) DescribeTeoWebSecurityTemplatesById(ctx context.Context, zoneId, templateId string) (ret *teo.SecurityPolicyTemplateInfo, errRet error) {
+ logId := tccommon.GetLogId(ctx)
+
+ request := teo.NewDescribeWebSecurityTemplatesRequest()
+ response := teo.NewDescribeWebSecurityTemplatesResponse()
+ request.ZoneIds = helper.Strings([]string{zoneId})
+
+ defer func() {
+ if errRet != nil {
+ log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+ }
+ }()
+
+ err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
+ ratelimit.Check(request.GetAction())
+ result, e := me.client.UseTeoV20220901Client().DescribeWebSecurityTemplates(request)
+ if e != nil {
+ return tccommon.RetryError(e)
+ } else {
+ log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+ }
+
+ if result == nil || result.Response == nil || result.Response.SecurityPolicyTemplates == nil {
+ return resource.NonRetryableError(fmt.Errorf("Describe web security templates failed, Response is nil."))
+ }
+
+ response = result
+ return nil
+ })
+
+ if err != nil {
+ errRet = err
+ return
+ }
+
+ for _, item := range response.Response.SecurityPolicyTemplates {
+ if item != nil && item.TemplateId != nil && *item.TemplateId == templateId {
+ ret = item
+ return
+ }
+ }
+
+ return
+}
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
index ef97ef16cc..99509e1319 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http/request.go
@@ -265,7 +265,7 @@ func CompleteCommonParams(request Request, region string, requestClient string)
params["Action"] = request.GetAction()
params["Timestamp"] = strconv.FormatInt(time.Now().Unix(), 10)
params["Nonce"] = strconv.Itoa(rand.Int())
- params["RequestClient"] = "SDK_GO_1.1.50"
+ params["RequestClient"] = "SDK_GO_1.1.52"
if requestClient != "" {
params["RequestClient"] += ": " + requestClient
}
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/client.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/client.go
index 416b5cb4ec..4e4056b53b 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/client.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/client.go
@@ -45,6 +45,90 @@ func NewClient(credential common.CredentialIface, region string, clientProfile *
}
+func NewApplyFreeCertificateRequest() (request *ApplyFreeCertificateRequest) {
+ request = &ApplyFreeCertificateRequest{
+ BaseRequest: &tchttp.BaseRequest{},
+ }
+
+ request.Init().WithApiInfo("teo", APIVersion, "ApplyFreeCertificate")
+
+
+ return
+}
+
+func NewApplyFreeCertificateResponse() (response *ApplyFreeCertificateResponse) {
+ response = &ApplyFreeCertificateResponse{
+ BaseResponse: &tchttp.BaseResponse{},
+ }
+ return
+
+}
+
+// ApplyFreeCertificate
+// 申请免费证书时,如果您需要通过使用 DNS 委派验证或者文件验证进行申请,您可以调用该接口来进行发起证书申请并根据申请方式来获取对应的验证内容。调用接口的顺序如下:
+//
+// 第一步:调用 ApplyFreeCertificate,指定申请免费证书的校验方式,获取验证内容;
+//
+// 第二步:为相应域名按照验证内容配置;
+//
+// 第三步:调用CheckFreeCertificateVerification 验证,验证通过后即完成免费证书申请;
+//
+// 第四步:调用ModifyHostsCertificate,下发域名证书为使用 EdgeOne 免费证书配置。
+//
+//
+//
+// 申请方式的介绍可参考文档:[免费证书申请说明](https://cloud.tencent.com/document/product/1552/90437)
+//
+// 说明:
+//
+// - 仅 CNAME 接入模式可调用该接口来指定免费证书申请方式。NS/DNSPod 托管接入模式都是使用自动验证来申请免费证书,无需调用该接口。
+//
+// - 如果您需要切换免费证书验证方式,您可以重新调用本接口通过修改 VerificationMethod 字段来进行变更。
+//
+// - 同个域名只能申请一本免费证书,在调用本接口后,后台会触发申请免费证书相关任务,您需要在2 天内,完成域名验证信息的相关配置,然后完成证书验证。
+func (c *Client) ApplyFreeCertificate(request *ApplyFreeCertificateRequest) (response *ApplyFreeCertificateResponse, err error) {
+ return c.ApplyFreeCertificateWithContext(context.Background(), request)
+}
+
+// ApplyFreeCertificate
+// 申请免费证书时,如果您需要通过使用 DNS 委派验证或者文件验证进行申请,您可以调用该接口来进行发起证书申请并根据申请方式来获取对应的验证内容。调用接口的顺序如下:
+//
+// 第一步:调用 ApplyFreeCertificate,指定申请免费证书的校验方式,获取验证内容;
+//
+// 第二步:为相应域名按照验证内容配置;
+//
+// 第三步:调用CheckFreeCertificateVerification 验证,验证通过后即完成免费证书申请;
+//
+// 第四步:调用ModifyHostsCertificate,下发域名证书为使用 EdgeOne 免费证书配置。
+//
+//
+//
+// 申请方式的介绍可参考文档:[免费证书申请说明](https://cloud.tencent.com/document/product/1552/90437)
+//
+// 说明:
+//
+// - 仅 CNAME 接入模式可调用该接口来指定免费证书申请方式。NS/DNSPod 托管接入模式都是使用自动验证来申请免费证书,无需调用该接口。
+//
+// - 如果您需要切换免费证书验证方式,您可以重新调用本接口通过修改 VerificationMethod 字段来进行变更。
+//
+// - 同个域名只能申请一本免费证书,在调用本接口后,后台会触发申请免费证书相关任务,您需要在2 天内,完成域名验证信息的相关配置,然后完成证书验证。
+func (c *Client) ApplyFreeCertificateWithContext(ctx context.Context, request *ApplyFreeCertificateRequest) (response *ApplyFreeCertificateResponse, err error) {
+ if request == nil {
+ request = NewApplyFreeCertificateRequest()
+ }
+ c.InitBaseRequest(&request.BaseRequest, "teo", APIVersion, "ApplyFreeCertificate")
+
+ if c.GetCredential() == nil {
+ return nil, errors.New("ApplyFreeCertificate require credential")
+ }
+
+ request.SetContext(ctx)
+
+ response = NewApplyFreeCertificateResponse()
+ err = c.Send(request, response)
+ return
+}
+
func NewBindSecurityTemplateToEntityRequest() (request *BindSecurityTemplateToEntityRequest) {
request = &BindSecurityTemplateToEntityRequest{
BaseRequest: &tchttp.BaseRequest{},
@@ -279,6 +363,66 @@ func (c *Client) CheckCnameStatusWithContext(ctx context.Context, request *Check
return
}
+func NewCheckFreeCertificateVerificationRequest() (request *CheckFreeCertificateVerificationRequest) {
+ request = &CheckFreeCertificateVerificationRequest{
+ BaseRequest: &tchttp.BaseRequest{},
+ }
+
+ request.Init().WithApiInfo("teo", APIVersion, "CheckFreeCertificateVerification")
+
+
+ return
+}
+
+func NewCheckFreeCertificateVerificationResponse() (response *CheckFreeCertificateVerificationResponse) {
+ response = &CheckFreeCertificateVerificationResponse{
+ BaseResponse: &tchttp.BaseResponse{},
+ }
+ return
+
+}
+
+// CheckFreeCertificateVerification
+// 该接口用于验证免费证书并获取免费证书申请结果。如果验证通过,可通过该接口查询到对应域名申请的免费证书信息,如果申请失败,该接口将返回对应的验证失败信息。
+//
+// 在触发[申请免费证书接口](https://cloud.tencent.com/document/product/1552/90437)后,您可以通过本接口检查免费证书申请结果。在免费证书申请成功后, 还需要通过[配置域名证书](https://tcloud4api.woa.com/document/product/1657/80723?!preview)接口配置,才能将免费证书部署至加速域上。
+//
+// 可能返回的错误码:
+// INTERNALERROR_PROXYSERVER = "InternalError.ProxyServer"
+// UNAUTHORIZEDOPERATION_CAMUNAUTHORIZED = "UnauthorizedOperation.CamUnauthorized"
+// UNAUTHORIZEDOPERATION_NOPERMISSION = "UnauthorizedOperation.NoPermission"
+// UNAUTHORIZEDOPERATION_UNKNOWN = "UnauthorizedOperation.Unknown"
+func (c *Client) CheckFreeCertificateVerification(request *CheckFreeCertificateVerificationRequest) (response *CheckFreeCertificateVerificationResponse, err error) {
+ return c.CheckFreeCertificateVerificationWithContext(context.Background(), request)
+}
+
+// CheckFreeCertificateVerification
+// 该接口用于验证免费证书并获取免费证书申请结果。如果验证通过,可通过该接口查询到对应域名申请的免费证书信息,如果申请失败,该接口将返回对应的验证失败信息。
+//
+// 在触发[申请免费证书接口](https://cloud.tencent.com/document/product/1552/90437)后,您可以通过本接口检查免费证书申请结果。在免费证书申请成功后, 还需要通过[配置域名证书](https://tcloud4api.woa.com/document/product/1657/80723?!preview)接口配置,才能将免费证书部署至加速域上。
+//
+// 可能返回的错误码:
+// INTERNALERROR_PROXYSERVER = "InternalError.ProxyServer"
+// UNAUTHORIZEDOPERATION_CAMUNAUTHORIZED = "UnauthorizedOperation.CamUnauthorized"
+// UNAUTHORIZEDOPERATION_NOPERMISSION = "UnauthorizedOperation.NoPermission"
+// UNAUTHORIZEDOPERATION_UNKNOWN = "UnauthorizedOperation.Unknown"
+func (c *Client) CheckFreeCertificateVerificationWithContext(ctx context.Context, request *CheckFreeCertificateVerificationRequest) (response *CheckFreeCertificateVerificationResponse, err error) {
+ if request == nil {
+ request = NewCheckFreeCertificateVerificationRequest()
+ }
+ c.InitBaseRequest(&request.BaseRequest, "teo", APIVersion, "CheckFreeCertificateVerification")
+
+ if c.GetCredential() == nil {
+ return nil, errors.New("CheckFreeCertificateVerification require credential")
+ }
+
+ request.SetContext(ctx)
+
+ response = NewCheckFreeCertificateVerificationResponse()
+ err = c.Send(request, response)
+ return
+}
+
func NewConfirmMultiPathGatewayOriginACLRequest() (request *ConfirmMultiPathGatewayOriginACLRequest) {
request = &ConfirmMultiPathGatewayOriginACLRequest{
BaseRequest: &tchttp.BaseRequest{},
@@ -1317,7 +1461,7 @@ func NewCreateFunctionRuleResponse() (response *CreateFunctionRuleResponse) {
}
// CreateFunctionRule
-// 创建边缘函数的触发规则。
+// 创建边缘函数的触发规则。支持通过自定义过滤条件来决定是否需要执行函数,当需要执行函数时,提供了多种选择目标函数的方式,包括:直接指定,基于客户端归属地区选择和基于权重选择。
//
// 可能返回的错误码:
// FAILEDOPERATION = "FailedOperation"
@@ -1334,7 +1478,7 @@ func (c *Client) CreateFunctionRule(request *CreateFunctionRuleRequest) (respons
}
// CreateFunctionRule
-// 创建边缘函数的触发规则。
+// 创建边缘函数的触发规则。支持通过自定义过滤条件来决定是否需要执行函数,当需要执行函数时,提供了多种选择目标函数的方式,包括:直接指定,基于客户端归属地区选择和基于权重选择。
//
// 可能返回的错误码:
// FAILEDOPERATION = "FailedOperation"
@@ -2431,6 +2575,8 @@ func NewCreateRealtimeLogDeliveryTaskResponse() (response *CreateRealtimeLogDeli
//
// - 当数据投递类型(LogType)为速率限制和 CC 攻击防护日志、托管规则日志、自定义规则日志、Bot 管理日志时,同一个实体在同种数据投递类型(LogType)和数据投递区域(Area)的组合下,只能被添加到一个实时日志投递任务中。
//
+// - 当实时日志投递任务类型(TaskType)为 EdgeOne 日志分析(log_analysis)时,只支持数据投递类型(LogType)为站点加速日志(domain);在同一站点(ZoneId)和数据投递区域(Area)的组合下,只能添加一个推送至 EdgeOne 日志分析的实时日志投递任务;。
+//
//
//
// 建议先通过 [DescribeRealtimeLogDeliveryTasks](https://cloud.tencent.com/document/product/1552/104110) 接口根据实体查询实时日志投递任务列表,检查实体是否已经被添加到另一实时日志投递任务中。
@@ -2473,6 +2619,8 @@ func (c *Client) CreateRealtimeLogDeliveryTask(request *CreateRealtimeLogDeliver
//
// - 当数据投递类型(LogType)为速率限制和 CC 攻击防护日志、托管规则日志、自定义规则日志、Bot 管理日志时,同一个实体在同种数据投递类型(LogType)和数据投递区域(Area)的组合下,只能被添加到一个实时日志投递任务中。
//
+// - 当实时日志投递任务类型(TaskType)为 EdgeOne 日志分析(log_analysis)时,只支持数据投递类型(LogType)为站点加速日志(domain);在同一站点(ZoneId)和数据投递区域(Area)的组合下,只能添加一个推送至 EdgeOne 日志分析的实时日志投递任务;。
+//
//
//
// 建议先通过 [DescribeRealtimeLogDeliveryTasks](https://cloud.tencent.com/document/product/1552/104110) 接口根据实体查询实时日志投递任务列表,检查实体是否已经被添加到另一实时日志投递任务中。
@@ -10961,7 +11109,7 @@ func NewModifyFunctionRuleResponse() (response *ModifyFunctionRuleResponse) {
}
// ModifyFunctionRule
-// 修改边缘函数触发规则,支持修改规则条件、执行函数以及描述信息。
+// 修改边缘函数触发规则,支持修改规则条件、执行函数以及描述信息。您可以先通过 DescribeFunctionRules 接口来获取需要修改的规则的 RuleId,然后传入修改后的规则内容,原规则内容会被覆盖式更新。
//
// 可能返回的错误码:
// FAILEDOPERATION = "FailedOperation"
@@ -10977,7 +11125,7 @@ func (c *Client) ModifyFunctionRule(request *ModifyFunctionRuleRequest) (respons
}
// ModifyFunctionRule
-// 修改边缘函数触发规则,支持修改规则条件、执行函数以及描述信息。
+// 修改边缘函数触发规则,支持修改规则条件、执行函数以及描述信息。您可以先通过 DescribeFunctionRules 接口来获取需要修改的规则的 RuleId,然后传入修改后的规则内容,原规则内容会被覆盖式更新。
//
// 可能返回的错误码:
// FAILEDOPERATION = "FailedOperation"
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/errors.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/errors.go
index 7a717ca173..7b5d9a4b69 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/errors.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/errors.go
@@ -80,7 +80,7 @@ const (
// 边缘客户端证书已过期,暂不支持下发过期证书。
FAILEDOPERATION_EDGECLIENTCERTIFICATEHASEXPIRED = "FailedOperation.EdgeClientCertificateHasExpired"
- // 调用 DNSPod 失败,请稍后重试,若无法解决,请联系智能客服或提交工单。
+ // 调用 DNSPod 失败,请稍后重试,若无法解决,请提交工单。
FAILEDOPERATION_FAILEDTOCALLDNSPOD = "FailedOperation.FailedToCallDNSPod"
// 有其他任务正在部署中,请稍后重试。
diff --git a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/models.go b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/models.go
index a6ebca1118..e5eefb857e 100644
--- a/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/models.go
+++ b/vendor/github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901/models.go
@@ -84,59 +84,61 @@ type AccelerationDomain struct {
// process:部署中;
// offline:已停用;
// forbidden:已封禁;
- // init:未生效,待激活站点;
+ // init:未生效,待激活站点。
DomainStatus *string `json:"DomainStatus,omitnil,omitempty" name:"DomainStatus"`
+ // CNAME 地址。
+ Cname *string `json:"Cname,omitnil,omitempty" name:"Cname"`
+
+ // IPv6 状态,取值有:
+ // follow:遵循站点IPv6配置;
+ // on:开启状态;
+ // off:关闭状态。
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ IPv6Status *string `json:"IPv6Status,omitnil,omitempty" name:"IPv6Status"`
+
+ // 加速域名归属权验证状态,取值有:
+ // pending:待验证;
+ // finished:已完成验证。
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ IdentificationStatus *string `json:"IdentificationStatus,omitnil,omitempty" name:"IdentificationStatus"`
+
+ // 加速域名需进行归属权验证才能继续提供服务时,该对象会携带对应验证方式所需要的信息。
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ OwnershipVerification *OwnershipVerification `json:"OwnershipVerification,omitnil,omitempty" name:"OwnershipVerification"`
+
// 源站信息。
// 注意:此字段可能返回 null,表示取不到有效值。
OriginDetail *OriginDetail `json:"OriginDetail,omitnil,omitempty" name:"OriginDetail"`
// 回源协议,取值有:
- // FOLLOW: 协议跟随;
- // HTTP: HTTP协议回源;
- // HTTPS: HTTPS协议回源。
+ // FOLLOW:协议跟随;
+ // HTTP:HTTP协议回源;
+ // HTTPS:HTTPS协议回源。
// 注意:此字段可能返回 null,表示取不到有效值。
OriginProtocol *string `json:"OriginProtocol,omitnil,omitempty" name:"OriginProtocol"`
- // 域名证书信息
- // 注意:此字段可能返回 null,表示取不到有效值。
- Certificate *AccelerationDomainCertificate `json:"Certificate,omitnil,omitempty" name:"Certificate"`
-
- // HTTP回源端口。
+ // HTTP 回源端口。
// 注意:此字段可能返回 null,表示取不到有效值。
HttpOriginPort *uint64 `json:"HttpOriginPort,omitnil,omitempty" name:"HttpOriginPort"`
- // HTTPS回源端口。
+ // HTTPS 回源端口。
// 注意:此字段可能返回 null,表示取不到有效值。
HttpsOriginPort *uint64 `json:"HttpsOriginPort,omitnil,omitempty" name:"HttpsOriginPort"`
- // IPv6状态,取值有:
- // follow:遵循站点IPv6配置;
- // on:开启状态;
- // off:关闭状态。
- // 注意:此字段可能返回 null,表示取不到有效值。
- IPv6Status *string `json:"IPv6Status,omitnil,omitempty" name:"IPv6Status"`
-
- // CNAME 地址。
- Cname *string `json:"Cname,omitnil,omitempty" name:"Cname"`
-
- // 加速域名归属权验证状态,取值有: pending:待验证; finished:已完成验证。
+ // 加速域名证书信息。
// 注意:此字段可能返回 null,表示取不到有效值。
- IdentificationStatus *string `json:"IdentificationStatus,omitnil,omitempty" name:"IdentificationStatus"`
+ Certificate *AccelerationDomainCertificate `json:"Certificate,omitnil,omitempty" name:"Certificate"`
// 创建时间。
CreatedOn *string `json:"CreatedOn,omitnil,omitempty" name:"CreatedOn"`
// 修改时间。
ModifiedOn *string `json:"ModifiedOn,omitnil,omitempty" name:"ModifiedOn"`
-
- // 当域名需要进行归属权验证才能继续提供服务时,该对象会携带对应验证方式所需要的信息。
- // 注意:此字段可能返回 null,表示取不到有效值。
- OwnershipVerification *OwnershipVerification `json:"OwnershipVerification,omitnil,omitempty" name:"OwnershipVerification"`
}
type AccelerationDomainCertificate struct {
- // 配置证书的模式,取值有: disable:不配置证书; eofreecert:配置 EdgeOne 免费证书; sslcert:配置 SSL 证书。
+ // 配置服务端证书的模式,取值有: - disable:不配置服务端证书;
- eofreecert:通过自动验证申请免费证书并部署。验证方式详见:[申请免费证书支持的验证方式](https://cloud.tencent.com/document/product/1552/90437) - 在 NS 或者 DNSPod 托管接入模式下,仅支持自动验证的方式申请免费证书。 - 当免费证书申请失败时会导致证书部署失败,您可以通过检查免费证书申请结果接口获取申请失败原因。
- eofreecert_manual:部署 DNS 委派验证或者文件验证申请的免费证书。在部署免费证书前,您需要触发申请免费证书接口申请免费证书。在免费证书申请成功后,你可以通过该枚举值对免费证书进行部署;
- 注意:在对免费证书部署时,需要保证当前已存在申请成功的免费证书。您可以通过检查免费证书申请结果接口检查当前是否已存在申请成功的免费证书。
- sslcert:配置 SSL 托管服务端证书。
Mode *string `json:"Mode,omitnil,omitempty" name:"Mode"`
// 服务端证书列表,相关证书部署在 EO 的入口侧。
@@ -651,6 +653,86 @@ type ApplicationProxyRule struct {
RuleTag *string `json:"RuleTag,omitnil,omitempty" name:"RuleTag"`
}
+// Predefined struct for user
+type ApplyFreeCertificateRequestParams struct {
+ // 站点ID。
+ ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
+
+ // 申请免费证书的目标域名。
+ Domain *string `json:"Domain,omitnil,omitempty" name:"Domain"`
+
+ // 申请免费证书时验证方式,详细验证方式说明参考[免费证书申请方式说明文档](https://cloud.tencent.com/document/product/1552/90437) ,相关取值有:
+ // http_challenge:HTTP 访问文件验证方式,通过 HTTP 访问域名指定 URL 获取文件信息以完成免费证书申请验证;
+ // dns_challenge:DNS 委派验证方式,通过添加指定的主机记录解析指向 EdgeOne 以完成免费证书申请验证。
+ // 注意:在触发本接口后,你需要根据返回的验证信息,完成验证内容配置。配置完成后,还需要通过检查免费证书申请结果接口进行验证,验证通过后,即可申请成功。在免费证书申请成功后,你可以调用配置域名证书接口为当前域名部署免费证书。
+ VerificationMethod *string `json:"VerificationMethod,omitnil,omitempty" name:"VerificationMethod"`
+}
+
+type ApplyFreeCertificateRequest struct {
+ *tchttp.BaseRequest
+
+ // 站点ID。
+ ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
+
+ // 申请免费证书的目标域名。
+ Domain *string `json:"Domain,omitnil,omitempty" name:"Domain"`
+
+ // 申请免费证书时验证方式,详细验证方式说明参考[免费证书申请方式说明文档](https://cloud.tencent.com/document/product/1552/90437) ,相关取值有:
+ // http_challenge:HTTP 访问文件验证方式,通过 HTTP 访问域名指定 URL 获取文件信息以完成免费证书申请验证;
+ // dns_challenge:DNS 委派验证方式,通过添加指定的主机记录解析指向 EdgeOne 以完成免费证书申请验证。
+ // 注意:在触发本接口后,你需要根据返回的验证信息,完成验证内容配置。配置完成后,还需要通过检查免费证书申请结果接口进行验证,验证通过后,即可申请成功。在免费证书申请成功后,你可以调用配置域名证书接口为当前域名部署免费证书。
+ VerificationMethod *string `json:"VerificationMethod,omitnil,omitempty" name:"VerificationMethod"`
+}
+
+func (r *ApplyFreeCertificateRequest) ToJsonString() string {
+ b, _ := json.Marshal(r)
+ return string(b)
+}
+
+// FromJsonString It is highly **NOT** recommended to use this function
+// because it has no param check, nor strict type check
+func (r *ApplyFreeCertificateRequest) FromJsonString(s string) error {
+ f := make(map[string]interface{})
+ if err := json.Unmarshal([]byte(s), &f); err != nil {
+ return err
+ }
+ delete(f, "ZoneId")
+ delete(f, "Domain")
+ delete(f, "VerificationMethod")
+ if len(f) > 0 {
+ return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "ApplyFreeCertificateRequest has unknown keys!", "")
+ }
+ return json.Unmarshal([]byte(s), &r)
+}
+
+// Predefined struct for user
+type ApplyFreeCertificateResponseParams struct {
+ // 当 VerificationMethod 为 dns_challenge 时,域名申请免费证书的相关验证信息。
+ DnsVerification *DnsVerification `json:"DnsVerification,omitnil,omitempty" name:"DnsVerification"`
+
+ // 当 VerificationMethod 为 http_challenge 时,域名申请免费证书的相关验证信息。
+ FileVerification *FileVerification `json:"FileVerification,omitnil,omitempty" name:"FileVerification"`
+
+ // 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。
+ RequestId *string `json:"RequestId,omitnil,omitempty" name:"RequestId"`
+}
+
+type ApplyFreeCertificateResponse struct {
+ *tchttp.BaseResponse
+ Response *ApplyFreeCertificateResponseParams `json:"Response"`
+}
+
+func (r *ApplyFreeCertificateResponse) ToJsonString() string {
+ b, _ := json.Marshal(r)
+ return string(b)
+}
+
+// FromJsonString It is highly **NOT** recommended to use this function
+// because it has no param check, nor strict type check
+func (r *ApplyFreeCertificateResponse) FromJsonString(s string) error {
+ return json.Unmarshal([]byte(s), &r)
+}
+
type AscriptionInfo struct {
// 主机记录。
Subdomain *string `json:"Subdomain,omitnil,omitempty" name:"Subdomain"`
@@ -712,6 +794,23 @@ type BandwidthAbuseDefense struct {
Action *SecurityAction `json:"Action,omitnil,omitempty" name:"Action"`
}
+type BasicBotSettings struct {
+ // 客户端 IP 的来源 IDC 配置,用于处置来自 IDC(数据中心) 的客户端 IP 的访问请求。此类来源请求不是由移动端或浏览器端直接访问。
+ SourceIDC *SourceIDC `json:"SourceIDC,omitnil,omitempty" name:"SourceIDC"`
+
+ // 搜索引擎爬虫配置,用于处置来自搜索引擎爬虫的请求。此类请求的 IP、User-Agent 或 rDNS 结果匹配已知搜索引擎爬虫。
+ SearchEngineBots *SearchEngineBots `json:"SearchEngineBots,omitnil,omitempty" name:"SearchEngineBots"`
+
+ // 商业或开源工具 UA 特征配置(原 UA 特征规则),用于处置来自已知商业工具或开源工具的访问请求。此类请求的 User-Agent 头部符合已知商业或开源工具特征。
+ KnownBotCategories *KnownBotCategories `json:"KnownBotCategories,omitnil,omitempty" name:"KnownBotCategories"`
+
+ // IP 威胁情报库(原客户端画像分析)配置,用于处置近期访问行为具有特定风险特征的客户端 IP。
+ IPReputation *IPReputation `json:"IPReputation,omitnil,omitempty" name:"IPReputation"`
+
+ // Bot 智能分析的具体配置。
+ BotIntelligence *BotIntelligence `json:"BotIntelligence,omitnil,omitempty" name:"BotIntelligence"`
+}
+
type BillingData struct {
// 数据时间戳。
Time *string `json:"Time,omitnil,omitempty" name:"Time"`
@@ -1036,6 +1135,17 @@ type BotExtendAction struct {
Percent *uint64 `json:"Percent,omitnil,omitempty" name:"Percent"`
}
+type BotIntelligence struct {
+ // 基于客户端和请求特征,将请求来源分为人类来源请求、合法 Bot 请求、疑似 Bot 请求和高风险 Bot 请求,并提供请求处置选项。
+ BotRatings *BotRatings `json:"BotRatings,omitnil,omitempty" name:"BotRatings"`
+
+ // Bot 智能分析的具体配置开关。取值有:
+ //
+ // on:开启;
+ // off:关闭。
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+}
+
type BotManagedRule struct {
// 触发规则后的处置方式,取值有:
// drop:拦截;
@@ -1064,8 +1174,53 @@ type BotManagedRule struct {
}
type BotManagement struct {
- // 客户端认证规则的定义列表。该功能内测中,如需使用,请提工单或联系智能客服。
+ // Bot 管理是否开启。取值有:on:开启;off:关闭。
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+
+ // Bot 管理的自定义规则,组合各类爬虫和请求行为特征,精准定义 Bot 并配置定制化处置方式。
+ CustomRules *BotManagementCustomRules `json:"CustomRules,omitnil,omitempty" name:"CustomRules"`
+
+ // Bot 管理的基础配置,对策略关联的所有域名生效。可以通过 CustomRules 进行精细化定制。
+ BasicBotSettings *BasicBotSettings `json:"BasicBotSettings,omitnil,omitempty" name:"BasicBotSettings"`
+
+ // 客户端认证规则的定义列表。该功能内测中,如需使用,请提工单。
ClientAttestationRules *ClientAttestationRules `json:"ClientAttestationRules,omitnil,omitempty" name:"ClientAttestationRules"`
+
+ // 配置浏览器伪造识别规则(原主动特征识别规则)。设置注入 JavaScript 的响应页面范围,浏览器校验选项,以及对非浏览器客户端的处置方式。
+ BrowserImpersonationDetection *BrowserImpersonationDetection `json:"BrowserImpersonationDetection,omitnil,omitempty" name:"BrowserImpersonationDetection"`
+}
+
+type BotManagementActionOverrides struct {
+ // Bot 规则组下的具体项,用于改写此单条规则项配置的内容,Ids 所对应的具体信息请参考 DescribeBotManagedRules 接口返回的信息。
+ Ids []*string `json:"Ids,omitnil,omitempty" name:"Ids"`
+
+ // Ids 中指定 Bot 规则项的处置动作。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Disabled:未启用,不启用指定规则;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge;Allow:放行(仅限Bot基础特征管理)。
+ Action *SecurityAction `json:"Action,omitnil,omitempty" name:"Action"`
+}
+
+type BotManagementCustomRule struct {
+ // Bot 自定义规则的 ID。
通过规则 ID 可支持不同的规则配置操作:
增加新规则:ID 为空或不指定 ID 参数;修改已有规则:指定需要更新/修改的规则 ID;删除已有规则:BotManagementCustomRules 参数中,Rules 列表中未包含的已有规则将被删除。
+ Id *string `json:"Id,omitnil,omitempty" name:"Id"`
+
+ // Bot 自定义规则的名称。
+ Name *string `json:"Name,omitnil,omitempty" name:"Name"`
+
+ // Bot 自定义规则是否开启。取值有:on:开启;off:关闭。
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+
+ // Bot 自定义规则的优先级,范围是 1 ~ 100,默认为 50。
+ Priority *int64 `json:"Priority,omitnil,omitempty" name:"Priority"`
+
+ // Bot 自定义规则的具体内容,需符合表达式语法,详细规范参见产品文档。
+ Condition *string `json:"Condition,omitnil,omitempty" name:"Condition"`
+
+ // Bot 自定义规则的处置方式。取值有:Monitor:观察;Deny:拦截,其中 DenyActionParameters.Name 支持 Deny 和 ReturnCustomPage;Challenge:挑战,其中 ChallengeActionParameters.Name 支持 JSChallenge 和 ManagedChallenge;Redirect:重定向至 URL。
+ Action []*SecurityWeightedAction `json:"Action,omitnil,omitempty" name:"Action"`
+}
+
+type BotManagementCustomRules struct {
+ // Bot 自定义规则的列表。使用 ModifySecurityPolicy 修改 Web 防护配置时:
若未指定 SecurityPolicy.BotManagement.CustomRules 中的 Rules 参数,或 Rules 参数长度为零:清空所有 Bot 自定义规则配置。 若 SecurityPolicy.BotManagement 参数中,未指定 CustomRules 参数值:保持已有 Bot 自定义规则配置,不做修改。
+ Rules []*BotManagementCustomRule `json:"Rules,omitnil,omitempty" name:"Rules"`
}
type BotPortraitRule struct {
@@ -1090,6 +1245,37 @@ type BotPortraitRule struct {
DropManagedIds []*int64 `json:"DropManagedIds,omitnil,omitempty" name:"DropManagedIds"`
}
+type BotRatings struct {
+ // 恶意 Bot 请求的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Allow:放行;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge。
+ HighRiskBotRequestsAction *SecurityAction `json:"HighRiskBotRequestsAction,omitnil,omitempty" name:"HighRiskBotRequestsAction"`
+
+ // 疑似 Bot 请求的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Allow:放行;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge。
+ LikelyBotRequestsAction *SecurityAction `json:"LikelyBotRequestsAction,omitnil,omitempty" name:"LikelyBotRequestsAction"`
+
+ // 友好 Bot 请求的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Allow:放行;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge。
+ VerifiedBotRequestsAction *SecurityAction `json:"VerifiedBotRequestsAction,omitnil,omitempty" name:"VerifiedBotRequestsAction"`
+
+ // 正常 Bot 请求的执行动作。 SecurityAction 的 Name 取值支持:Allow:放行。
+ HumanRequestsAction *SecurityAction `json:"HumanRequestsAction,omitnil,omitempty" name:"HumanRequestsAction"`
+}
+
+type BotSessionValidation struct {
+ // 是否更新 Cookie 并校验。取值有:on:更新 Cookie 并校验;off:仅校验。
+ IssueNewBotSessionCookie *string `json:"IssueNewBotSessionCookie,omitnil,omitempty" name:"IssueNewBotSessionCookie"`
+
+ // 更新 Cookie 并校验时的触发阈值,仅当 IssueNewBotSessionCookie 为 on 时有效。
+ MaxNewSessionTriggerConfig *MaxNewSessionTriggerConfig `json:"MaxNewSessionTriggerConfig,omitnil,omitempty" name:"MaxNewSessionTriggerConfig"`
+
+ // 未携带 Cookie 或 Cookie 已过期的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ SessionExpiredAction *SecurityAction `json:"SessionExpiredAction,omitnil,omitempty" name:"SessionExpiredAction"`
+
+ // 不合法 Cookie 的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ SessionInvalidAction *SecurityAction `json:"SessionInvalidAction,omitnil,omitempty" name:"SessionInvalidAction"`
+
+ // 会话速率和周期特征校验的具体配置。
+ SessionRateControl *SessionRateControl `json:"SessionRateControl,omitnil,omitempty" name:"SessionRateControl"`
+}
+
type BotUserRule struct {
// 规则名,只能以英文字符,数字,下划线组合,且不能以下划线开头。
RuleName *string `json:"RuleName,omitnil,omitempty" name:"RuleName"`
@@ -1152,6 +1338,36 @@ type BotUserRule struct {
RedirectUrl *string `json:"RedirectUrl,omitnil,omitempty" name:"RedirectUrl"`
}
+type BrowserImpersonationDetection struct {
+ // 浏览器伪造识别规则的列表。使用 ModifySecurityPolicy 修改 Web 防护配置时:
若未指定 SecurityPolicy.BotManagement.BrowserImpersonationDetection 中的 Rules 参数,或 Rules 参数长度为零: 清空所有浏览器伪造识别规则配置。 若 SecurityPolicy.BotManagement 参数中,未指定 BrowserImpersonationDetection 参数值: 保持已有浏览器伪造识别规则配置,不做修改。
+ Rules []*BrowserImpersonationDetectionRule `json:"Rules,omitnil,omitempty" name:"Rules"`
+}
+
+type BrowserImpersonationDetectionAction struct {
+ // Cookie 校验和会话跟踪配置。
+ BotSessionValidation *BotSessionValidation `json:"BotSessionValidation,omitnil,omitempty" name:"BotSessionValidation"`
+
+ // 客户端行为校验配置。
+ ClientBehaviorDetection *ClientBehaviorDetection `json:"ClientBehaviorDetection,omitnil,omitempty" name:"ClientBehaviorDetection"`
+}
+
+type BrowserImpersonationDetectionRule struct {
+ // 浏览器伪造识别规则的 ID。
通过规则 ID 可支持不同的规则配置操作:
增加新规则:ID 为空或不指定 ID 参数;修改已有规则:指定需要更新/修改的规则 ID;删除已有规则:BrowserImpersonationDetection 参数中,Rules 列表中未包含的已有规则将被删除。
+ Id *string `json:"Id,omitnil,omitempty" name:"Id"`
+
+ // 浏览器伪造识别规则的名称。
+ Name *string `json:"Name,omitnil,omitempty" name:"Name"`
+
+ // 浏览器伪造识别规则是否开启。取值有:on:开启;off:关闭。
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+
+ // 浏览器伪造识别规则的具体内容,其中仅支持请求方式(Method)、请求路径(Path)和请求 URL 的配置,需符合表达式语法,详细规范参见产品文档。
+ Condition *string `json:"Condition,omitnil,omitempty" name:"Condition"`
+
+ // 浏览器伪造识别规则的处置方式,包括 Cookie 校验和会话跟踪配置以及客户端行为校验配置。
+ Action *BrowserImpersonationDetectionAction `json:"Action,omitnil,omitempty" name:"Action"`
+}
+
type CC struct {
// Waf开关,取值为:
// on:开启;
@@ -1173,6 +1389,16 @@ type CLSTopic struct {
LogSetRegion *string `json:"LogSetRegion,omitnil,omitempty" name:"LogSetRegion"`
}
+type CNAMEDetail struct {
+ // 是否伪站点,取值有:
+ // 0:非伪站点;
+ // 1:伪站点。
+ IsFake *int64 `json:"IsFake,omitnil,omitempty" name:"IsFake"`
+
+ // 归属权验证信息。详情请参考 [站点/域名归属权验证](https://cloud.tencent.com/document/product/1552/70789) 。
+ OwnershipVerification *OwnershipVerification `json:"OwnershipVerification,omitnil,omitempty" name:"OwnershipVerification"`
+}
+
type Cache struct {
// 缓存配置开关,取值有:
// on:开启;
@@ -1477,6 +1703,77 @@ func (r *CheckCnameStatusResponse) FromJsonString(s string) error {
return json.Unmarshal([]byte(s), &r)
}
+// Predefined struct for user
+type CheckFreeCertificateVerificationRequestParams struct {
+ // 站点 ID。
+ ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
+
+ // 加速域名,该域名为[申请免费证书](https://tcloud4api.woa.com/document/product/1657/927654?!preview&!document=1)时使用的域名。
+ Domain *string `json:"Domain,omitnil,omitempty" name:"Domain"`
+}
+
+type CheckFreeCertificateVerificationRequest struct {
+ *tchttp.BaseRequest
+
+ // 站点 ID。
+ ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
+
+ // 加速域名,该域名为[申请免费证书](https://tcloud4api.woa.com/document/product/1657/927654?!preview&!document=1)时使用的域名。
+ Domain *string `json:"Domain,omitnil,omitempty" name:"Domain"`
+}
+
+func (r *CheckFreeCertificateVerificationRequest) ToJsonString() string {
+ b, _ := json.Marshal(r)
+ return string(b)
+}
+
+// FromJsonString It is highly **NOT** recommended to use this function
+// because it has no param check, nor strict type check
+func (r *CheckFreeCertificateVerificationRequest) FromJsonString(s string) error {
+ f := make(map[string]interface{})
+ if err := json.Unmarshal([]byte(s), &f); err != nil {
+ return err
+ }
+ delete(f, "ZoneId")
+ delete(f, "Domain")
+ if len(f) > 0 {
+ return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "CheckFreeCertificateVerificationRequest has unknown keys!", "")
+ }
+ return json.Unmarshal([]byte(s), &r)
+}
+
+// Predefined struct for user
+type CheckFreeCertificateVerificationResponseParams struct {
+ // 免费证书申请成功时,该证书颁发给的域名。
+ // 注意:一个域名只允许申请一本免费证书, 如果已经有泛域名申请了免费证书的情况下,其子域名会匹配使用该泛域名证书。
+ CommonName *string `json:"CommonName,omitnil,omitempty" name:"CommonName"`
+
+ // 免费证书申请成功时,该证书使用的签名算法,当前仅支持 RSA 2048。
+ SignatureAlgorithm *string `json:"SignatureAlgorithm,omitnil,omitempty" name:"SignatureAlgorithm"`
+
+ // 免费证书申请成功时,该证书的过期时间。时间为世界标准时间(UTC), 遵循 ISO 8601 标准的日期和时间格式。
+ ExpireTime *string `json:"ExpireTime,omitnil,omitempty" name:"ExpireTime"`
+
+ // 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。
+ RequestId *string `json:"RequestId,omitnil,omitempty" name:"RequestId"`
+}
+
+type CheckFreeCertificateVerificationResponse struct {
+ *tchttp.BaseResponse
+ Response *CheckFreeCertificateVerificationResponseParams `json:"Response"`
+}
+
+func (r *CheckFreeCertificateVerificationResponse) ToJsonString() string {
+ b, _ := json.Marshal(r)
+ return string(b)
+}
+
+// FromJsonString It is highly **NOT** recommended to use this function
+// because it has no param check, nor strict type check
+func (r *CheckFreeCertificateVerificationResponse) FromJsonString(s string) error {
+ return json.Unmarshal([]byte(s), &r)
+}
+
type CheckRegionHealthStatus struct {
// 健康检查区域,ISO-3166-1 两位字母代码。
Region *string `json:"Region,omitnil,omitempty" name:"Region"`
@@ -1554,6 +1851,29 @@ type ClientAttester struct {
TCCaptchaOption *TCCaptchaOption `json:"TCCaptchaOption,omitnil,omitempty" name:"TCCaptchaOption"`
}
+type ClientBehaviorDetection struct {
+ // 工作量证明校验强度。取值有:low:低;medium:中;high:高。
+ CryptoChallengeIntensity *string `json:"CryptoChallengeIntensity,omitnil,omitempty" name:"CryptoChallengeIntensity"`
+
+ // 客户端行为校验的执行方式。取值有:0ms:立即执行;100ms:延迟 100ms 执行;200ms:延迟 200ms 执行;300ms:延迟 300ms 执行;400ms:延迟 400ms 执行;500ms:延迟 500ms 执行;600ms:延迟 600ms 执行;700ms:延迟 700ms 执行;800ms:延迟 800ms 执行;900ms:延迟 900ms 执行;1000ms:延迟 1000ms 执行。
+ CryptoChallengeDelayBefore *string `json:"CryptoChallengeDelayBefore,omitnil,omitempty" name:"CryptoChallengeDelayBefore"`
+
+ // 触发阈值统计的时间窗口,取值有:5s:5 秒内;10s:10 秒内;15s:15 秒内;30s:30 秒内;60s:60 秒内;5m:5 分钟内;10m:10 分钟内;30m:30 分钟内;60m:60 分钟内。
+ MaxChallengeCountInterval *string `json:"MaxChallengeCountInterval,omitnil,omitempty" name:"MaxChallengeCountInterval"`
+
+ // 触发阈值统计的累计次数,取值范围 1 ~ 100000000。
+ MaxChallengeCountThreshold *int64 `json:"MaxChallengeCountThreshold,omitnil,omitempty" name:"MaxChallengeCountThreshold"`
+
+ // 客户端未启用 JS(未完成检测)时的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ ChallengeNotFinishedAction *SecurityAction `json:"ChallengeNotFinishedAction,omitnil,omitempty" name:"ChallengeNotFinishedAction"`
+
+ // 客户端检测超时的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ ChallengeTimeoutAction *SecurityAction `json:"ChallengeTimeoutAction,omitnil,omitempty" name:"ChallengeTimeoutAction"`
+
+ // Bot 客户端的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ BotClientAction *SecurityAction `json:"BotClientAction,omitnil,omitempty" name:"BotClientAction"`
+}
+
type ClientFiltering struct {
// 智能客户端过滤是否开启。取值有:on:开启;off:关闭。
Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
@@ -2839,9 +3159,22 @@ type CreateFunctionRuleRequestParams struct {
// 规则条件列表,相同触发规则的不同条件匹配项之间为或关系。
FunctionRuleConditions []*FunctionRuleCondition `json:"FunctionRuleConditions,omitnil,omitempty" name:"FunctionRuleConditions"`
- // 函数 ID,命中触发规则条件后执行的函数。
+ // 函数选择配置类型:
+ // direct:直接指定执行函数;
+ // weight:基于权重比选择函数;
+ // region:基于客户端 IP 的国家/地区选择函数。
+ // 不填时默认为 direct 。
+ TriggerType *string `json:"TriggerType,omitnil,omitempty" name:"TriggerType"`
+
+ // 指定执行的函数 ID。当 TriggerType 为 direct 或 TriggerType 不填时生效。
FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+ // 基于客户端 IP 国家/地区的函数选择配置,当 TriggerType 为 region 时生效且 RegionMappingSelections 必填。RegionMappingSelections 中至少包含一项 Regions 为 Default 的配置。
+ RegionMappingSelections []*FunctionRegionSelection `json:"RegionMappingSelections,omitnil,omitempty" name:"RegionMappingSelections"`
+
+ // 基于权重的函数选择配置,当 TriggerType 为 weight 时生效且 WeightedSelections 必填。WeightedSelections 中的所有权重之和需要为100。
+ WeightedSelections []*FunctionWeightedSelection `json:"WeightedSelections,omitnil,omitempty" name:"WeightedSelections"`
+
// 规则描述,最大支持 60 个字符。
Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
}
@@ -2855,9 +3188,22 @@ type CreateFunctionRuleRequest struct {
// 规则条件列表,相同触发规则的不同条件匹配项之间为或关系。
FunctionRuleConditions []*FunctionRuleCondition `json:"FunctionRuleConditions,omitnil,omitempty" name:"FunctionRuleConditions"`
- // 函数 ID,命中触发规则条件后执行的函数。
+ // 函数选择配置类型:
+ // direct:直接指定执行函数;
+ // weight:基于权重比选择函数;
+ // region:基于客户端 IP 的国家/地区选择函数。
+ // 不填时默认为 direct 。
+ TriggerType *string `json:"TriggerType,omitnil,omitempty" name:"TriggerType"`
+
+ // 指定执行的函数 ID。当 TriggerType 为 direct 或 TriggerType 不填时生效。
FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+ // 基于客户端 IP 国家/地区的函数选择配置,当 TriggerType 为 region 时生效且 RegionMappingSelections 必填。RegionMappingSelections 中至少包含一项 Regions 为 Default 的配置。
+ RegionMappingSelections []*FunctionRegionSelection `json:"RegionMappingSelections,omitnil,omitempty" name:"RegionMappingSelections"`
+
+ // 基于权重的函数选择配置,当 TriggerType 为 weight 时生效且 WeightedSelections 必填。WeightedSelections 中的所有权重之和需要为100。
+ WeightedSelections []*FunctionWeightedSelection `json:"WeightedSelections,omitnil,omitempty" name:"WeightedSelections"`
+
// 规则描述,最大支持 60 个字符。
Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
}
@@ -2876,7 +3222,10 @@ func (r *CreateFunctionRuleRequest) FromJsonString(s string) error {
}
delete(f, "ZoneId")
delete(f, "FunctionRuleConditions")
+ delete(f, "TriggerType")
delete(f, "FunctionId")
+ delete(f, "RegionMappingSelections")
+ delete(f, "WeightedSelections")
delete(f, "Remark")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "CreateFunctionRuleRequest has unknown keys!", "")
@@ -4137,6 +4486,7 @@ type CreateRealtimeLogDeliveryTaskRequestParams struct {
// cls: 推送到腾讯云 CLS;
// custom_endpoint:推送到自定义 HTTP(S) 地址;
// s3:推送到 AWS S3 兼容存储桶地址;
+ // log_analysis:推送到 EdgeOne 日志分析,该任务类型仅支持“站点加速日志”这一数据投递类型。
TaskType *string `json:"TaskType,omitnil,omitempty" name:"TaskType"`
// 实时日志投递任务对应的实体列表。取值示例如下:
@@ -4177,7 +4527,7 @@ type CreateRealtimeLogDeliveryTaskRequestParams struct {
// 日志投递的输出格式。不填表示为默认格式,默认格式逻辑如下:
// 当 TaskType 取值为 custom_endpoint 时,默认格式为多个 JSON 对象组成的数组,每个 JSON 对象为一条日志;
- // 当 TaskType 取值为 s3 时,默认格式为 JSON Lines;特别地,当 TaskType 取值为 cls 时,LogFormat.FormatType 的值只能为 json,且 LogFormat 中其他参数将被忽略,建议不传 LogFormat。
+ // 当 TaskType 取值为 s3 时,默认格式为 JSON Lines;特别地,当 TaskType 取值为 cls 或 log_analysis 时,LogFormat.FormatType 的值只能为 json,且 LogFormat 中其他参数将被忽略,建议不传 LogFormat。
LogFormat *LogFormat `json:"LogFormat,omitnil,omitempty" name:"LogFormat"`
// CLS 的配置信息。当 TaskType 取值为 cls 时,该参数必填。
@@ -4203,6 +4553,7 @@ type CreateRealtimeLogDeliveryTaskRequest struct {
// cls: 推送到腾讯云 CLS;
// custom_endpoint:推送到自定义 HTTP(S) 地址;
// s3:推送到 AWS S3 兼容存储桶地址;
+ // log_analysis:推送到 EdgeOne 日志分析,该任务类型仅支持“站点加速日志”这一数据投递类型。
TaskType *string `json:"TaskType,omitnil,omitempty" name:"TaskType"`
// 实时日志投递任务对应的实体列表。取值示例如下:
@@ -4243,7 +4594,7 @@ type CreateRealtimeLogDeliveryTaskRequest struct {
// 日志投递的输出格式。不填表示为默认格式,默认格式逻辑如下:
// 当 TaskType 取值为 custom_endpoint 时,默认格式为多个 JSON 对象组成的数组,每个 JSON 对象为一条日志;
- // 当 TaskType 取值为 s3 时,默认格式为 JSON Lines;特别地,当 TaskType 取值为 cls 时,LogFormat.FormatType 的值只能为 json,且 LogFormat 中其他参数将被忽略,建议不传 LogFormat。
+ // 当 TaskType 取值为 s3 时,默认格式为 JSON Lines;特别地,当 TaskType 取值为 cls 或 log_analysis 时,LogFormat.FormatType 的值只能为 json,且 LogFormat 中其他参数将被忽略,建议不传 LogFormat。
LogFormat *LogFormat `json:"LogFormat,omitnil,omitempty" name:"LogFormat"`
// CLS 的配置信息。当 TaskType 取值为 cls 时,该参数必填。
@@ -5242,6 +5593,13 @@ type DDosProtectionConfig struct {
LevelOverseas *string `json:"LevelOverseas,omitnil,omitempty" name:"LevelOverseas"`
}
+type DNSPodDetail struct {
+ // 是否伪站点,取值有:
+ // 0:非伪站点;
+ // 1:伪站点。
+ IsFake *int64 `json:"IsFake,omitnil,omitempty" name:"IsFake"`
+}
+
type DefaultServerCertInfo struct {
// 服务器证书 ID。
CertId *string `json:"CertId,omitnil,omitempty" name:"CertId"`
@@ -7949,7 +8307,7 @@ type DescribeDDoSAttackDataRequestParams struct {
// ddos_attackPackageRate:攻击包速率曲线。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// DDoS策略组ID列表,不填默认选择全部策略ID。
@@ -7985,7 +8343,7 @@ type DescribeDDoSAttackDataRequest struct {
// ddos_attackPackageRate:攻击包速率曲线。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// DDoS策略组ID列表,不填默认选择全部策略ID。
@@ -8070,7 +8428,7 @@ type DescribeDDoSAttackEventRequestParams struct {
// ddos策略组集合,不填默认选择全部策略。
PolicyIds []*int64 `json:"PolicyIds,omitnil,omitempty" name:"PolicyIds"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 分页查询的限制数目,默认值为20,最大查询条目为1000。
@@ -8111,7 +8469,7 @@ type DescribeDDoSAttackEventRequest struct {
// ddos策略组集合,不填默认选择全部策略。
PolicyIds []*int64 `json:"PolicyIds,omitnil,omitempty" name:"PolicyIds"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 分页查询的限制数目,默认值为20,最大查询条目为1000。
@@ -8214,7 +8572,7 @@ type DescribeDDoSAttackTopDataRequestParams struct {
// ddos_attackFlux_sregion:按攻击源地区的攻击数量排行。
MetricName *string `json:"MetricName,omitnil,omitempty" name:"MetricName"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// DDoS策略组ID集合,不填默认选择全部策略ID。
@@ -8262,7 +8620,7 @@ type DescribeDDoSAttackTopDataRequest struct {
// ddos_attackFlux_sregion:按攻击源地区的攻击数量排行。
MetricName *string `json:"MetricName,omitnil,omitempty" name:"MetricName"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// DDoS策略组ID集合,不填默认选择全部策略ID。
@@ -10619,7 +10977,7 @@ func (r *DescribePlansResponse) FromJsonString(s string) error {
// Predefined struct for user
type DescribePrefetchTasksRequestParams struct {
- // 站点ID。该参数必填。
+ // 站点ID。此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
// 查询起始时间,时间与 job-id 必填一个。
@@ -10634,14 +10992,14 @@ type DescribePrefetchTasksRequestParams struct {
// 分页查询限制数目,默认值:20,上限:1000。
Limit *int64 `json:"Limit,omitnil,omitempty" name:"Limit"`
- // 过滤条件,Filters.Values 的上限为 20。详细的过滤条件如下:job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;target:按照目标资源信息进行过滤。target 形如:http://www.qq.com/1.txt,暂不支持多值,不支持模糊查询;domains:按照域名行过滤。domains 形如:www.qq.com,不支持模糊查询;statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
invalid:无效。即源站响应非 2xx 状态码,请检查源站服务。
+ // 过滤条件,Filters.Values 的上限为 20。详细的过滤条件如下:job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;target:按照目标资源信息进行过滤。target 形如:http://www.qq.com/1.txt,暂不支持多值,不支持模糊查询;domains:按照域名行过滤。domains 形如:www.qq.com,不支持模糊查询;statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
canceled:已取消
invalid:无效。即源站响应非 2xx 状态码,请检查源站服务。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
type DescribePrefetchTasksRequest struct {
*tchttp.BaseRequest
- // 站点ID。该参数必填。
+ // 站点ID。此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
// 查询起始时间,时间与 job-id 必填一个。
@@ -10656,7 +11014,7 @@ type DescribePrefetchTasksRequest struct {
// 分页查询限制数目,默认值:20,上限:1000。
Limit *int64 `json:"Limit,omitnil,omitempty" name:"Limit"`
- // 过滤条件,Filters.Values 的上限为 20。详细的过滤条件如下:job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;target:按照目标资源信息进行过滤。target 形如:http://www.qq.com/1.txt,暂不支持多值,不支持模糊查询;domains:按照域名行过滤。domains 形如:www.qq.com,不支持模糊查询;statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
invalid:无效。即源站响应非 2xx 状态码,请检查源站服务。
+ // 过滤条件,Filters.Values 的上限为 20。详细的过滤条件如下:job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;target:按照目标资源信息进行过滤。target 形如:http://www.qq.com/1.txt,暂不支持多值,不支持模糊查询;domains:按照域名行过滤。domains 形如:www.qq.com,不支持模糊查询;statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
canceled:已取消
invalid:无效。即源站响应非 2xx 状态码,请检查源站服务。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
@@ -10714,7 +11072,7 @@ func (r *DescribePrefetchTasksResponse) FromJsonString(s string) error {
// Predefined struct for user
type DescribePurgeTasksRequestParams struct {
- // 站点 ID。该参数必填。
+ // 站点 ID。此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
// 查询起始时间,时间与 job-id 必填一个。
@@ -10733,7 +11091,7 @@ type DescribePurgeTasksRequestParams struct {
// job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;
// target:按照目标资源信息进行过滤,target 形如:http://www.qq.com/1.txt 或者 tag1,暂不支持多值,支持模糊查询;
// domains:按照域名进行过滤,形如:www.qq.com,不支持模糊查询;
- // statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
+ // statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
canceled:已取消
// type:按照清除缓存类型进行过滤,暂不支持多值,不支持模糊查询。可选项:
purge_url:URL
purge_prefix:前缀
purge_all:全部缓存内容
purge_host:Hostname
purge_cache_tag:CacheTag
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
@@ -10741,7 +11099,7 @@ type DescribePurgeTasksRequestParams struct {
type DescribePurgeTasksRequest struct {
*tchttp.BaseRequest
- // 站点 ID。该参数必填。
+ // 站点 ID。此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
// 查询起始时间,时间与 job-id 必填一个。
@@ -10760,7 +11118,7 @@ type DescribePurgeTasksRequest struct {
// job-id:按照任务 ID 进行过滤。job-id 形如:1379afjk91u32h,暂不支持多值,不支持模糊查询;
// target:按照目标资源信息进行过滤,target 形如:http://www.qq.com/1.txt 或者 tag1,暂不支持多值,支持模糊查询;
// domains:按照域名进行过滤,形如:www.qq.com,不支持模糊查询;
- // statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
+ // statuses:按照任务状态进行过滤,不支持模糊查询。可选项:
processing:处理中
success:成功
failed:失败
timeout:超时
canceled:已取消
// type:按照清除缓存类型进行过滤,暂不支持多值,不支持模糊查询。可选项:
purge_url:URL
purge_prefix:前缀
purge_all:全部缓存内容
purge_host:Hostname
purge_cache_tag:CacheTag
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
@@ -10832,7 +11190,7 @@ type DescribeRealtimeLogDeliveryTasksRequestParams struct {
// task-id:按照实时日志投递任务 ID进行过滤。不支持模糊查询。
// task-name:按照实时日志投递任务名称进行过滤。支持模糊查询,使用模糊查询时,仅支持填写一个实时日志投递任务名称。
// entity-list:按照实时日志投递任务对应的实体进行过滤。不支持模糊查询。示例值:domain.example.com 或者 sid-2s69eb5wcms7。
- // task-type:按照实时日志投递任务类型进行过滤。不支持模糊查询。可选项如下:
cls: 推送到腾讯云 CLS;
custom_endpoint:推送到自定义 HTTP(S) 地址;
s3:推送到 AWS S3 兼容存储桶地址。
+ // task-type:按照实时日志投递任务类型进行过滤。不支持模糊查询。可选项如下:
cls: 推送到腾讯云 CLS;
custom_endpoint:推送到自定义 HTTP(S) 地址;
s3:推送到 AWS S3 兼容存储桶地址;
log_analysis:推送到 EdgeOne 日志分析。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
@@ -10852,7 +11210,7 @@ type DescribeRealtimeLogDeliveryTasksRequest struct {
// task-id:按照实时日志投递任务 ID进行过滤。不支持模糊查询。
// task-name:按照实时日志投递任务名称进行过滤。支持模糊查询,使用模糊查询时,仅支持填写一个实时日志投递任务名称。
// entity-list:按照实时日志投递任务对应的实体进行过滤。不支持模糊查询。示例值:domain.example.com 或者 sid-2s69eb5wcms7。
- // task-type:按照实时日志投递任务类型进行过滤。不支持模糊查询。可选项如下:
cls: 推送到腾讯云 CLS;
custom_endpoint:推送到自定义 HTTP(S) 地址;
s3:推送到 AWS S3 兼容存储桶地址。
+ // task-type:按照实时日志投递任务类型进行过滤。不支持模糊查询。可选项如下:
cls: 推送到腾讯云 CLS;
custom_endpoint:推送到自定义 HTTP(S) 地址;
s3:推送到 AWS S3 兼容存储桶地址;
log_analysis:推送到 EdgeOne 日志分析。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
}
@@ -11710,7 +12068,8 @@ type DescribeTimingL4DataRequestParams struct {
// l4Flow_outBandwidth: 访问出向带宽峰值。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点ID,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
+ // 最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 四层实例列表, 不填表示选择全部实例。
@@ -11750,7 +12109,8 @@ type DescribeTimingL4DataRequest struct {
// l4Flow_outBandwidth: 访问出向带宽峰值。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点ID,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
+ // 最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 四层实例列表, 不填表示选择全部实例。
@@ -11847,7 +12207,7 @@ type DescribeTimingL7AnalysisDataRequestParams struct {
// l7Flow_avgFirstByteResponseTime: L7 访问平均首字节响应耗时,单位:ms。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 查询时间粒度,取值有:
@@ -11886,7 +12246,7 @@ type DescribeTimingL7AnalysisDataRequest struct {
// l7Flow_avgFirstByteResponseTime: L7 访问平均首字节响应耗时,单位:ms。
MetricNames []*string `json:"MetricNames,omitnil,omitempty" name:"MetricNames"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 查询时间粒度,取值有:
@@ -12245,7 +12605,7 @@ type DescribeTopL7AnalysisDataRequestParams struct {
// l7Flow_request_ua:按 User-Agent 维度统计 L7 访问请求数指标。
MetricName *string `json:"MetricName,omitnil,omitempty" name:"MetricName"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 查询前多少个 top 数据,最大值为1000。不填默认为10,表示查询 top10 的数据。
@@ -12298,7 +12658,7 @@ type DescribeTopL7AnalysisDataRequest struct {
// l7Flow_request_ua:按 User-Agent 维度统计 L7 访问请求数指标。
MetricName *string `json:"MetricName,omitnil,omitempty" name:"MetricName"`
- // 站点 ID 集合,此参数必填。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。最多传入 100 个站点 ID。若需查询腾讯云主账号下所有站点数据,请用 `*` 代替,查询账号级别数据需具备本接口全部站点资源权限。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 查询前多少个 top 数据,最大值为1000。不填默认为10,表示查询 top10 的数据。
@@ -12783,7 +13143,7 @@ type DescribeZonesRequestParams struct {
Limit *int64 `json:"Limit,omitnil,omitempty" name:"Limit"`
// 过滤条件,Filters.Values 的上限为 20。该参数不填写时,返回当前 appid 下有权限的所有站点信息。详细的过滤条件如下:
- // zone-name:按照站点名称进行过滤;zone-id:按照站点 ID进行过滤。站点 ID 形如:zone-2noz78a8ev6k;status:按照站点状态进行过滤;tag-key:按照标签键进行过滤;tag-value: 按照标签值进行过滤。alias-zone-name: 按照同名站点标识进行过滤。模糊查询时支持过滤字段名为 zone-name 或 alias-zone-name。
+ // zone-name:按照站点名称进行过滤;zone-type:按照站点类型进行过滤。可选项:
full:NS 接入类型;
partial:CNAME 接入类型;
partialComposite:无域名接入类型;
dnsPodAccess:DNSPod 托管接入类型;
pages:Pages 类型。zone-id:按照站点 ID 进行过滤,站点 ID 形如:zone-2noz78a8ev6k;status:按照站点状态进行过滤。可选项:
active:NS 已切换;
pending:NS 待切换;
deleted:已删除。tag-key:按照标签键进行过滤;tag-value: 按照标签值进行过滤;alias-zone-name: 按照同名站点标识进行过滤。模糊查询时支持过滤字段名为 zone-name 或 alias-zone-name。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
// 可根据该字段对返回结果进行排序,取值有:
@@ -12811,7 +13171,7 @@ type DescribeZonesRequest struct {
Limit *int64 `json:"Limit,omitnil,omitempty" name:"Limit"`
// 过滤条件,Filters.Values 的上限为 20。该参数不填写时,返回当前 appid 下有权限的所有站点信息。详细的过滤条件如下:
- // zone-name:按照站点名称进行过滤;zone-id:按照站点 ID进行过滤。站点 ID 形如:zone-2noz78a8ev6k;status:按照站点状态进行过滤;tag-key:按照标签键进行过滤;tag-value: 按照标签值进行过滤。alias-zone-name: 按照同名站点标识进行过滤。模糊查询时支持过滤字段名为 zone-name 或 alias-zone-name。
+ // zone-name:按照站点名称进行过滤;zone-type:按照站点类型进行过滤。可选项:
full:NS 接入类型;
partial:CNAME 接入类型;
partialComposite:无域名接入类型;
dnsPodAccess:DNSPod 托管接入类型;
pages:Pages 类型。zone-id:按照站点 ID 进行过滤,站点 ID 形如:zone-2noz78a8ev6k;status:按照站点状态进行过滤。可选项:
active:NS 已切换;
pending:NS 待切换;
deleted:已删除。tag-key:按照标签键进行过滤;tag-value: 按照标签值进行过滤;alias-zone-name: 按照同名站点标识进行过滤。模糊查询时支持过滤字段名为 zone-name 或 alias-zone-name。
Filters []*AdvancedFilter `json:"Filters,omitnil,omitempty" name:"Filters"`
// 可根据该字段对返回结果进行排序,取值有:
@@ -12857,7 +13217,7 @@ type DescribeZonesResponseParams struct {
// 符合条件的站点个数。
TotalCount *int64 `json:"TotalCount,omitnil,omitempty" name:"TotalCount"`
- // 站点详细信息。
+ // 站点列表详情。
Zones []*Zone `json:"Zones,omitnil,omitempty" name:"Zones"`
// 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。
@@ -13221,7 +13581,7 @@ type DownloadL4LogsRequestParams struct {
// 结束时间。
EndTime *string `json:"EndTime,omitnil,omitempty" name:"EndTime"`
- // 站点 ID 集合,此参数必填。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 四层实例 ID 集合。
@@ -13243,7 +13603,7 @@ type DownloadL4LogsRequest struct {
// 结束时间。
EndTime *string `json:"EndTime,omitnil,omitempty" name:"EndTime"`
- // 站点 ID 集合,此参数必填。
+ // 站点 ID 集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 四层实例 ID 集合。
@@ -13316,7 +13676,7 @@ type DownloadL7LogsRequestParams struct {
// 结束时间。
EndTime *string `json:"EndTime,omitnil,omitempty" name:"EndTime"`
- // 站点ID集合,此参数必填。
+ // 站点ID集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 子域名集合,不填默认选择全部子域名。
@@ -13338,7 +13698,7 @@ type DownloadL7LogsRequest struct {
// 结束时间。
EndTime *string `json:"EndTime,omitnil,omitempty" name:"EndTime"`
- // 站点ID集合,此参数必填。
+ // 站点ID集合,此参数将于2024年05月30日后由可选改为必填,详见公告:[【腾讯云 EdgeOne】云 API 变更通知](https://cloud.tencent.com/document/product/1552/104902)。
ZoneIds []*string `json:"ZoneIds,omitnil,omitempty" name:"ZoneIds"`
// 子域名集合,不填默认选择全部子域名。
@@ -13807,7 +14167,7 @@ type FileAscriptionInfo struct {
}
type FileVerification struct {
- // EdgeOne 后台服务器将通过 Scheme + Host + URL Path 的格式(例如 https://www.example.com/.well-known/teo-verification/z12h416twn.txt)获取文件验证信息。该字段为您需要创建的 URL Path 部分。
+ // EdgeOne 后台服务器将通过 http://{Host}{URL Path} 的格式(例如 http://www.example.com/.well-known/teo-verification/z12h416twn.txt)获取文件验证信息。其中,本字段为您需要创建的 URL Path 部分,Host 为当前加速域名。
Path *string `json:"Path,omitnil,omitempty" name:"Path"`
// 验证文件的内容。该字段的内容需要您填写至 Path 字段返回的 txt 文件中。
@@ -13935,6 +14295,14 @@ type FunctionEnvironmentVariable struct {
Type *string `json:"Type,omitnil,omitempty" name:"Type"`
}
+type FunctionRegionSelection struct {
+ // 函数 ID 。
+ FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+
+ // 国家/地区列表。示例值:CN:中国,CN.GD:中国广东。取值请参考:[国家/地区及对应代码枚举](https://cloud.tencent.com/document/product/1552/112542)。
+ Regions []*string `json:"Regions,omitnil,omitempty" name:"Regions"`
+}
+
type FunctionRule struct {
// 规则ID。
RuleId *string `json:"RuleId,omitnil,omitempty" name:"RuleId"`
@@ -13942,18 +14310,30 @@ type FunctionRule struct {
// 规则条件列表,列表项之间为或关系。
FunctionRuleConditions []*FunctionRuleCondition `json:"FunctionRuleConditions,omitnil,omitempty" name:"FunctionRuleConditions"`
- // 函数 ID,命中触发规则条件后执行的函数。
- FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+ // 函数选择配置类型:
+ // direct:直接指定执行函数;
+ // weight:基于权重比选择函数;
+ // region:基于客户端 IP 的国家/地区选择函数。
+ TriggerType *string `json:"TriggerType,omitnil,omitempty" name:"TriggerType"`
- // 规则描述。
- Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
+ // 指定执行的函数 ID。当 TriggerType 为 direct 时有效。
+ FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
- // 函数名称。
+ // 指定执行的函数名称。
FunctionName *string `json:"FunctionName,omitnil,omitempty" name:"FunctionName"`
+ // 基于客户端 IP 国家/地区的函数选择配置。
+ RegionMappingSelections []*FunctionRegionSelection `json:"RegionMappingSelections,omitnil,omitempty" name:"RegionMappingSelections"`
+
+ // 基于权重的函数选择配置。
+ WeightedSelections []*FunctionWeightedSelection `json:"WeightedSelections,omitnil,omitempty" name:"WeightedSelections"`
+
// 函数触发规则优先级,数值越大,优先级越高。
Priority *int64 `json:"Priority,omitnil,omitempty" name:"Priority"`
+ // 规则描述。
+ Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
+
// 创建时间。时间为世界标准时间(UTC), 遵循 ISO 8601 标准的日期和时间格式。
CreateTime *string `json:"CreateTime,omitnil,omitempty" name:"CreateTime"`
@@ -13966,6 +14346,16 @@ type FunctionRuleCondition struct {
RuleConditions []*RuleCondition `json:"RuleConditions,omitnil,omitempty" name:"RuleConditions"`
}
+type FunctionWeightedSelection struct {
+ // 函数 ID 。
+ FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+
+ // 选中权重。取值范围0-100,所有的权重之和需要为100。
+ // 选中概率计算方式为:
+ // weight/100。例如设置了两个函数 A 和 B ,其中 A 的权重为30,那么 B 的权重必须为70,最终选中 A 的概率为30%,选中 B 的概率为70%。
+ Weight *uint64 `json:"Weight,omitnil,omitempty" name:"Weight"`
+}
+
type GatewayRegion struct {
// 地域 ID 。
RegionId *string `json:"RegionId,omitnil,omitempty" name:"RegionId"`
@@ -14253,8 +14643,8 @@ type Https struct {
// Tls 版本设置,取值有:
// TLSv1:TLSv1版本;
- // TLSV1.1:TLSv1.1版本;
- // TLSV1.2:TLSv1.2版本;
+ // TLSv1.1:TLSv1.1版本;
+ // TLSv1.2:TLSv1.2版本;
// TLSv1.3:TLSv1.3版本。修改时必须开启连续的版本。
TlsVersion []*string `json:"TlsVersion,omitnil,omitempty" name:"TlsVersion"`
@@ -14317,6 +14707,22 @@ type IPRegionInfo struct {
IsEdgeOneIP *string `json:"IsEdgeOneIP,omitnil,omitempty" name:"IsEdgeOneIP"`
}
+type IPReputation struct {
+ // IP 情报库(原客户端画像分析)。取值有:on:开启;off:关闭。
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+
+ // IP 情报库(原客户端画像分析)的具体配置内容。
+ IPReputationGroup *IPReputationGroup `json:"IPReputationGroup,omitnil,omitempty" name:"IPReputationGroup"`
+}
+
+type IPReputationGroup struct {
+ // IP 情报库(原客户端画像分析)的执行动作。SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Disabled:未启用,不启用指定规则;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge。
+ BaseAction *SecurityAction `json:"BaseAction,omitnil,omitempty" name:"BaseAction"`
+
+ // IP 情报库(原客户端画像分析)的具体配置,用于覆盖 BaseAction 中的默认配置。其中 BotManagementActionOverrides 的 Ids 中可以填写:IPREP_WEB_AND_DDOS_ATTACKERS_LOW:网络攻击 - 一般置信度;IPREP_WEB_AND_DDOS_ATTACKERS_MID:网络攻击 - 中等置信度;IPREP_WEB_AND_DDOS_ATTACKERS_HIGH:网络攻击 - 高置信度;IPREP_PROXIES_AND_ANONYMIZERS_LOW:网络代理 - 一般置信度;IPREP_PROXIES_AND_ANONYMIZERS_MID:网络代理 - 中等置信度;IPREP_PROXIES_AND_ANONYMIZERS_HIGH:网络代理 - 高置信度;IPREP_SCANNING_TOOLS_LOW:扫描器 - 一般置信度;IPREP_SCANNING_TOOLS_MID:扫描器 - 中等置信度;IPREP_SCANNING_TOOLS_HIGH:扫描器 - 高置信度;IPREP_ATO_ATTACKERS_LOW:账号接管攻击 - 一般置信度;IPREP_ATO_ATTACKERS_MID:账号接管攻击 - 中等置信度;IPREP_ATO_ATTACKERS_HIGH:账号接管攻击 - 高置信度;IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_LOW:恶意 BOT - 一般置信度;IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_MID:恶意 BOT - 中等置信度;IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_HIGH:恶意 BOT - 高置信度。
+ BotManagementActionOverrides []*BotManagementActionOverrides `json:"BotManagementActionOverrides,omitnil,omitempty" name:"BotManagementActionOverrides"`
+}
+
type IPWhitelist struct {
// IPv4列表。
IPv4 []*string `json:"IPv4,omitnil,omitempty" name:"IPv4"`
@@ -14718,6 +15124,14 @@ type JustInTimeTranscodeTemplate struct {
UpdateTime *string `json:"UpdateTime,omitnil,omitempty" name:"UpdateTime"`
}
+type KnownBotCategories struct {
+ // 来自已知商业工具或开源工具的访问请求的处置方式。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Disabled:未启用,不启用指定规则;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge;Allow:放行(待废弃)。
+ BaseAction *SecurityAction `json:"BaseAction,omitnil,omitempty" name:"BaseAction"`
+
+ // 指定已知商业工具或开源工具的访问请求的处置方式。
+ BotManagementActionOverrides []*BotManagementActionOverrides `json:"BotManagementActionOverrides,omitnil,omitempty" name:"BotManagementActionOverrides"`
+}
+
type L4OfflineLog struct {
// 四层代理实例 ID。
ProxyId *string `json:"ProxyId,omitnil,omitempty" name:"ProxyId"`
@@ -15080,7 +15494,7 @@ type MaxAge struct {
// off:不遵循源站,使用MaxAge 时间设置。
FollowOrigin *string `json:"FollowOrigin,omitnil,omitempty" name:"FollowOrigin"`
- // MaxAge 时间设置,单位秒,最大365天。
+ // MaxAge 时间设置,单位为秒,取值:0~315360000。
// 注意:时间为0,即不缓存。
MaxAgeTime *int64 `json:"MaxAgeTime,omitnil,omitempty" name:"MaxAgeTime"`
}
@@ -15095,6 +15509,14 @@ type MaxAgeParameters struct {
CacheTime *int64 `json:"CacheTime,omitnil,omitempty" name:"CacheTime"`
}
+type MaxNewSessionTriggerConfig struct {
+ // 触发阈值统计的时间窗口,取值有:5s:5 秒内;10s:10 秒内;15s:15 秒内;30s:30 秒内;60s:60 秒内;5m:5 分钟内;10m:10 分钟内;30m:30 分钟内;60m:60 分钟内。
+ MaxNewSessionCountInterval *string `json:"MaxNewSessionCountInterval,omitnil,omitempty" name:"MaxNewSessionCountInterval"`
+
+ // 触发阈值统计的累计次数,取值范围 1 ~ 100000000。
+ MaxNewSessionCountThreshold *int64 `json:"MaxNewSessionCountThreshold,omitnil,omitempty" name:"MaxNewSessionCountThreshold"`
+}
+
type MinimalRequestBodyTransferRate struct {
// 正文传输最小速率阈值,单位仅支持bps。
MinimalAvgTransferRateThreshold *string `json:"MinimalAvgTransferRateThreshold,omitnil,omitempty" name:"MinimalAvgTransferRateThreshold"`
@@ -16362,15 +16784,28 @@ type ModifyFunctionRuleRequestParams struct {
// 站点 ID。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
- // 规则 ID。
+ // 规则 ID。您可以先通过 DescribeFunctionRules 接口来获取需要修改的规则的 RuleId,然后传入修改后的规则内容,原规则内容会被覆盖式更新。
RuleId *string `json:"RuleId,omitnil,omitempty" name:"RuleId"`
// 规则条件列表,相同触发规则的不同条件匹配项之间为或关系,不填写保持原有配置。
FunctionRuleConditions []*FunctionRuleCondition `json:"FunctionRuleConditions,omitnil,omitempty" name:"FunctionRuleConditions"`
- // 函数 ID,命中触发规则条件后执行的函数,不填写保持原有配置。
+ // 函数选择配置类型:
+ // direct:直接指定执行函数;
+ // weight:基于权重比选择函数;
+ // region:基于客户端 IP 的国家/地区选择函数。
+ // 不填时默认为 direct 。
+ TriggerType *string `json:"TriggerType,omitnil,omitempty" name:"TriggerType"`
+
+ // 指定执行的函数 ID。当 TriggerType 为 direct 或 TriggerType 不填时生效。
FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+ // 基于客户端 IP 国家/地区的函数选择配置,当 TriggerType 为 region 时生效且 RegionMappingSelections 必填。RegionMappingSelections 中至少包含一项 Regions 为 Default 的配置。
+ RegionMappingSelections []*FunctionRegionSelection `json:"RegionMappingSelections,omitnil,omitempty" name:"RegionMappingSelections"`
+
+ // 基于权重的函数选择配置,当 TriggerType 为 weight 时生效且 WeightedSelections 必填。WeightedSelections 中的所有权重之和需要为100。
+ WeightedSelections []*FunctionWeightedSelection `json:"WeightedSelections,omitnil,omitempty" name:"WeightedSelections"`
+
// 规则描述,最大支持 60 个字符,不填写保持原有配置。
Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
}
@@ -16381,15 +16816,28 @@ type ModifyFunctionRuleRequest struct {
// 站点 ID。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
- // 规则 ID。
+ // 规则 ID。您可以先通过 DescribeFunctionRules 接口来获取需要修改的规则的 RuleId,然后传入修改后的规则内容,原规则内容会被覆盖式更新。
RuleId *string `json:"RuleId,omitnil,omitempty" name:"RuleId"`
// 规则条件列表,相同触发规则的不同条件匹配项之间为或关系,不填写保持原有配置。
FunctionRuleConditions []*FunctionRuleCondition `json:"FunctionRuleConditions,omitnil,omitempty" name:"FunctionRuleConditions"`
- // 函数 ID,命中触发规则条件后执行的函数,不填写保持原有配置。
+ // 函数选择配置类型:
+ // direct:直接指定执行函数;
+ // weight:基于权重比选择函数;
+ // region:基于客户端 IP 的国家/地区选择函数。
+ // 不填时默认为 direct 。
+ TriggerType *string `json:"TriggerType,omitnil,omitempty" name:"TriggerType"`
+
+ // 指定执行的函数 ID。当 TriggerType 为 direct 或 TriggerType 不填时生效。
FunctionId *string `json:"FunctionId,omitnil,omitempty" name:"FunctionId"`
+ // 基于客户端 IP 国家/地区的函数选择配置,当 TriggerType 为 region 时生效且 RegionMappingSelections 必填。RegionMappingSelections 中至少包含一项 Regions 为 Default 的配置。
+ RegionMappingSelections []*FunctionRegionSelection `json:"RegionMappingSelections,omitnil,omitempty" name:"RegionMappingSelections"`
+
+ // 基于权重的函数选择配置,当 TriggerType 为 weight 时生效且 WeightedSelections 必填。WeightedSelections 中的所有权重之和需要为100。
+ WeightedSelections []*FunctionWeightedSelection `json:"WeightedSelections,omitnil,omitempty" name:"WeightedSelections"`
+
// 规则描述,最大支持 60 个字符,不填写保持原有配置。
Remark *string `json:"Remark,omitnil,omitempty" name:"Remark"`
}
@@ -16409,7 +16857,10 @@ func (r *ModifyFunctionRuleRequest) FromJsonString(s string) error {
delete(f, "ZoneId")
delete(f, "RuleId")
delete(f, "FunctionRuleConditions")
+ delete(f, "TriggerType")
delete(f, "FunctionId")
+ delete(f, "RegionMappingSelections")
+ delete(f, "WeightedSelections")
delete(f, "Remark")
if len(f) > 0 {
return tcerr.NewTencentCloudSDKError("ClientError.BuildRequestError", "ModifyFunctionRuleRequest has unknown keys!", "")
@@ -16448,10 +16899,14 @@ type ModifyHostsCertificateRequestParams struct {
Hosts []*string `json:"Hosts,omitnil,omitempty" name:"Hosts"`
// 配置服务端证书的模式,取值有:
- // disable:不配置服务端证书;
- // eofreecert:配置 EdgeOne 免费服务端证书;
- // sslcert:配置 SSL 托管服务端证书;
- // 不填写表示服务端证书保持原有配置。
+ // - disable:不配置服务端证书;
+ // - eofreecert:通过自动验证申请免费证书并部署。验证方式详见:[申请免费证书支持的验证方式](https://cloud.tencent.com/document/product/1552/90437)
+ //
+ // - 在 NS 或者 DNSPod 托管接入模式下,仅支持自动验证的方式申请免费证书。
+ // - 当免费证书申请失败时会导致证书部署失败,您可以通过检查免费证书申请结果接口获取申请失败原因。
+ //
eofreecert_manual:部署 DNS 委派验证或者文件验证申请的免费证书。在部署免费证书前,您需要触发申请免费证书接口申请免费证书。在免费证书申请成功后,你可以通过该枚举值对免费证书进行部署;
+ // - 注意:在对免费证书部署时,需要保证当前已存在申请成功的免费证书。您可以通过检查免费证书申请结果接口检查当前是否已存在申请成功的免费证书。
+ //
sslcert:配置 SSL 托管服务端证书。
Mode *string `json:"Mode,omitnil,omitempty" name:"Mode"`
// SSL 证书配置,本参数仅在 mode 为 sslcert 时生效,传入对应证书的 CertId 即可。您可以前往 [SSL 证书列表](https://console.cloud.tencent.com/ssl) 查看 CertId。
@@ -16482,10 +16937,14 @@ type ModifyHostsCertificateRequest struct {
Hosts []*string `json:"Hosts,omitnil,omitempty" name:"Hosts"`
// 配置服务端证书的模式,取值有:
- // disable:不配置服务端证书;
- // eofreecert:配置 EdgeOne 免费服务端证书;
- // sslcert:配置 SSL 托管服务端证书;
- // 不填写表示服务端证书保持原有配置。
+ // - disable:不配置服务端证书;
+ // - eofreecert:通过自动验证申请免费证书并部署。验证方式详见:[申请免费证书支持的验证方式](https://cloud.tencent.com/document/product/1552/90437)
+ //
+ // - 在 NS 或者 DNSPod 托管接入模式下,仅支持自动验证的方式申请免费证书。
+ // - 当免费证书申请失败时会导致证书部署失败,您可以通过检查免费证书申请结果接口获取申请失败原因。
+ //
eofreecert_manual:部署 DNS 委派验证或者文件验证申请的免费证书。在部署免费证书前,您需要触发申请免费证书接口申请免费证书。在免费证书申请成功后,你可以通过该枚举值对免费证书进行部署;
+ // - 注意:在对免费证书部署时,需要保证当前已存在申请成功的免费证书。您可以通过检查免费证书申请结果接口检查当前是否已存在申请成功的免费证书。
+ //
sslcert:配置 SSL 托管服务端证书。
Mode *string `json:"Mode,omitnil,omitempty" name:"Mode"`
// SSL 证书配置,本参数仅在 mode 为 sslcert 时生效,传入对应证书的 CertId 即可。您可以前往 [SSL 证书列表](https://console.cloud.tencent.com/ssl) 查看 CertId。
@@ -18277,10 +18736,10 @@ type ModifySecurityPolicyRequestParams struct {
// 站点 ID。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
- // 安全策略配置。当 SecurityPolicy 参数中的 ExceptionRules 被设置时,SecurityConfig 参数中的 ExceptConfig 将被忽略;当 SecurityPolicy 参数中的 CustomRules 被设置时,SecurityConfig 参数中的 AclConfig、 IpTableConfig 将被忽略;当 SecurityPolicy 参数中的 HttpDDoSProtection 和 RateLimitingRules 被设置时,SecurityConfig 参数中的 RateLimitConfig 将被忽略;当 SecurityPolicy 参数中的 ManagedRule 被设置时,SecurityConfig 参数中的 WafConfig 将被忽略;对于例外规则、自定义规则、速率限制以及托管规则策略配置建议使用 SecurityPolicy 参数进行设置。
+ // 安全策略配置。当 SecurityPolicy 参数中的 ExceptionRules 被设置时,SecurityConfig 参数中的 ExceptConfig 将被忽略;当 SecurityPolicy 参数中的 CustomRules 被设置时,SecurityConfig 参数中的 AclConfig、 IpTableConfig 将被忽略;当 SecurityPolicy 参数中的 HttpDDoSProtection 和 RateLimitingRules 被设置时,SecurityConfig 参数中的 RateLimitConfig 将被忽略;当 SecurityPolicy 参数中的 ManagedRule 被设置时,SecurityConfig 参数中的 WafConfig 将被忽略;当 SecurityPolicy 参数中的 BotManagement 被设置时,SecurityConfig 参数中的 BotConfig 将被忽略;对于例外规则、自定义规则、速率限制、托管规则以及 Bot 管理策略配置建议使用 SecurityPolicy 参数进行设置。
SecurityConfig *SecurityConfig `json:"SecurityConfig,omitnil,omitempty" name:"SecurityConfig"`
- // 安全策略配置。对 Web 例外规则、防护自定义策略、速率规则和托管规则配置建议使用,支持表达式语法对安全策略进行配置。
+ // 安全策略配置。对 Web 例外规则、防护自定义策略、速率规则、托管规则和 Bot 管理配置建议使用,支持表达式语法对安全策略进行配置。
SecurityPolicy *SecurityPolicy `json:"SecurityPolicy,omitnil,omitempty" name:"SecurityPolicy"`
// 安全策略类型,可使用以下参数值: ZoneDefaultPolicy:用于指定站点级策略;Template:用于指定策略模板,需要同时指定 TemplateId 参数;Host:用于指定域名级策略(注意:当使用域名来指定域名服务策略时,仅支持已经应用了域名级策略的域名服务或者策略模板)。
@@ -18299,10 +18758,10 @@ type ModifySecurityPolicyRequest struct {
// 站点 ID。
ZoneId *string `json:"ZoneId,omitnil,omitempty" name:"ZoneId"`
- // 安全策略配置。当 SecurityPolicy 参数中的 ExceptionRules 被设置时,SecurityConfig 参数中的 ExceptConfig 将被忽略;当 SecurityPolicy 参数中的 CustomRules 被设置时,SecurityConfig 参数中的 AclConfig、 IpTableConfig 将被忽略;当 SecurityPolicy 参数中的 HttpDDoSProtection 和 RateLimitingRules 被设置时,SecurityConfig 参数中的 RateLimitConfig 将被忽略;当 SecurityPolicy 参数中的 ManagedRule 被设置时,SecurityConfig 参数中的 WafConfig 将被忽略;对于例外规则、自定义规则、速率限制以及托管规则策略配置建议使用 SecurityPolicy 参数进行设置。
+ // 安全策略配置。当 SecurityPolicy 参数中的 ExceptionRules 被设置时,SecurityConfig 参数中的 ExceptConfig 将被忽略;当 SecurityPolicy 参数中的 CustomRules 被设置时,SecurityConfig 参数中的 AclConfig、 IpTableConfig 将被忽略;当 SecurityPolicy 参数中的 HttpDDoSProtection 和 RateLimitingRules 被设置时,SecurityConfig 参数中的 RateLimitConfig 将被忽略;当 SecurityPolicy 参数中的 ManagedRule 被设置时,SecurityConfig 参数中的 WafConfig 将被忽略;当 SecurityPolicy 参数中的 BotManagement 被设置时,SecurityConfig 参数中的 BotConfig 将被忽略;对于例外规则、自定义规则、速率限制、托管规则以及 Bot 管理策略配置建议使用 SecurityPolicy 参数进行设置。
SecurityConfig *SecurityConfig `json:"SecurityConfig,omitnil,omitempty" name:"SecurityConfig"`
- // 安全策略配置。对 Web 例外规则、防护自定义策略、速率规则和托管规则配置建议使用,支持表达式语法对安全策略进行配置。
+ // 安全策略配置。对 Web 例外规则、防护自定义策略、速率规则、托管规则和 Bot 管理配置建议使用,支持表达式语法对安全策略进行配置。
SecurityPolicy *SecurityPolicy `json:"SecurityPolicy,omitnil,omitempty" name:"SecurityPolicy"`
// 安全策略类型,可使用以下参数值: ZoneDefaultPolicy:用于指定站点级策略;Template:用于指定策略模板,需要同时指定 TemplateId 参数;Host:用于指定域名级策略(注意:当使用域名来指定域名服务策略时,仅支持已经应用了域名级策略的域名服务或者策略模板)。
@@ -18951,6 +19410,33 @@ type MutualTLS struct {
CertInfos []*CertificateInfo `json:"CertInfos,omitnil,omitempty" name:"CertInfos"`
}
+type NSDetail struct {
+ // 是否开启 CNAME 加速,取值有:
+ // enabled:开启;
+ // disabled:关闭。
+ CnameSpeedUp *string `json:"CnameSpeedUp,omitnil,omitempty" name:"CnameSpeedUp"`
+
+ // 是否存在同名站点,取值有:
+ // 0:不存在同名站点;
+ // 1:已存在同名站点。
+ IsFake *int64 `json:"IsFake,omitnil,omitempty" name:"IsFake"`
+
+ // 归属权验证信息。针对 NS 接入类型的站点,将当前的 NS 服务器切换至腾讯云 EdgeOne 指定的 NS 服务器,即视为通过归属权验证。详情请参考 [站点/域名归属权验证](https://cloud.tencent.com/document/product/1552/70789) 。
+ OwnershipVerification *OwnershipVerification `json:"OwnershipVerification,omitnil,omitempty" name:"OwnershipVerification"`
+
+ // 由 EdgeOne 检测到的站点当前正在使用的 NS 服务器列表。
+ OriginalNameServers []*string `json:"OriginalNameServers,omitnil,omitempty" name:"OriginalNameServers"`
+
+ // 腾讯云 EdgeOne 分配的 NS 服务器列表。需要将当前站点 NS 服务器指向该地址,站点才能生效。
+ NameServers []*string `json:"NameServers,omitnil,omitempty" name:"NameServers"`
+
+ // 用户自定义 NS 服务器域名信息。如果启用了自定义 NS 服务,需要在域名注册厂商内将 NS 指向该地址。
+ VanityNameServers *VanityNameServers `json:"VanityNameServers,omitnil,omitempty" name:"VanityNameServers"`
+
+ // 用户自定义 NS 服务器对应的 IP 地址信息。
+ VanityNameServersIps []*VanityNameServersIps `json:"VanityNameServersIps,omitnil,omitempty" name:"VanityNameServersIps"`
+}
+
type NextOriginACL struct {
// 版本号。
Version *string `json:"Version,omitnil,omitempty" name:"Version"`
@@ -19542,7 +20028,7 @@ type PostMaxSize struct {
// off:关闭限制。
Switch *string `json:"Switch,omitnil,omitempty" name:"Switch"`
- // 最大限制,取值在1MB和500MB之间。单位字节。
+ // 最大限制,该字段仅在 Switch 为 on 时生效,取值在 1MB 和 800MB 之间,单位字节。
MaxSize *int64 `json:"MaxSize,omitnil,omitempty" name:"MaxSize"`
}
@@ -19550,7 +20036,7 @@ type PostMaxSizeParameters struct {
// 是否开启 POST 请求上传文件限制,单位为 Byte,平台默认为限制为 32 * 220 Byte,取值有:on:开启限制;off:关闭限制。
Switch *string `json:"Switch,omitnil,omitempty" name:"Switch"`
- // POST 请求上传文件流式传输最大限制,单位为 Byte,取值:1 * 220 Byte~500 * 220 Byte。
+ // POST 请求上传文件流式传输最大限制,该字段仅在 Switch 为 on 时生效,取值在 1MB 和 800MB 之间,单位字节。
MaxSize *int64 `json:"MaxSize,omitnil,omitempty" name:"MaxSize"`
}
@@ -19844,7 +20330,7 @@ type RealtimeLogDeliveryTask struct {
// 实时日志投递任务的状态,取值有: enabled: 已启用; disabled: 已停用;deleted: 异常删除状态,请检查目的地腾讯云 CLS 日志集/日志主题是否已被删除。
DeliveryStatus *string `json:"DeliveryStatus,omitnil,omitempty" name:"DeliveryStatus"`
- // 实时日志投递任务类型,取值有: cls: 推送到腾讯云 CLS; custom_endpoint:推送到自定义 HTTP(S) 地址; s3:推送到 AWS S3 兼容存储桶地址。
+ // 实时日志投递任务类型,取值有: cls: 推送到腾讯云 CLS; custom_endpoint:推送到自定义 HTTP(S) 地址; s3:推送到 AWS S3 兼容存储桶地址;log_analysis:推送到 EdgeOne 日志分析。
TaskType *string `json:"TaskType,omitnil,omitempty" name:"TaskType"`
// 实时日志投递任务对应的实体(七层域名或者四层代理实例)列表。取值示例如下: 七层域名:domain.example.com; 四层代理实例:sid-2s69eb5wcms7。
@@ -20644,6 +21130,14 @@ type S3 struct {
CompressType *string `json:"CompressType,omitnil,omitempty" name:"CompressType"`
}
+type SearchEngineBots struct {
+ // 来自搜索引擎爬虫的请求的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Disabled:未启用,不启用指定规则;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge;Allow:放行(待废弃)。
+ BaseAction *SecurityAction `json:"BaseAction,omitnil,omitempty" name:"BaseAction"`
+
+ // 指定搜索引擎爬虫请求的处置方式。
+ BotManagementActionOverrides []*BotManagementActionOverrides `json:"BotManagementActionOverrides,omitnil,omitempty" name:"BotManagementActionOverrides"`
+}
+
type SecEntry struct {
// 查询维度值。
Key *string `json:"Key,omitnil,omitempty" name:"Key"`
@@ -20677,6 +21171,7 @@ type SecurityAction struct {
// Disabled:未启用,不启用指定规则;
// Allow:允许访问,但延迟处理请求;
// Challenge:挑战,响应挑战内容;
+ // Trans:放行,允许请求直接访问站点资源;
// BlockIP:待废弃,IP 封禁;
// ReturnCustomPage:待废弃,使用指定页面拦截;
// JSChallenge:待废弃,JavaScript 挑战;
@@ -20786,6 +21281,14 @@ type SecurityType struct {
Switch *string `json:"Switch,omitnil,omitempty" name:"Switch"`
}
+type SecurityWeightedAction struct {
+ // Bot 自定义规则的处置方式。取值有:Allow:放行,其中 AllowActionParameters 支持 MinDelayTime 和 MaxDelayTime 配置;Deny:拦截,其中 DenyActionParameters 中支持 BlockIp、ReturnCustomPage 和 Stall 配置;Monitor:观察;Challenge:挑战,其中 ChallengeActionParameters.ChallengeOption 支持 JSChallenge 和 ManagedChallenge;Redirect:重定向至URL。
+ SecurityAction *SecurityAction `json:"SecurityAction,omitnil,omitempty" name:"SecurityAction"`
+
+ // 当前 SecurityAction 的权重,仅支持 10 ~ 100 且必须为 10 的倍数,其中 Weight 参数全部相加须等于 100。
+ Weight *int64 `json:"Weight,omitnil,omitempty" name:"Weight"`
+}
+
type ServerCertInfo struct {
// 服务器证书 ID。来源于 SSL 侧,您可以前往 [SSL 证书列表](https://console.cloud.tencent.com/ssl) 查看 CertId。
CertId *string `json:"CertId,omitnil,omitempty" name:"CertId"`
@@ -20812,6 +21315,20 @@ type ServerCertInfo struct {
CommonName *string `json:"CommonName,omitnil,omitempty" name:"CommonName"`
}
+type SessionRateControl struct {
+ // 会话速率和周期特征校验配置是否开启。取值有:on:启用off:关闭
+ Enabled *string `json:"Enabled,omitnil,omitempty" name:"Enabled"`
+
+ // 会话速率和周期特征校验高风险的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ HighRateSessionAction *SecurityAction `json:"HighRateSessionAction,omitnil,omitempty" name:"HighRateSessionAction"`
+
+ // 会话速率和周期特征校验中风险的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ MidRateSessionAction *SecurityAction `json:"MidRateSessionAction,omitnil,omitempty" name:"MidRateSessionAction"`
+
+ // 会话速率和周期特征校验低风险的执行动作。 SecurityAction 的 Name 取值支持:Deny:拦截,其中 DenyActionParameters 中支持 Stall 配置;Monitor:观察;Allow:等待后响应,其中 AllowActionParameters 需要 MinDelayTime 和 MaxDelayTime 配置。
+ LowRateSessionAction *SecurityAction `json:"LowRateSessionAction,omitnil,omitempty" name:"LowRateSessionAction"`
+}
+
type SetContentIdentifierParameters struct {
// 内容标识id
ContentIdentifier *string `json:"ContentIdentifier,omitnil,omitempty" name:"ContentIdentifier"`
@@ -20916,6 +21433,14 @@ type SmartRoutingParameters struct {
Switch *string `json:"Switch,omitnil,omitempty" name:"Switch"`
}
+type SourceIDC struct {
+ // 来自指定 IDC 请求的处置方式。 SecurityAction 的 Name 取值支持:Deny:拦截;Monitor:观察;Disabled:未启用,不启用指定规则;Challenge:挑战,其中 ChallengeActionParameters 中的 ChallengeOption 支持 JSChallenge 和 ManagedChallenge;Allow:放行(待废弃)。
+ BaseAction *SecurityAction `json:"BaseAction,omitnil,omitempty" name:"BaseAction"`
+
+ // 指定 IDC 请求的处置方式。
+ BotManagementActionOverrides []*BotManagementActionOverrides `json:"BotManagementActionOverrides,omitnil,omitempty" name:"BotManagementActionOverrides"`
+}
+
type StandardDebug struct {
// Debug 功能开关,取值有:
// on:开启;
@@ -21532,64 +22057,56 @@ type Zone struct {
// 站点名称。
ZoneName *string `json:"ZoneName,omitnil,omitempty" name:"ZoneName"`
- // 站点当前使用的 NS 列表。
- OriginalNameServers []*string `json:"OriginalNameServers,omitnil,omitempty" name:"OriginalNameServers"`
-
- // 腾讯云分配的 NS 列表。
- NameServers []*string `json:"NameServers,omitnil,omitempty" name:"NameServers"`
+ // 同名站点标识。允许输入数字、英文、"." 、"-" 和 "_" 组合,长度 200 个字符以内。
+ AliasZoneName *string `json:"AliasZoneName,omitnil,omitempty" name:"AliasZoneName"`
- // 站点状态,取值有:
- // active:NS 已切换;
- // pending:NS 未切换;
- // moved:NS 已切走;
- // deactivated:被封禁。
- // initializing:待绑定套餐。
- Status *string `json:"Status,omitnil,omitempty" name:"Status"`
+ // 站点加速区域,取值有:
+ // global:全球可用区;
+ // mainland:中国大陆可用区;
+ // overseas:全球可用区(不含中国大陆)。
+ Area *string `json:"Area,omitnil,omitempty" name:"Area"`
- // 站点接入方式,取值有:
- // full:NS 接入;
- // partial:CNAME 接入;
- // noDomainAccess:无域名接入;
+ // 站点接入类型,取值有:
+ // full:NS 接入类型;
+ // partial:CNAME 接入类型;
+ // noDomainAccess:无域名接入类型;
+ // dnsPodAccess:DNSPod 托管类型,该类型要求您的域名已托管在腾讯云 DNSPod;
+ // pages:Pages 类型。
Type *string `json:"Type,omitnil,omitempty" name:"Type"`
- // 站点是否关闭。
- Paused *bool `json:"Paused,omitnil,omitempty" name:"Paused"`
-
- // 是否开启 CNAME 加速,取值有:
- // enabled:开启;
- // disabled:关闭。
- CnameSpeedUp *string `json:"CnameSpeedUp,omitnil,omitempty" name:"CnameSpeedUp"`
-
- // CNAME 接入状态,取值有:
- // finished:站点已验证;
- // pending:站点验证中。
- CnameStatus *string `json:"CnameStatus,omitnil,omitempty" name:"CnameStatus"`
-
- // 资源标签列表。
+ // 站点关联的标签。
Tags []*Tag `json:"Tags,omitnil,omitempty" name:"Tags"`
// 计费资源列表。
Resources []*Resource `json:"Resources,omitnil,omitempty" name:"Resources"`
+ // NS 类型站点详情。仅当 Type = full 时返回值。
+ NSDetail *NSDetail `json:"NSDetail,omitnil,omitempty" name:"NSDetail"`
+
+ // CNAME 类型站点详情。仅当 Type = partial 时返回值。
+ CNAMEDetail *CNAMEDetail `json:"CNAMEDetail,omitnil,omitempty" name:"CNAMEDetail"`
+
+ // DNSPod 托管类型站点详情。仅当 Type = dnsPodAccess 时返回值。
+ DNSPodDetail *DNSPodDetail `json:"DNSPodDetail,omitnil,omitempty" name:"DNSPodDetail"`
+
// 站点创建时间。
CreatedOn *string `json:"CreatedOn,omitnil,omitempty" name:"CreatedOn"`
// 站点修改时间。
ModifiedOn *string `json:"ModifiedOn,omitnil,omitempty" name:"ModifiedOn"`
- // 站点接入地域,取值有:
- // global:全球;
- // mainland:中国大陆;
- // overseas:境外区域。
- Area *string `json:"Area,omitnil,omitempty" name:"Area"`
-
- // 用户自定义 NS 信息。
- // 注意:此字段可能返回 null,表示取不到有效值。
- VanityNameServers *VanityNameServers `json:"VanityNameServers,omitnil,omitempty" name:"VanityNameServers"`
+ // 站点状态,取值有:
+ // active:NS 已切换;
+ // pending:NS 未切换;
+ // moved:NS 已切走;
+ // deactivated:被封禁。
+ // initializing:待绑定套餐。
+ Status *string `json:"Status,omitnil,omitempty" name:"Status"`
- // 用户自定义 NS IP 信息。
- // 注意:此字段可能返回 null,表示取不到有效值。
- VanityNameServersIps []*VanityNameServersIps `json:"VanityNameServersIps,omitnil,omitempty" name:"VanityNameServersIps"`
+ // CNAME 接入状态,取值有:
+ // finished:站点已验证;
+ // pending:站点验证中。
+ CnameStatus *string `json:"CnameStatus,omitnil,omitempty" name:"CnameStatus"`
// 展示状态,取值有:
// active:已启用;
@@ -21597,20 +22114,39 @@ type Zone struct {
// paused:已停用。
ActiveStatus *string `json:"ActiveStatus,omitnil,omitempty" name:"ActiveStatus"`
- // 站点别名。数字、英文、-和_组合,限制20个字符。
- AliasZoneName *string `json:"AliasZoneName,omitnil,omitempty" name:"AliasZoneName"`
+ // 锁定状态,取值有: enable:正常,允许进行修改操作; disable:锁定中,不允许进行修改操作; plan_migrate:套餐迁移中,不允许进行修改操作。
+ LockStatus *string `json:"LockStatus,omitnil,omitempty" name:"LockStatus"`
- // 是否伪站点,取值有:
+ // 站点是否关闭。
+ Paused *bool `json:"Paused,omitnil,omitempty" name:"Paused"`
+
+ // 是否伪站点(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段),取值有:
// 0:非伪站点;
// 1:伪站点。
IsFake *int64 `json:"IsFake,omitnil,omitempty" name:"IsFake"`
- // 锁定状态,取值有: enable:正常,允许进行修改操作; disable:锁定中,不允许进行修改操作; plan_migrate:套餐迁移中,不允许进行修改操作。
- LockStatus *string `json:"LockStatus,omitnil,omitempty" name:"LockStatus"`
+ // 是否开启 CNAME 加速(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段),取值有:
+ // enabled:开启;
+ // disabled:关闭。
+ CnameSpeedUp *string `json:"CnameSpeedUp,omitnil,omitempty" name:"CnameSpeedUp"`
- // 归属权验证信息。
+ // 归属权验证信息。(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段)
// 注意:此字段可能返回 null,表示取不到有效值。
OwnershipVerification *OwnershipVerification `json:"OwnershipVerification,omitnil,omitempty" name:"OwnershipVerification"`
+
+ // 站点当前使用的 NS 列表。(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段)
+ OriginalNameServers []*string `json:"OriginalNameServers,omitnil,omitempty" name:"OriginalNameServers"`
+
+ // 腾讯云分配的 NS 列表。(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段)
+ NameServers []*string `json:"NameServers,omitnil,omitempty" name:"NameServers"`
+
+ // 用户自定义 NS 信息。(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段)
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ VanityNameServers *VanityNameServers `json:"VanityNameServers,omitnil,omitempty" name:"VanityNameServers"`
+
+ // 用户自定义 NS IP 信息。(该字段为历史保留字段,已不再维护,请根据站点类型参考对应字段)
+ // 注意:此字段可能返回 null,表示取不到有效值。
+ VanityNameServersIps []*VanityNameServersIps `json:"VanityNameServersIps,omitnil,omitempty" name:"VanityNameServersIps"`
}
type ZoneConfig struct {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 21c60d1878..c9496bee01 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1170,7 +1170,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit/v20190319
# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.1148
## explicit; go 1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls/v20201016
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.50
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.1.52
## explicit; go 1.11
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors
@@ -1331,7 +1331,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq/v20200217
# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578
## explicit; go 1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem/v20210701
-# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.36
+# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.1.52
## explicit; go 1.14
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901
# github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/thpc v1.0.998
diff --git a/website/docs/d/teo_web_security_templates.html.markdown b/website/docs/d/teo_web_security_templates.html.markdown
new file mode 100644
index 0000000000..c0ad094018
--- /dev/null
+++ b/website/docs/d/teo_web_security_templates.html.markdown
@@ -0,0 +1,47 @@
+---
+subcategory: "TencentCloud EdgeOne(TEO)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_teo_web_security_templates"
+sidebar_current: "docs-tencentcloud-datasource-teo_web_security_templates"
+description: |-
+ Use this data source to query detailed information of TEO web security templates
+---
+
+# tencentcloud_teo_web_security_templates
+
+Use this data source to query detailed information of TEO web security templates
+
+## Example Usage
+
+```hcl
+data "tencentcloud_teo_web_security_templates" "example" {
+ zone_ids = [
+ "zone-3fkff38fyw8s",
+ ]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `zone_ids` - (Required, Set: [`String`]) List of zone IDs. A maximum of 100 zones can be queried in a single request.
+* `result_output_file` - (Optional, String) Used to save results.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `security_policy_templates` - List of policy templates.
+ * `bind_domains` - Information about domains bound to the policy template.
+ * `domain` - Domain name.
+ * `status` - Binding status. valid values:.
+`process`: binding in progress
+`online`: binding succeeded.
+`fail`: binding failed..
+ * `zone_id` - Zone ID to which the domain belongs.
+ * `template_id` - Policy template ID.
+ * `template_name` - The name of the policy template.
+ * `zone_id` - The zone ID to which the policy template belongs.
+
+
diff --git a/website/docs/r/teo_web_security_template.html.markdown b/website/docs/r/teo_web_security_template.html.markdown
new file mode 100644
index 0000000000..056cf4e9ef
--- /dev/null
+++ b/website/docs/r/teo_web_security_template.html.markdown
@@ -0,0 +1,2127 @@
+---
+subcategory: "TencentCloud EdgeOne(TEO)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_teo_web_security_template"
+sidebar_current: "docs-tencentcloud-resource-teo_web_security_template"
+description: |-
+ Provides a resource to create a TEO web security template
+---
+
+# tencentcloud_teo_web_security_template
+
+Provides a resource to create a TEO web security template
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_teo_web_security_template" "example" {
+ zone_id = "zone-3fkff38fyw8s"
+ template_name = "example"
+ security_policy {
+ bot_management {
+ enabled = "off"
+ basic_bot_settings {
+ bot_intelligence {
+ enabled = "off"
+ bot_ratings {
+ high_risk_bot_requests_action {
+ name = "Monitor"
+ }
+
+ human_requests_action {
+ name = "Allow"
+ }
+
+ likely_bot_requests_action {
+ name = "Monitor"
+ }
+
+ verified_bot_requests_action {
+ name = "Monitor"
+ }
+ }
+ }
+
+ ip_reputation {
+ enabled = "off"
+ }
+ }
+ }
+
+ http_ddos_protection {
+ adaptive_frequency_control {
+ enabled = "on"
+ sensitivity = "Loose"
+
+ action {
+ name = "Challenge"
+ challenge_action_parameters {
+ attester_id = null
+ challenge_option = "JSChallenge"
+ interval = null
+ }
+ }
+ }
+
+ bandwidth_abuse_defense {
+ enabled = "off"
+ action {
+ name = "Monitor"
+ }
+ }
+
+ client_filtering {
+ enabled = "on"
+ action {
+ name = "Challenge"
+ challenge_action_parameters {
+ attester_id = null
+ challenge_option = "JSChallenge"
+ interval = null
+ }
+ }
+ }
+
+ slow_attack_defense {
+ enabled = "off"
+ action {
+ name = "Deny"
+ }
+
+ minimal_request_body_transfer_rate {
+ counting_period = "60s"
+ enabled = "off"
+ minimal_avg_transfer_rate_threshold = "80bps"
+ }
+
+ request_body_transfer_timeout {
+ enabled = "off"
+ idle_timeout = "5s"
+ }
+ }
+ }
+
+ managed_rules {
+ detection_only = "on"
+ enabled = "on"
+ semantic_analysis = "off"
+
+ auto_update {
+ auto_update_to_latest_version = "off"
+ }
+
+ managed_rule_groups {
+ group_id = "wafgroup-webshell-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-xss-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-xxe-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-vulnerability-scanners"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-non-compliant-protocol-usages"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-cms-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-file-upload-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-other-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-command-and-code-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-sql-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-shiro-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-unauthorized-file-accesses"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ldap-injections"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-oa-vulnerabilities"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ssrf-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-ssti-attacks"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ managed_rule_groups {
+ group_id = "wafgroup-unauthorized-accesses"
+ sensitivity_level = "strict"
+
+ action {
+ name = "Monitor"
+ }
+ }
+ }
+ }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `template_name` - (Required, String) Policy template name. Composed of Chinese characters, letters, digits, and underscores. Cannot begin with an underscore and must be less than or equal to 32 characters.
+* `zone_id` - (Required, String, ForceNew) Zone ID. Explicitly identifies the zone to which the policy template belongs for access control purposes.
+* `security_policy` - (Optional, List) Web security policy template configuration. Generates default config if empty. Supported: Exception rules, custom rules, rate limiting rules, managed rules. Not supported: Bot management rules (under development).
+
+The `action` object of `adaptive_frequency_control` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `bandwidth_abuse_defense` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `bot_management_action_overrides` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `client_filtering` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `frequent_scanning_protection` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `managed_rule_groups` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `rule_actions` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `rules` supports the following:
+
+* `bot_session_validation` - (Optional, List) Configures Cookie verification and session tracking.
+* `client_behavior_detection` - (Optional, List) Configures client behavior validation.
+
+The `action` object of `rules` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `action` object of `rules` supports the following:
+
+* `security_action` - (Optional, List) The handling method of the Bot custom rule. valid values: Allow: pass, where AllowActionParameters supports MinDelayTime and MaxDelayTime configuration; Deny: block, where DenyActionParameters supports BlockIp, ReturnCustomPage, and Stall configuration; Monitor: observation; Challenge: Challenge, where ChallengeActionParameters.ChallengeOption supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL..
+* `weight` - (Optional, Int) The Weight of the current SecurityAction, only supported between 10 and 100 and must be a multiple of 10. the total of all Weight parameters must equal 100.
+
+The `action` object of `slow_attack_defense` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `adaptive_frequency_control` object of `http_ddos_protection` supports the following:
+
+* `enabled` - (Required, String) Whether adaptive frequency control is enabled. valid values: on: enable; off: disable..
+* `action` - (Optional, List) The handling method of adaptive frequency control. this field is required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..
+* `sensitivity` - (Optional, String) The restriction level of adaptive frequency control. required when Enabled is on. valid values: Loose: LooseModerate: ModerateStrict: Strict.
+
+The `allow_action_parameters` object of `action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `base_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `bot_client_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `human_requests_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `security_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `session_expired_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `session_invalid_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `allow_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `max_delay_time` - (Optional, String) Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10..
+* `min_delay_time` - (Optional, String) Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5..
+
+The `auto_update` object of `managed_rules` supports the following:
+
+* `auto_update_to_latest_version` - (Required, String) Enable automatic update to the latest version or not. Values: `on`: enabled `off`: disabled.
+
+The `bandwidth_abuse_defense` object of `http_ddos_protection` supports the following:
+
+* `enabled` - (Required, String) Whether bandwidth abuse protection (applicable to chinese mainland only) is enabled. valid values: on: enabled; off: disabled..
+* `action` - (Optional, List) Bandwidth abuse protection (applicable to chinese mainland) handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observe; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..
+
+The `base_action` object of `ip_reputation_group` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `base_action` object of `known_bot_categories` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `base_action` object of `search_engine_bots` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `base_action` object of `source_idc` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `basic_bot_settings` object of `bot_management` supports the following:
+
+* `bot_intelligence` - (Optional, List) Specifies the configuration for Bot intelligent analysis.
+* `ip_reputation` - (Optional, List) Threat intelligence database (originally client profile analysis) configuration, used for handling client ips with specific risk characteristics in recent access behavior.
+* `known_bot_categories` - (Optional, List) Commercial or open-source tool UA feature configuration (original UA feature rule), used to handle access requests from known commercial or open-source tools. the User-Agent header of such requests complies with known commercial or open-source tool features.
+* `search_engine_bots` - (Optional, List) Search engine crawler configuration, used to handle requests from search engine crawlers. the IP, User-Agent, or rDNS results of such requests match known search engine crawlers.
+* `source_idc` - (Optional, List) Client IP source IDC configuration, used for handling access requests from client ips in idcs (data centers). such source requests are not directly accessed by mobile terminals or browser-side.
+
+The `block_ip_action_parameters` object of `action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `base_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `bot_client_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `human_requests_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `security_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `session_expired_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `session_invalid_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `block_ip_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `duration` - (Required, String) Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48..
+
+The `bot_client_action` object of `client_behavior_detection` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `bot_intelligence` object of `basic_bot_settings` supports the following:
+
+* `bot_ratings` - (Optional, List) Based on client and request features, divides request sources into human requests, legitimate Bot requests, suspected Bot requests, and high-risk Bot requests, and provides request handling options.
+* `enabled` - (Optional, String) Specifies the switch for Bot intelligent analysis configuration. valid values:.
+
+on: enabled.
+off: disabled.
+
+The `bot_management_action_overrides` object of `ip_reputation_group` supports the following:
+
+* `action` - (Optional, List) Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..
+* `ids` - (Optional, Set) Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.
+
+The `bot_management_action_overrides` object of `known_bot_categories` supports the following:
+
+* `action` - (Optional, List) Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..
+* `ids` - (Optional, Set) Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.
+
+The `bot_management_action_overrides` object of `search_engine_bots` supports the following:
+
+* `action` - (Optional, List) Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..
+* `ids` - (Optional, Set) Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.
+
+The `bot_management_action_overrides` object of `source_idc` supports the following:
+
+* `action` - (Optional, List) Specifies the handling action for Bot rule items in Ids. valid values for the Name parameter in SecurityAction: Deny: block;Monitor: observe;Disabled: Disabled, disable the specified rule;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge;Allow: pass (only for Bot basic feature management)..
+* `ids` - (Optional, Set) Specific item under Bot rules used to rewrite the configuration content of this single rule. refer to the returned message from the DescribeBotManagedRules API for detailed information corresponding to Ids.
+
+The `bot_management` object of `security_policy` supports the following:
+
+* `basic_bot_settings` - (Optional, List) Bot management basic configuration. takes effect on all domains associated with the policy. can be customized through CustomRules.
+* `browser_impersonation_detection` - (Optional, List) Configures browser spoofing identification rules (formerly active feature detection rule). sets the response page range for JavaScript injection, browser check options, and handling method for non-browser clients.
+* `client_attestation_rules` - (Optional, List) Definition list of client authentication rules. this feature is in beta test. submit a ticket if you need to use it.
+* `custom_rules` - (Optional, List) Bot management custom rule combines various crawlers and request behavior characteristics to accurately define bots and configure customized handling methods.
+* `enabled` - (Optional, String) Whether Bot management is enabled. valid values: on: enabled;off: disabled..
+
+The `bot_ratings` object of `bot_intelligence` supports the following:
+
+* `high_risk_bot_requests_action` - (Optional, List) Execution action for malicious Bot requests. valid values for the Name parameter in SecurityAction: Deny: block; Monitor: observe; Allow: pass; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..
+* `human_requests_action` - (Optional, List) Execution action for a normal Bot request. valid values for the Name parameter in SecurityAction: Allow: pass..
+* `likely_bot_requests_action` - (Optional, List) The execution action for suspected Bot requests. valid values for the Name parameter in SecurityAction: Deny: block; Monitor: observe; Allow: pass; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..
+* `verified_bot_requests_action` - (Optional, List) Execution action for friendly Bot request. SecurityAction Name parameter supports: Deny: block;Monitor: observe;Allow: pass;Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..
+
+The `bot_session_validation` object of `action` supports the following:
+
+* `issue_new_bot_session_cookie` - (Optional, String) Whether to update Cookie and validate. valid values: on: update Cookie and validate; off: verify only..
+* `max_new_session_trigger_config` - (Optional, List) Specifies the trigger threshold for updating and validating cookies. valid only when IssueNewBotSessionCookie is set to on.
+* `session_expired_action` - (Optional, List) Execution action when no Cookie is carried or the Cookie expired. valid values for the Name parameter in SecurityAction: Deny: block, where Stall can be configured in DenyActionParameters;Monitor: observe;Allow: respond after wait, where MinDelayTime and MaxDelayTime must be configured in AllowActionParameters..
+* `session_invalid_action` - (Optional, List) Execution action for invalid Cookie. valid values for the Name parameter in SecurityAction: Deny: block, where the DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..
+* `session_rate_control` - (Optional, List) Specifies the session rate and periodic feature verification configuration.
+
+The `browser_impersonation_detection` object of `bot_management` supports the following:
+
+* `rules` - (Optional, List) List of browser spoofing identification Rules. when using ModifySecurityPolicy to modify Web protection configuration:
if Rules parameter in SecurityPolicy.BotManagement.BrowserImpersonationDetection is not specified or parameter length is zero: clear all browser spoofing identification rule configurations. if BrowserImpersonationDetection parameter value is unspecified in SecurityPolicy.BotManagement parameters: keep existing browser spoofing identification rule configurations without modification..
+
+The `challenge_action_parameters` object of `action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `base_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `bot_client_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `human_requests_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `security_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `session_expired_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `session_invalid_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `challenge_option` - (Required, String) Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge..
+* `attester_id` - (Optional, String) Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.
+* `interval` - (Optional, String) Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60;m: minute, value ranges from 1 to 60;h: hour, value ranges from 1 to 24..
+
+The `challenge_not_finished_action` object of `client_behavior_detection` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `challenge_timeout_action` object of `client_behavior_detection` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `client_attestation_rules` object of `bot_management` supports the following:
+
+* `rules` - (Optional, List) List of client authentication. when using ModifySecurityPolicy to modify Web protection configuration: if Rules in SecurityPolicy.BotManagement.ClientAttestationRules is not specified or the parameter length of Rules is zero: clear all client authentication rule configuration. if ClientAttestationRules in SecurityPolicy.BotManagement parameters is unspecified: keep existing client authentication rule configuration and do not modify. .
+
+The `client_behavior_detection` object of `action` supports the following:
+
+* `bot_client_action` - (Optional, List) The execution action of the Bot client. valid values for the Name parameter in SecurityAction: Deny: block, where the Stall configuration is supported in DenyActionParameters;Monitor: observation;Allow: respond after wait, where MinDelayTime and MaxDelayTime configurations are required in AllowActionParameters..
+* `challenge_not_finished_action` - (Optional, List) Execution action when client-side javascript is not enabled (test not completed). valid values for SecurityAction Name: Deny: block, where Stall configuration is supported in DenyActionParameters;Monitor: observe;Allow: respond after waiting, where MinDelayTime and MaxDelayTime configuration is required in AllowActionParameters..
+* `challenge_timeout_action` - (Optional, List) The execution action for client-side detection timeout. valid values for the Name parameter in SecurityAction: Deny: block, where Stall can be configured in DenyActionParameters; Monitor: observe; Allow: respond after wait, where MinDelayTime and MaxDelayTime must be configured in AllowActionParameters..
+* `crypto_challenge_delay_before` - (Optional, String) Specifies the execution mode for client behavior verification. valid values: 0ms: immediate execution; 100ms: delay 100ms execution; 200ms: delay 200ms execution; 300ms: delay 300ms execution; 400ms: delay 400ms execution; 500ms: delay 500ms execution; 600ms: delay 600ms execution; 700ms: delay 700ms execution; 800ms: delay 800ms execution; 900ms: delay 900ms execution; 1000ms: delay 1000ms execution..
+* `crypto_challenge_intensity` - (Optional, String) Specifies the proof-of-work strength. valid values: low: low;medium: medium;high: high..
+* `max_challenge_count_interval` - (Optional, String) Time window for trigger threshold statistics. valid values: 5s: within 5 seconds;10s: within 10 seconds;15s: within 15 seconds;30s: within 30 seconds;60s: within 60 seconds;5m: within 5 minutes;10m: within 10 minutes;30m: within 30 minutes;60m: within 60 minutes..
+* `max_challenge_count_threshold` - (Optional, Int) Trigger threshold cumulative count. value range: 1-100000000.
+
+The `client_filtering` object of `http_ddos_protection` supports the following:
+
+* `enabled` - (Required, String) Whether intelligent client filtering is enabled. valid values: on: enable; off: disable..
+* `action` - (Optional, List) The handling method of intelligent client filtering. when Enabled is on, this field is required. the Name parameter of SecurityAction supports: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge..
+
+The `custom_rules` object of `bot_management` supports the following:
+
+* `rules` - (Optional, List) List of Bot custom Rules. when using ModifySecurityPolicy to modify Web protection configuration:
if Rules in SecurityPolicy.BotManagement.CustomRules is not specified or parameter length of Rules is zero: clear all Bot custom rule configurations. if CustomRules in SecurityPolicy.BotManagement parameters is unspecified: keep existing Bot custom rule configurations and do not modify them..
+
+The `custom_rules` object of `security_policy` supports the following:
+
+* `rules` - (Optional, List) The custom rule.
when modifying the Web protection configuration using ModifySecurityPolicy:
- if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations.
- if the Rules parameter is not specified: keep the existing custom rule configuration without modification.
+
+The `deny_action_parameters` object of `action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `base_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `bot_client_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `human_requests_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `security_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `session_expired_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `session_invalid_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `deny_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `block_ip_duration` - (Optional, String) The ban duration when BlockIP is on.
+* `block_ip` - (Optional, String) Specifies whether to extend the ban on the source IP. valid values.
+`on`: Enable;
+
+off: Disable.
+
+After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated.
+Note: this option cannot intersect with ReturnCustomPage or Stall.
+* `error_page_id` - (Optional, String) Specifies the page id of the custom page.
+* `response_code` - (Optional, String) Status code of the custom page.
+* `return_custom_page` - (Optional, String) Specifies whether to use a custom page. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously.
+Note: this option cannot intersect with the BlockIp or Stall option.
+* `stall` - (Optional, String) Specifies whether to suspend the request source without processing. valid values:.
+`on`: Enable;
+
+off: Disable.
+
+Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources.
+Note: this option cannot intersect with BlockIp or ReturnCustomPage options.
+
+The `device_profiles` object of `rules` supports the following:
+
+* `client_type` - (Required, String) Client device type. valid values: iOS; Android; WebView..
+* `high_risk_min_score` - (Optional, Int) The minimum value to determine a request as high-risk ranges from 1-99. the larger the value, the higher the request risk, and the closer it resembles a request initiated by a Bot client. the default value is 50, corresponding to high-risk for values 51-100.
+* `high_risk_request_action` - (Optional, List) Handling method for high-risk requests. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.
+* `medium_risk_min_score` - (Optional, Int) Specifies the minimum value to determine a request as medium-risk. value range: 1-99. the larger the value, the higher the request risk, resembling requests initiated by a Bot client. default value: 15, corresponding to medium-risk for values 16-50.
+* `medium_risk_request_action` - (Optional, List) Handling method for medium-risk requests. SecurityAction Name parameter supports: Deny: block; Monitor: observe; Redirect: Redirect; Challenge: Challenge. default value is Monitor.
+
+The `exception_rules` object of `security_policy` supports the following:
+
+* `rules` - (Optional, List) Definition list of exception Rules. when using ModifySecurityPolicy to modify Web protection configuration: if the Rules parameter is not specified or the parameter length is zero: clear all exception rule configurations.if the ExceptionRules parameter value is not specified in SecurityPolicy: keep existing exception rule configurations without modification..
+
+The `frequent_scanning_protection` object of `managed_rules` supports the following:
+
+* `action_duration` - (Optional, String) This parameter specifies the duration of the handling Action set by the high frequency scan protection Action parameter. value range: 60 to 86400. measurement unit: seconds (s) only, for example 60s. this field is required when Enabled is on.
+* `action` - (Optional, List) The handling action for high-frequency scan protection. required when Enabled is on. valid values for SecurityAction Name: Deny: block and respond with an interception page; Monitor: observe without processing requests, log security events in logs; JSChallenge: respond with a JavaScript challenge page..
+* `block_threshold` - (Optional, Int) This parameter specifies the threshold for high-frequency scan protection, which is the intercept count of managed rules set to interception within the time range set by CountingPeriod. value range: 1 to 4294967294, for example 100. when exceeding this statistical value, subsequent requests will trigger the handling Action set by Action. required when Enabled is on.
+* `count_by` - (Optional, String) The match mode for request statistics. required when Enabled is on. valid values: http.request.xff_header_ip: client ip (priority match xff header);http.request.ip: client ip..
+* `counting_period` - (Optional, String) This parameter specifies the statistical time window for high-frequency scan protection, which is the time window for counting requests that hit managed rules configured as block. valid values: 5-1800. measurement unit: seconds (s) only, such as 5s. this field is required when Enabled is on.
+* `enabled` - (Optional, String) Whether the high-frequency scan protection rule is enabled. valid values: on: enable. the high-frequency scan protection rule takes effect.off: disable. the high-frequency scan protection rule does not take effect..
+
+The `high_rate_session_action` object of `session_rate_control` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `high_risk_bot_requests_action` object of `bot_ratings` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `high_risk_request_action` object of `device_profiles` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `http_ddos_protection` object of `security_policy` supports the following:
+
+* `adaptive_frequency_control` - (Optional, List) Specifies the specific configuration of adaptive frequency control.
+* `bandwidth_abuse_defense` - (Optional, List) Specifies the specific configuration for bandwidth abuse protection.
+* `client_filtering` - (Optional, List) Specifies the intelligent client filter configuration.
+* `slow_attack_defense` - (Optional, List) Specifies the configuration of slow attack protection.
+
+The `human_requests_action` object of `bot_ratings` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `invalid_attestation_action` object of `rules` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `ip_reputation_group` object of `ip_reputation` supports the following:
+
+* `base_action` - (Optional, List) Execution action of the IP intelligence library (formerly client profile analysis). SecurityAction Name parameter supports: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge..
+* `bot_management_action_overrides` - (Optional, List) The specific configuration of the IP intelligence library (originally client profile analysis), used to override the default configuration in BaseAction. among them, the Ids in BotManagementActionOverrides can be filled with: IPREP_WEB_AND_DDOS_ATTACKERS_LOW: network attack - general confidence; IPREP_WEB_AND_DDOS_ATTACKERS_MID: network attack - medium confidence; IPREP_WEB_AND_DDOS_ATTACKERS_HIGH: network attack - HIGH confidence; IPREP_PROXIES_AND_ANONYMIZERS_LOW: network proxy - general confidence; IPREP_PROXIES_AND_ANONYMIZERS_MID: network proxy - medium confidence; IPREP_PROXIES_AND_ANONYMIZERS_HIGH: network proxy - HIGH confidence; IPREP_SCANNING_TOOLS_LOW: scanner - general confidence; IPREP_SCANNING_TOOLS_MID: scanner - medium confidence; IPREP_SCANNING_TOOLS_HIGH: scanner - HIGH confidence; IPREP_ATO_ATTACKERS_LOW: account takeover attack - general confidence; IPREP_ATO_ATTACKERS_MID: account takeover attack - medium confidence; IPREP_ATO_ATTACKERS_HIGH: account takeover attack - HIGH confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_LOW: malicious BOT - general confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_MID: malicious BOT - medium confidence; IPREP_WEB_SCRAPERS_AND_TRAFFIC_BOTS_HIGH: malicious BOT - HIGH confidence..
+
+The `ip_reputation` object of `basic_bot_settings` supports the following:
+
+* `enabled` - (Optional, String) IP intelligence library (formerly client profile analysis). valid values: on: enable; off: disable..
+* `ip_reputation_group` - (Optional, List) IP intelligence library (formerly client profile analysis) configuration content.
+
+The `known_bot_categories` object of `basic_bot_settings` supports the following:
+
+* `base_action` - (Optional, List) Handling method for access requests from known commercial tools or open-source tools. specifies the Name parameter value of SecurityAction: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..
+* `bot_management_action_overrides` - (Optional, List) Specifies the handling method for access requests from known commercial tools or open-source tools.
+
+The `likely_bot_requests_action` object of `bot_ratings` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `low_rate_session_action` object of `session_rate_control` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `managed_rule_groups` object of `managed_rules` supports the following:
+
+* `action` - (Required, List) Action for ManagedRuleGroup. the Name parameter value of SecurityAction supports: `Deny`: block and respond with a block page; `Monitor`: observe, do not process requests and record security events in logs; `Disabled`: not enabled, do not scan requests and skip this rule..
+* `group_id` - (Required, String) Name of the managed rule group, if the configuration for the rule group is not specified, it will be processed by default, refer to product documentation for the specific value of GroupId.
+* `sensitivity_level` - (Required, String) Protection level of the managed rule group. Values: `loose`: lenient, only contain ultra-high risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `normal`: normal, contain ultra-high risk and high-risk rules, at this point,Action parameter needs configured instead of RuleActions parameter; `strict`: strict, contains ultra-high risk, high-risk and medium-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `extreme`: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `custom`: custom, refined strategy, configure the RuleActions parameter for each individual rule, at this point, the Action field is invalid, use RuleActions to configure the refined strategy for each individual rule..
+* `rule_actions` - (Optional, List) Specific configuration of rule items under the managed rule group, valid only when SensitivityLevel is custom.
+
+The `managed_rules` object of `security_policy` supports the following:
+
+* `detection_only` - (Required, String) Evaluation mode is enabled or not, it is valid only when the `Enabled` parameter is set to `on`. Values: `on`: enabled, all managed rules take effect in `observe` mode. off: disabled, all managed rules take effect according to the specified configuration..
+* `enabled` - (Required, String) The managed rule status. Values: `on`: enabled, all managed rules take effect as configured; `off`: disabled, all managed rules do not take effect..
+* `auto_update` - (Optional, List) Managed rule automatic update option.
+* `frequent_scanning_protection` - (Optional, List) High-Frequency scan protection configuration option. when a visitor's frequent requests hit the managed rule configured as block within a period of time, all requests from that visitor are blocked.
+* `managed_rule_groups` - (Optional, List) Configuration of the managed rule group. If this structure is passed as an empty array or the GroupId is not included in the array, it will be processed based by default.
+* `semantic_analysis` - (Optional, String) Managed rule semantic analysis is enabled or not, it is valid only when the `Enabled` parameter is `on`. Values: `on`: enabled, perform semantic analysis before processing requests; `off`: disabled, process requests directly without semantic analysis.
The default value is `off`.
+
+The `max_new_session_trigger_config` object of `bot_session_validation` supports the following:
+
+* `max_new_session_count_interval` - (Optional, String) Time window for trigger threshold statistics. valid values: 5s: within 5 seconds;10s: within 10 seconds;15s: within 15 seconds;30s: within 30 seconds;60s: within 60 seconds;5m: within 5 minutes;10m: within 10 minutes;30m: within 30 minutes;60m: within 60 minutes..
+* `max_new_session_count_threshold` - (Optional, Int) Trigger threshold cumulative count. value range: 1-100000000.
+
+The `medium_risk_request_action` object of `device_profiles` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `meta_data` object of `managed_rule_groups` supports the following:
+
+
+The `mid_rate_session_action` object of `session_rate_control` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `minimal_request_body_transfer_rate` object of `slow_attack_defense` supports the following:
+
+* `counting_period` - (Required, String) Minimum body transfer rate statistical time range, valid values: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds..
+* `enabled` - (Required, String) Specifies whether the minimum body transfer rate threshold is enabled. valid values: on: enable; off: disable..
+* `minimal_avg_transfer_rate_threshold` - (Required, String) Minimum body transfer rate threshold, the measurement unit is only supported in bps.
+
+The `rate_limiting_rules` object of `security_policy` supports the following:
+
+* `rules` - (Optional, List) Definition list of precise rate limiting. when using ModifySecurityPolicy to modify the Web protection configuration:
if the Rules parameter is not specified or its length is zero: clear all precision rate limiting configurations. if the RateLimitingRules parameter value is unspecified in the SecurityPolicy parameter: retain the existing custom rule configuration without modification..
+
+The `redirect_action_parameters` object of `action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `base_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `bot_client_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `human_requests_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `security_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `session_expired_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `session_invalid_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `redirect_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `url` - (Required, String) Redirect URL.
+
+The `request_body_transfer_timeout` object of `slow_attack_defense` supports the following:
+
+* `enabled` - (Required, String) Whether body transfer timeout is enabled. valid values: `on`: enable `off`: disable.
+* `idle_timeout` - (Required, String) Body transfer timeout duration. valid values: 5-120. measurement unit: seconds (s) only.
+
+The `request_fields_for_exception` object of `rules` supports the following:
+
+* `condition` - (Required, String) Skip specific field expression must comply with expression grammar.
+Condition supports expression configuration syntax: write according to the matching conditional expression syntax of rules, with support for referencing key and value. supports in, like operators, and logical combination with and..
+For example: ${key} in ['x-trace-id']: the parameter name equals x-trace-id. ${key} in ['x-trace-id'] and ${value} like ['Bearer *']: the parameter name equals x-trace-id and the parameter value wildcard matches Bearer *..
+* `scope` - (Required, String) Skip specific field. supported values:.
+body.json: parameter content in json requests. at this point, Condition supports key and value, TargetField supports key and value, for example { "Scope": "body.json", "Condition": "", "TargetField": "key" }, which means all parameters in json requests skip WAF scan..
+cookie: cookie; at this point Condition supports key, value, TargetField supports key, value, for example { "Scope": "cookie", "Condition": "${key} in ['account-id'] and ${value} like ['prefix-*']", "TargetField": "value" }, which means the cookie parameter name equals account-id and the parameter value wildcard matches prefix-* to skip WAF scan;.
+header: HTTP header parameters. at this point, Condition supports key and value, TargetField supports key and value, for example { "Scope": "header", "Condition": "${key} like ['x-auth-*']", "TargetField": "value" }, which means header parameter name wildcard match x-auth-* skips WAF scan..
+uri.query: URL encoding content/query parameter. at this point, Condition supports key and value, TargetField supports key and value. example: { "Scope": "uri.query", "Condition": "${key} in ['action'] and ${value} in ['upload', 'delete']", "TargetField": "value" }. indicates URL encoding content/query parameter name equal to action and parameter value equal to upload or delete skips WAF scan..
+uri: specifies the request path uri. at this point, Condition must be empty. TargetField supports query, path, fullpath, such as {"Scope": "uri", "Condition": "", "TargetField": "query"}, indicates the request path uri skips WAF scan for query parameters..
+body: request body content. at this point Condition must be empty, TargetField supports fullbody, multipart, such as { "Scope": "body", "Condition": "", "TargetField": "fullbody" }, which means the request body content skips WAF scan as a full request..
+* `target_field` - (Required, String) The Scope parameter takes different values. the TargetField expression supports the following values:.
+ body.json: supports key, value..
+cookie: supports key and value..
+header: supports key, value.
+ uri.query: supports key and value.
+uri. specifies path, query, or fullpath..
+Body: supports fullbody and multipart..
+
+The `return_custom_page_action_parameters` object of `action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `base_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `bot_client_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `challenge_not_finished_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `challenge_timeout_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `high_rate_session_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `high_risk_bot_requests_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `high_risk_request_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `human_requests_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `invalid_attestation_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `likely_bot_requests_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `low_rate_session_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `medium_risk_request_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `mid_rate_session_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `security_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `session_expired_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `session_invalid_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `return_custom_page_action_parameters` object of `verified_bot_requests_action` supports the following:
+
+* `error_page_id` - (Required, String) Response custom page ID.
+* `response_code` - (Required, String) Response custom status code.
+
+The `rule_actions` object of `managed_rule_groups` supports the following:
+
+* `action` - (Required, List) Action for the managed rule item specified by RuleId, the SecurityAction Name parameter supports: `Deny`: block and respond with an block page; `Monitor`: observe, do not process the request and record the security event in logs; `Disabled`: disabled, do not scan the request and skip this rule..
+* `rule_id` - (Required, String) Specific items under ManagedRuleGroup, used to rewrite the configuration of this individual rule item, refer to product documentation for details.
+
+The `rule_details` object of `meta_data` supports the following:
+
+
+The `rules` object of `browser_impersonation_detection` supports the following:
+
+* `action` - (Optional, List) Describes the handling method for browser spoofing identification rules, including Cookie verification, session tracking configuration, and client behavior validation configuration.
+* `condition` - (Optional, String) Specifies the specific content of browser spoofing identification rules, which only support configuration of request Method (Method), request Path (Path), and request URL, and must comply with expression grammar. for detailed specifications, please refer to the product document.
+* `enabled` - (Optional, String) Whether browser spoofing detection is enabled. valid values: on: enabled;off: disabled..
+* `id` - (Optional, String) Browser spoofing identification rule ID. rule ID supports different rule configuration operations: add a new rule: ID is empty or without specifying the ID parameter; modify an existing rule: specify the rule ID that needs to be updated/modified; delete an existing rule: existing Rules not included in the Rules list of the BrowserImpersonationDetection parameter will be deleted..
+* `name` - (Optional, String) Specifies the name of the browser spoofing identification rule.
+
+The `rules` object of `client_attestation_rules` supports the following:
+
+* `attester_id` - (Optional, String) Specifies the client authentication option ID.
+* `condition` - (Optional, String) The rule content must comply with expression grammar. for details, see the product document.
+* `device_profiles` - (Optional, List) Client device configuration. if the DeviceProfiles parameter value is not specified in the ClientAttestationRules parameter, keep the existing client device configuration and do not modify it.
+* `enabled` - (Optional, String) Whether the rule is enabled. valid values: `on`: enable `off`: disable.
+* `id` - (Optional, String) Client authentication rule ID. supported rule configuration operations by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing rules not included in the ClientAttestationRule list under BotManagement parameters will be deleted..
+* `invalid_attestation_action` - (Optional, List) Handling method for failed client authentication. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.
+* `name` - (Optional, String) Specifies the name of the client authentication rule.
+* `priority` - (Optional, Int) Priority of rules. a smaller value indicates higher priority execution. value range: 0-100. default value: 0.
+
+The `rules` object of `custom_rules` supports the following:
+
+* `action` - (Optional, List) The handling method for Bot custom rules. valid values: Monitor: observation;Deny: block, where DenyActionParameters.Name supports Deny and ReturnCustomPage;Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge;Redirect: Redirect to URL..
+* `condition` - (Optional, String) Specifies the specific content of the Bot custom rule, which must comply with expression grammar. for detailed specifications, refer to the product document.
+* `enabled` - (Optional, String) Whether the custom Bot rule is enabled. valid values: on: enabled;off: disabled..
+* `id` - (Optional, String) The ID of a Bot custom rule. different rule configuration operations are supported by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the BotManagementCustomRules parameter will be deleted..
+* `name` - (Optional, String) Specifies the name of the Bot custom rule.
+* `priority` - (Optional, Int) Priority of custom Bot rules. value range: 1-100. default value is 50.
+
+The `rules` object of `custom_rules` supports the following:
+
+* `action` - (Required, List) Action for custom rules. The Name parameter of SecurityAction supports: `Deny`: block; `Monitor`: observe; `ReturnCustomPage`: block with customized page; `Redirect`: Redirect to URL; `BlockIP`: IP blocking; `JSChallenge`: JavaScript challenge; `ManagedChallenge`: managed challenge; `Allow`: Allow..
+* `condition` - (Required, String) The specifics of the custom rule, must comply with the expression grammar, please refer to product documentation for details.
+* `enabled` - (Required, String) The custom rule status. Values: `on`: enabled `off`: disabled.
+* `name` - (Required, String) The custom rule name.
+* `id` - (Optional, String) Custom rule ID.
Different rule configuration operations are supported by rule ID:
Add a new rule: ID is empty or the ID parameter is not specified;
Modify an existing rule: specify the rule ID that needs to be updated/modified;
Delete an existing rule: existing rules not included in the Rules parameter will be deleted.
+* `priority` - (Optional, Int) Customize the priority of custom rule. Range: 0-100, the default value is 0, this parameter only supports PreciseMatchRule.
+
+The `rules` object of `exception_rules` supports the following:
+
+* `condition` - (Optional, String) Describes the specific content of the exception rule, which must comply with the expression grammar. for details, please refer to the product document.
+* `enabled` - (Optional, String) Whether the exception rule is enabled. valid values: `on`: enable `off`: disable.
+* `id` - (Optional, String) The ID of the exception rule. different rule configuration operations are supported by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the ExceptionRules parameter will be deleted..
+* `managed_rule_groups_for_exception` - (Optional, Set) A managed rule group with designated exception rules is valid only when SkipScope is ManagedRules, and at this point you cannot specify ManagedRulesForException.
+* `managed_rules_for_exception` - (Optional, Set) Specifies the managed rule for the exception rule. valid only when SkipScope is ManagedRules. cannot specify ManagedRuleGroupsForException at this time.
+* `name` - (Optional, String) The name of the exception rule.
+* `request_fields_for_exception` - (Optional, List) Specify exception rules to skip request fields. valid only when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
+* `skip_option` - (Optional, String) Skip the specific type of request. valid values: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. valid only when SkipScope is ManagedRules.
+* `skip_scope` - (Optional, String) Exception rule execution options, valid values: WebSecurityModules: designate the security protection module for the exception rule. ManagedRules: designate the managed rule..
+* `web_security_modules_for_exception` - (Optional, Set) Specifies the security protection module for exception rules. valid only when SkipScope is WebSecurityModules. valid values: websec-mod-managed-rules: managed rule.websec-mod-rate-limiting: rate limit.websec-mod-custom-rules: custom rule.websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection.websec-mod-bot: bot management..
+
+The `rules` object of `rate_limiting_rules` supports the following:
+
+* `action_duration` - (Optional, String) The duration of an Action is only supported in the following units: s: seconds, value range 1-120; m: minutes, value range 1-120; h: hours, value range 1-48; d: days, value range 1-30..
+* `action` - (Optional, List) Precision rate limiting handling methods. valid values: Monitor: Monitor; Deny: block, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL;.
+* `condition` - (Optional, String) The specific content of precise speed limit shall comply with the expression syntax. for detailed specifications, see the product documentation.
+* `count_by` - (Optional, Set) Rate threshold request feature match mode. this field is required when Enabled is on. when there are multiple conditions, composite multiple conditions will perform statistics count. the maximum number of conditions must not exceed 5. valid values: http.request.ip: client ip; http.request.xff_header_ip: client ip (priority match xff header); http.request.uri.path: request access path; http.request.cookies['session']: Cookie named session, where session can be replaced with your own specified parameter; http.request.headers['user-agent']: http header named user-agent, where user-agent can be replaced with your own specified parameter; http.request.ja3: request ja3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced with your own specified parameter..
+* `counting_period` - (Optional, String) Specifies the time window for statistics. valid values: 1s: 1 second;5s: 5 seconds;10s: 10 seconds;20s: 20 seconds;30s: 30 seconds;40s: 40 seconds;50s: 50 seconds;1m: 1 minute;2m: 2 minutes;5m: 5 minutes;10m: 10 minutes;1h: 1 hour..
+* `enabled` - (Optional, String) Whether the precise rate limiting rule is enabled. valid values: on: enabled; off: disabled..
+* `id` - (Optional, String) The ID of precise rate limiting. rule ID supports different rule configuration operations: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the RateLimitingRules parameter will be deleted..
+* `max_request_threshold` - (Optional, Int) Precision rate limiting specifies the cumulative number of interceptions within the time range. value ranges from 1 to 100000.
+* `name` - (Optional, String) Specifies the name of the precise rate limit.
+* `priority` - (Optional, Int) Precision rate limiting specifies the priority. value range is 0 to 100. default is 0.
+
+The `search_engine_bots` object of `basic_bot_settings` supports the following:
+
+* `base_action` - (Optional, List) Specifies the action for requests from search engine crawlers. valid values for SecurityAction Name: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..
+* `bot_management_action_overrides` - (Optional, List) Specifies the handling method for search engine crawler requests.
+
+The `security_action` object of `action` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `security_policy` object supports the following:
+
+* `bot_management` - (Optional, List) Bot management configuration.
+* `custom_rules` - (Optional, List) Custom rules. If the parameter is null or not filled, the configuration last set will be used by default.
+Note: This field may return null, indicating that no valid value can be obtained.
+* `exception_rules` - (Optional, List) Exception rule configuration.
+* `http_ddos_protection` - (Optional, List) HTTP DDOS protection configuration.
+* `managed_rules` - (Optional, List) Managed. If the parameter is null or not filled, the configuration last set will be used by default.
+Note: This field may return null, indicating that no valid value can be obtained.
+* `rate_limiting_rules` - (Optional, List) Configures the rate limiting rule.
+
+The `session_expired_action` object of `bot_session_validation` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `session_invalid_action` object of `bot_session_validation` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+The `session_rate_control` object of `bot_session_validation` supports the following:
+
+* `enabled` - (Optional, String) Specifies whether session rate and periodic feature verification are enabled. valid values: on: enableoff: disable.
+* `high_rate_session_action` - (Optional, List) Session rate and periodic feature verification high-risk execution actions. SecurityAction Name valid values: Deny: block, where Stall configuration is supported in DenyActionParameters; Monitor: observation; Allow: respond after wait, where MinDelayTime and MaxDelayTime configuration is required in AllowActionParameters..
+* `low_rate_session_action` - (Optional, List) Session rate and periodic feature verification low risk execution action. SecurityAction Name parameter supports: Deny: block, where DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..
+* `mid_rate_session_action` - (Optional, List) Session rate and periodic feature verification medium-risk execution action. SecurityAction Name parameter supports: Deny: block, where DenyActionParameters supports Stall configuration;Monitor: observe;Allow: respond after wait, where AllowActionParameters requires MinDelayTime and MaxDelayTime configuration..
+
+The `slow_attack_defense` object of `http_ddos_protection` supports the following:
+
+* `enabled` - (Required, String) Whether slow attack protection is enabled. valid values: on: enabled; off: disabled..
+* `action` - (Optional, List) Slow attack protection handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block;.
+* `minimal_request_body_transfer_rate` - (Optional, List) The specific configuration of the minimum body transfer rate threshold is required when Enabled is on.
+* `request_body_transfer_timeout` - (Optional, List) Specifies the specific configuration of body transfer timeout duration. required when Enabled is on.
+
+The `source_idc` object of `basic_bot_settings` supports the following:
+
+* `base_action` - (Optional, List) Handling method for requests from the specified IDC. valid values for SecurityAction Name: Deny: block; Monitor: observe; Disabled: not enabled, disable specified rule; Challenge: Challenge, where ChallengeOption in ChallengeActionParameters supports JSChallenge and ManagedChallenge; Allow: pass (to be deprecated)..
+* `bot_management_action_overrides` - (Optional, List) Specifies the handling method for the specified id request.
+
+The `verified_bot_requests_action` object of `bot_ratings` supports the following:
+
+* `name` - (Required, String) Specifies the specific actions for safe execution. valid values:.
+Deny. specifies to block requests from accessing site resources..
+Monitor: observation, only record logs..
+Redirect: Redirect to URL..
+Disabled: specifies that the rule is not enabled..
+Allow: specifies whether to allow access with delayed processing of requests..
+Challenge: specifies the challenge content to respond to..
+Trans: pass and allow requests to directly access site resources..
+BlockIP: to be deprecated. ip block..
+ReturnCustomPage: to be deprecated. use specified page for interception..
+JSChallenge: to be deprecated, JavaScript challenge;.
+ManagedChallenge: to be deprecated. managed challenge..
+* `allow_action_parameters` - (Optional, List) Additional parameters when Name is Allow.
+* `block_ip_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is BlockIP.
+* `challenge_action_parameters` - (Optional, List) Additional parameter when Name is Challenge.
+* `deny_action_parameters` - (Optional, List) Additional parameters when Name is Deny.
+* `redirect_action_parameters` - (Optional, List) Additional parameter when Name is Redirect.
+* `return_custom_page_action_parameters` - (Optional, List) To be deprecated, additional parameter when Name is ReturnCustomPage.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+* `template_id` - Template ID.
+
+
+## Import
+
+TEO web security template can be imported using the zoneId#templateId, e.g.
+
+```
+terraform import tencentcloud_teo_web_security_template.example zone-3fkff38fyw8s#temp-p3p973nu
+```
+
diff --git a/website/tencentcloud.erb b/website/tencentcloud.erb
index 824d7285ac..671357ed05 100644
--- a/website/tencentcloud.erb
+++ b/website/tencentcloud.erb
@@ -5413,6 +5413,9 @@
tencentcloud_teo_rule_engine_settings
+
+ tencentcloud_teo_web_security_templates
+
tencentcloud_teo_zone_available_plans
@@ -5499,6 +5502,9 @@
tencentcloud_teo_security_policy_config
+
+ tencentcloud_teo_web_security_template
+
tencentcloud_teo_zone
From fdac6edc292cf1a0f6d7766679c04d924b18695e Mon Sep 17 00:00:00 2001
From: SevenEarth <391613297@qq.com>
Date: Wed, 12 Nov 2025 19:58:17 +0800
Subject: [PATCH 2/2] add
---
.changelog/3594.txt | 7 +++++++
1 file changed, 7 insertions(+)
create mode 100644 .changelog/3594.txt
diff --git a/.changelog/3594.txt b/.changelog/3594.txt
new file mode 100644
index 0000000000..0571f8f972
--- /dev/null
+++ b/.changelog/3594.txt
@@ -0,0 +1,7 @@
+```release-note:new-data-source
+tencentcloud_teo_web_security_templates
+```
+
+```release-note:new-resource
+tencentcloud_teo_web_security_template
+```
\ No newline at end of file