tencentcloud 1.81.183, Apr 16 25

tencentcloud 1.81.183 published on Wednesday, Apr 16, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

tencentcloud.TeoSecurityPolicyConfig

Explore with Pulumi AI

tencentcloud 1.81.183 published on Wednesday, Apr 16, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

Example Usage

If entity is ZoneDefaultPolicy

import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";

const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
    entity: "ZoneDefaultPolicy",
    securityPolicy: {
        customRules: {
            rules: [
                {
                    action: {
                        blockIpActionParameters: {
                            duration: "120s",
                        },
                        name: "BlockIP",
                    },
                    condition: "${http.request.host} contain ['abc']",
                    enabled: "on",
                    name: "rule1",
                    priority: 50,
                    ruleType: "PreciseMatchRule",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    condition: "${http.request.ip} in ['119.28.103.58']",
                    enabled: "off",
                    id: "2182252647",
                    name: "rule2",
                    ruleType: "BasicAccessRule",
                },
            ],
        },
        managedRules: {
            autoUpdate: {
                autoUpdateToLatestVersion: "off",
            },
            detectionOnly: "off",
            enabled: "on",
            managedRuleGroups: [
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-webshell-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xxe-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-non-compliant-protocol-usages",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-file-upload-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-command-and-code-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ldap-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssrf-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xss-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-vulnerability-scanners",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-cms-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-other-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-sql-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-file-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-oa-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssti-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-shiro-vulnerabilities",
                    sensitivityLevel: "strict",
                },
            ],
            semanticAnalysis: "off",
        },
    },
    zoneId: "zone-37u62pwxfo8s",
});

import pulumi
import pulumi_tencentcloud as tencentcloud

example = tencentcloud.TeoSecurityPolicyConfig("example",
    entity="ZoneDefaultPolicy",
    security_policy={
        "custom_rules": {
            "rules": [
                {
                    "action": {
                        "block_ip_action_parameters": {
                            "duration": "120s",
                        },
                        "name": "BlockIP",
                    },
                    "condition": "${http.request.host} contain ['abc']",
                    "enabled": "on",
                    "name": "rule1",
                    "priority": 50,
                    "rule_type": "PreciseMatchRule",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "condition": "${http.request.ip} in ['119.28.103.58']",
                    "enabled": "off",
                    "id": "2182252647",
                    "name": "rule2",
                    "rule_type": "BasicAccessRule",
                },
            ],
        },
        "managed_rules": {
            "auto_update": {
                "auto_update_to_latest_version": "off",
            },
            "detection_only": "off",
            "enabled": "on",
            "managed_rule_groups": [
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-webshell-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xxe-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-non-compliant-protocol-usages",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-file-upload-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-command-and-code-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ldap-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssrf-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xss-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-vulnerability-scanners",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-cms-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-other-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-sql-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-file-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-oa-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssti-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-shiro-vulnerabilities",
                    "sensitivity_level": "strict",
                },
            ],
            "semantic_analysis": "off",
        },
    },
    zone_id="zone-37u62pwxfo8s")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
			Entity: pulumi.String("ZoneDefaultPolicy"),
			SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
				CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
					Rules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs{
									Duration: pulumi.String("120s"),
								},
								Name: pulumi.String("BlockIP"),
							},
							Condition: pulumi.String("${http.request.host} contain ['abc']"),
							Enabled:   pulumi.String("on"),
							Name:      pulumi.String("rule1"),
							Priority:  pulumi.Float64(50),
							RuleType:  pulumi.String("PreciseMatchRule"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								Name: pulumi.String("Deny"),
							},
							Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
							Enabled:   pulumi.String("off"),
							Id:        pulumi.String("2182252647"),
							Name:      pulumi.String("rule2"),
							RuleType:  pulumi.String("BasicAccessRule"),
						},
					},
				},
				ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
					AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
						AutoUpdateToLatestVersion: pulumi.String("off"),
					},
					DetectionOnly: pulumi.String("off"),
					Enabled:       pulumi.String("on"),
					ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-webshell-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xxe-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-non-compliant-protocol-usages"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-file-upload-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-command-and-code-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ldap-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssrf-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xss-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-vulnerability-scanners"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-cms-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-other-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-sql-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-file-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-oa-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssti-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-shiro-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
					},
					SemanticAnalysis: pulumi.String("off"),
				},
			},
			ZoneId: pulumi.String("zone-37u62pwxfo8s"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;

return await Deployment.RunAsync(() => 
{
    var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
    {
        Entity = "ZoneDefaultPolicy",
        SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
        {
            CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
            {
                Rules = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs
                            {
                                Duration = "120s",
                            },
                            Name = "BlockIP",
                        },
                        Condition = "${http.request.host} contain ['abc']",
                        Enabled = "on",
                        Name = "rule1",
                        Priority = 50,
                        RuleType = "PreciseMatchRule",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            Name = "Deny",
                        },
                        Condition = "${http.request.ip} in ['119.28.103.58']",
                        Enabled = "off",
                        Id = "2182252647",
                        Name = "rule2",
                        RuleType = "BasicAccessRule",
                    },
                },
            },
            ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
            {
                AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
                {
                    AutoUpdateToLatestVersion = "off",
                },
                DetectionOnly = "off",
                Enabled = "on",
                ManagedRuleGroups = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-webshell-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xxe-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-non-compliant-protocol-usages",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-file-upload-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-command-and-code-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ldap-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssrf-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xss-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-vulnerability-scanners",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-cms-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-other-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-sql-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-file-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-oa-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssti-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-shiro-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                },
                SemanticAnalysis = "off",
            },
        },
        ZoneId = "zone-37u62pwxfo8s",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
            .entity("ZoneDefaultPolicy")
            .securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
                .customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
                    .rules(                    
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs.builder()
                                    .duration("120s")
                                    .build())
                                .name("BlockIP")
                                .build())
                            .condition("${http.request.host} contain ['abc']")
                            .enabled("on")
                            .name("rule1")
                            .priority(50)
                            .ruleType("PreciseMatchRule")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .name("Deny")
                                .build())
                            .condition("${http.request.ip} in ['119.28.103.58']")
                            .enabled("off")
                            .id("2182252647")
                            .name("rule2")
                            .ruleType("BasicAccessRule")
                            .build())
                    .build())
                .managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
                    .autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
                        .autoUpdateToLatestVersion("off")
                        .build())
                    .detectionOnly("off")
                    .enabled("on")
                    .managedRuleGroups(                    
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-webshell-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xxe-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-non-compliant-protocol-usages")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-file-upload-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-command-and-code-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ldap-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssrf-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xss-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-vulnerability-scanners")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-cms-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-other-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-sql-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-file-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-oa-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssti-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-shiro-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build())
                    .semanticAnalysis("off")
                    .build())
                .build())
            .zoneId("zone-37u62pwxfo8s")
            .build());

    }
}

resources:
  example:
    type: tencentcloud:TeoSecurityPolicyConfig
    properties:
      entity: ZoneDefaultPolicy
      securityPolicy:
        customRules:
          rules:
            - action:
                blockIpActionParameters:
                  duration: 120s
                name: BlockIP
              condition: $${http.request.host} contain ['abc']
              enabled: on
              name: rule1
              priority: 50
              ruleType: PreciseMatchRule
            - action:
                name: Deny
              condition: $${http.request.ip} in ['119.28.103.58']
              enabled: off
              id: '2182252647'
              name: rule2
              ruleType: BasicAccessRule
        managedRules:
          autoUpdate:
            autoUpdateToLatestVersion: off
          detectionOnly: off
          enabled: on
          managedRuleGroups:
            - action:
                name: Deny
              groupId: wafgroup-webshell-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xxe-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-non-compliant-protocol-usages
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-file-upload-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-command-and-code-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ldap-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssrf-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xss-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-vulnerability-scanners
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-cms-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-other-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-sql-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-file-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-oa-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssti-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-shiro-vulnerabilities
              sensitivityLevel: strict
          semanticAnalysis: off
      zoneId: zone-37u62pwxfo8s

If entity is Host

import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";

const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
    entity: "Host",
    host: "www.example.com",
    securityPolicy: {
        customRules: {
            rules: [
                {
                    action: {
                        blockIpActionParameters: {
                            duration: "120s",
                        },
                        name: "BlockIP",
                    },
                    condition: "${http.request.host} contain ['abc']",
                    enabled: "on",
                    name: "rule1",
                    priority: 50,
                    ruleType: "PreciseMatchRule",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    condition: "${http.request.ip} in ['119.28.103.58']",
                    enabled: "off",
                    id: "2182252647",
                    name: "rule2",
                    ruleType: "BasicAccessRule",
                },
            ],
        },
        managedRules: {
            autoUpdate: {
                autoUpdateToLatestVersion: "off",
            },
            detectionOnly: "off",
            enabled: "on",
            managedRuleGroups: [
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-webshell-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xxe-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-non-compliant-protocol-usages",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-file-upload-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-command-and-code-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ldap-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssrf-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xss-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-vulnerability-scanners",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-cms-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-other-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-sql-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-file-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-oa-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssti-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-shiro-vulnerabilities",
                    sensitivityLevel: "strict",
                },
            ],
            semanticAnalysis: "off",
        },
    },
    zoneId: "zone-37u62pwxfo8s",
});

import pulumi
import pulumi_tencentcloud as tencentcloud

example = tencentcloud.TeoSecurityPolicyConfig("example",
    entity="Host",
    host="www.example.com",
    security_policy={
        "custom_rules": {
            "rules": [
                {
                    "action": {
                        "block_ip_action_parameters": {
                            "duration": "120s",
                        },
                        "name": "BlockIP",
                    },
                    "condition": "${http.request.host} contain ['abc']",
                    "enabled": "on",
                    "name": "rule1",
                    "priority": 50,
                    "rule_type": "PreciseMatchRule",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "condition": "${http.request.ip} in ['119.28.103.58']",
                    "enabled": "off",
                    "id": "2182252647",
                    "name": "rule2",
                    "rule_type": "BasicAccessRule",
                },
            ],
        },
        "managed_rules": {
            "auto_update": {
                "auto_update_to_latest_version": "off",
            },
            "detection_only": "off",
            "enabled": "on",
            "managed_rule_groups": [
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-webshell-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xxe-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-non-compliant-protocol-usages",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-file-upload-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-command-and-code-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ldap-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssrf-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xss-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-vulnerability-scanners",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-cms-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-other-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-sql-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-file-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-oa-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssti-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-shiro-vulnerabilities",
                    "sensitivity_level": "strict",
                },
            ],
            "semantic_analysis": "off",
        },
    },
    zone_id="zone-37u62pwxfo8s")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
			Entity: pulumi.String("Host"),
			Host:   pulumi.String("www.example.com"),
			SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
				CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
					Rules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs{
									Duration: pulumi.String("120s"),
								},
								Name: pulumi.String("BlockIP"),
							},
							Condition: pulumi.String("${http.request.host} contain ['abc']"),
							Enabled:   pulumi.String("on"),
							Name:      pulumi.String("rule1"),
							Priority:  pulumi.Float64(50),
							RuleType:  pulumi.String("PreciseMatchRule"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								Name: pulumi.String("Deny"),
							},
							Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
							Enabled:   pulumi.String("off"),
							Id:        pulumi.String("2182252647"),
							Name:      pulumi.String("rule2"),
							RuleType:  pulumi.String("BasicAccessRule"),
						},
					},
				},
				ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
					AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
						AutoUpdateToLatestVersion: pulumi.String("off"),
					},
					DetectionOnly: pulumi.String("off"),
					Enabled:       pulumi.String("on"),
					ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-webshell-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xxe-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-non-compliant-protocol-usages"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-file-upload-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-command-and-code-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ldap-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssrf-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xss-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-vulnerability-scanners"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-cms-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-other-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-sql-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-file-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-oa-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssti-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-shiro-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
					},
					SemanticAnalysis: pulumi.String("off"),
				},
			},
			ZoneId: pulumi.String("zone-37u62pwxfo8s"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;

return await Deployment.RunAsync(() => 
{
    var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
    {
        Entity = "Host",
        Host = "www.example.com",
        SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
        {
            CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
            {
                Rules = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs
                            {
                                Duration = "120s",
                            },
                            Name = "BlockIP",
                        },
                        Condition = "${http.request.host} contain ['abc']",
                        Enabled = "on",
                        Name = "rule1",
                        Priority = 50,
                        RuleType = "PreciseMatchRule",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            Name = "Deny",
                        },
                        Condition = "${http.request.ip} in ['119.28.103.58']",
                        Enabled = "off",
                        Id = "2182252647",
                        Name = "rule2",
                        RuleType = "BasicAccessRule",
                    },
                },
            },
            ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
            {
                AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
                {
                    AutoUpdateToLatestVersion = "off",
                },
                DetectionOnly = "off",
                Enabled = "on",
                ManagedRuleGroups = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-webshell-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xxe-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-non-compliant-protocol-usages",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-file-upload-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-command-and-code-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ldap-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssrf-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xss-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-vulnerability-scanners",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-cms-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-other-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-sql-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-file-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-oa-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssti-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-shiro-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                },
                SemanticAnalysis = "off",
            },
        },
        ZoneId = "zone-37u62pwxfo8s",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
            .entity("Host")
            .host("www.example.com")
            .securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
                .customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
                    .rules(                    
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs.builder()
                                    .duration("120s")
                                    .build())
                                .name("BlockIP")
                                .build())
                            .condition("${http.request.host} contain ['abc']")
                            .enabled("on")
                            .name("rule1")
                            .priority(50)
                            .ruleType("PreciseMatchRule")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .name("Deny")
                                .build())
                            .condition("${http.request.ip} in ['119.28.103.58']")
                            .enabled("off")
                            .id("2182252647")
                            .name("rule2")
                            .ruleType("BasicAccessRule")
                            .build())
                    .build())
                .managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
                    .autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
                        .autoUpdateToLatestVersion("off")
                        .build())
                    .detectionOnly("off")
                    .enabled("on")
                    .managedRuleGroups(                    
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-webshell-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xxe-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-non-compliant-protocol-usages")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-file-upload-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-command-and-code-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ldap-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssrf-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xss-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-vulnerability-scanners")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-cms-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-other-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-sql-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-file-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-oa-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssti-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-shiro-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build())
                    .semanticAnalysis("off")
                    .build())
                .build())
            .zoneId("zone-37u62pwxfo8s")
            .build());

    }
}

resources:
  example:
    type: tencentcloud:TeoSecurityPolicyConfig
    properties:
      entity: Host
      host: www.example.com
      securityPolicy:
        customRules:
          rules:
            - action:
                blockIpActionParameters:
                  duration: 120s
                name: BlockIP
              condition: $${http.request.host} contain ['abc']
              enabled: on
              name: rule1
              priority: 50
              ruleType: PreciseMatchRule
            - action:
                name: Deny
              condition: $${http.request.ip} in ['119.28.103.58']
              enabled: off
              id: '2182252647'
              name: rule2
              ruleType: BasicAccessRule
        managedRules:
          autoUpdate:
            autoUpdateToLatestVersion: off
          detectionOnly: off
          enabled: on
          managedRuleGroups:
            - action:
                name: Deny
              groupId: wafgroup-webshell-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xxe-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-non-compliant-protocol-usages
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-file-upload-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-command-and-code-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ldap-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssrf-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xss-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-vulnerability-scanners
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-cms-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-other-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-sql-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-file-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-oa-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssti-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-shiro-vulnerabilities
              sensitivityLevel: strict
          semanticAnalysis: off
      zoneId: zone-37u62pwxfo8s

If entity is Template

import * as pulumi from "@pulumi/pulumi";
import * as tencentcloud from "@pulumi/tencentcloud";

const example = new tencentcloud.TeoSecurityPolicyConfig("example", {
    entity: "Template",
    securityPolicy: {
        customRules: {
            rules: [
                {
                    action: {
                        blockIpActionParameters: {
                            duration: "120s",
                        },
                        name: "BlockIP",
                    },
                    condition: "${http.request.host} contain ['abc']",
                    enabled: "on",
                    name: "rule1",
                    priority: 50,
                    ruleType: "PreciseMatchRule",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    condition: "${http.request.ip} in ['119.28.103.58']",
                    enabled: "off",
                    id: "2182252647",
                    name: "rule2",
                    ruleType: "BasicAccessRule",
                },
            ],
        },
        managedRules: {
            autoUpdate: {
                autoUpdateToLatestVersion: "off",
            },
            detectionOnly: "off",
            enabled: "on",
            managedRuleGroups: [
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-webshell-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xxe-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-non-compliant-protocol-usages",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-file-upload-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-command-and-code-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ldap-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssrf-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-xss-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-vulnerability-scanners",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-cms-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-other-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-sql-injections",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-unauthorized-file-accesses",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-oa-vulnerabilities",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-ssti-attacks",
                    sensitivityLevel: "strict",
                },
                {
                    action: {
                        name: "Deny",
                    },
                    groupId: "wafgroup-shiro-vulnerabilities",
                    sensitivityLevel: "strict",
                },
            ],
            semanticAnalysis: "off",
        },
    },
    templateId: "temp-05dtxkyw",
    zoneId: "zone-37u62pwxfo8s",
});

import pulumi
import pulumi_tencentcloud as tencentcloud

example = tencentcloud.TeoSecurityPolicyConfig("example",
    entity="Template",
    security_policy={
        "custom_rules": {
            "rules": [
                {
                    "action": {
                        "block_ip_action_parameters": {
                            "duration": "120s",
                        },
                        "name": "BlockIP",
                    },
                    "condition": "${http.request.host} contain ['abc']",
                    "enabled": "on",
                    "name": "rule1",
                    "priority": 50,
                    "rule_type": "PreciseMatchRule",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "condition": "${http.request.ip} in ['119.28.103.58']",
                    "enabled": "off",
                    "id": "2182252647",
                    "name": "rule2",
                    "rule_type": "BasicAccessRule",
                },
            ],
        },
        "managed_rules": {
            "auto_update": {
                "auto_update_to_latest_version": "off",
            },
            "detection_only": "off",
            "enabled": "on",
            "managed_rule_groups": [
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-webshell-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xxe-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-non-compliant-protocol-usages",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-file-upload-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-command-and-code-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ldap-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssrf-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-xss-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-vulnerability-scanners",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-cms-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-other-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-sql-injections",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-unauthorized-file-accesses",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-oa-vulnerabilities",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-ssti-attacks",
                    "sensitivity_level": "strict",
                },
                {
                    "action": {
                        "name": "Deny",
                    },
                    "group_id": "wafgroup-shiro-vulnerabilities",
                    "sensitivity_level": "strict",
                },
            ],
            "semantic_analysis": "off",
        },
    },
    template_id="temp-05dtxkyw",
    zone_id="zone-37u62pwxfo8s")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/tencentcloud/tencentcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tencentcloud.NewTeoSecurityPolicyConfig(ctx, "example", &tencentcloud.TeoSecurityPolicyConfigArgs{
			Entity: pulumi.String("Template"),
			SecurityPolicy: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyArgs{
				CustomRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs{
					Rules: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								BlockIpActionParameters: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs{
									Duration: pulumi.String("120s"),
								},
								Name: pulumi.String("BlockIP"),
							},
							Condition: pulumi.String("${http.request.host} contain ['abc']"),
							Enabled:   pulumi.String("on"),
							Name:      pulumi.String("rule1"),
							Priority:  pulumi.Float64(50),
							RuleType:  pulumi.String("PreciseMatchRule"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs{
								Name: pulumi.String("Deny"),
							},
							Condition: pulumi.String("${http.request.ip} in ['119.28.103.58']"),
							Enabled:   pulumi.String("off"),
							Id:        pulumi.String("2182252647"),
							Name:      pulumi.String("rule2"),
							RuleType:  pulumi.String("BasicAccessRule"),
						},
					},
				},
				ManagedRules: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs{
					AutoUpdate: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs{
						AutoUpdateToLatestVersion: pulumi.String("off"),
					},
					DetectionOnly: pulumi.String("off"),
					Enabled:       pulumi.String("on"),
					ManagedRuleGroups: tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArray{
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-webshell-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xxe-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-non-compliant-protocol-usages"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-file-upload-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-command-and-code-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ldap-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssrf-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-xss-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-vulnerability-scanners"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-cms-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-other-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-sql-injections"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-unauthorized-file-accesses"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-oa-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-ssti-attacks"),
							SensitivityLevel: pulumi.String("strict"),
						},
						&tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs{
							Action: &tencentcloud.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs{
								Name: pulumi.String("Deny"),
							},
							GroupId:          pulumi.String("wafgroup-shiro-vulnerabilities"),
							SensitivityLevel: pulumi.String("strict"),
						},
					},
					SemanticAnalysis: pulumi.String("off"),
				},
			},
			TemplateId: pulumi.String("temp-05dtxkyw"),
			ZoneId:     pulumi.String("zone-37u62pwxfo8s"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Tencentcloud = Pulumi.Tencentcloud;

return await Deployment.RunAsync(() => 
{
    var example = new Tencentcloud.TeoSecurityPolicyConfig("example", new()
    {
        Entity = "Template",
        SecurityPolicy = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyArgs
        {
            CustomRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs
            {
                Rules = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            BlockIpActionParameters = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs
                            {
                                Duration = "120s",
                            },
                            Name = "BlockIP",
                        },
                        Condition = "${http.request.host} contain ['abc']",
                        Enabled = "on",
                        Name = "rule1",
                        Priority = 50,
                        RuleType = "PreciseMatchRule",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs
                        {
                            Name = "Deny",
                        },
                        Condition = "${http.request.ip} in ['119.28.103.58']",
                        Enabled = "off",
                        Id = "2182252647",
                        Name = "rule2",
                        RuleType = "BasicAccessRule",
                    },
                },
            },
            ManagedRules = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs
            {
                AutoUpdate = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs
                {
                    AutoUpdateToLatestVersion = "off",
                },
                DetectionOnly = "off",
                Enabled = "on",
                ManagedRuleGroups = new[]
                {
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-webshell-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xxe-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-non-compliant-protocol-usages",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-file-upload-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-command-and-code-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ldap-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssrf-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-xss-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-vulnerability-scanners",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-cms-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-other-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-sql-injections",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-unauthorized-file-accesses",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-oa-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-ssti-attacks",
                        SensitivityLevel = "strict",
                    },
                    new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs
                    {
                        Action = new Tencentcloud.Inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs
                        {
                            Name = "Deny",
                        },
                        GroupId = "wafgroup-shiro-vulnerabilities",
                        SensitivityLevel = "strict",
                    },
                },
                SemanticAnalysis = "off",
            },
        },
        TemplateId = "temp-05dtxkyw",
        ZoneId = "zone-37u62pwxfo8s",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfig;
import com.pulumi.tencentcloud.TeoSecurityPolicyConfigArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs;
import com.pulumi.tencentcloud.inputs.TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new TeoSecurityPolicyConfig("example", TeoSecurityPolicyConfigArgs.builder()
            .entity("Template")
            .securityPolicy(TeoSecurityPolicyConfigSecurityPolicyArgs.builder()
                .customRules(TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs.builder()
                    .rules(                    
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .blockIpActionParameters(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs.builder()
                                    .duration("120s")
                                    .build())
                                .name("BlockIP")
                                .build())
                            .condition("${http.request.host} contain ['abc']")
                            .enabled("on")
                            .name("rule1")
                            .priority(50)
                            .ruleType("PreciseMatchRule")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs.builder()
                                .name("Deny")
                                .build())
                            .condition("${http.request.ip} in ['119.28.103.58']")
                            .enabled("off")
                            .id("2182252647")
                            .name("rule2")
                            .ruleType("BasicAccessRule")
                            .build())
                    .build())
                .managedRules(TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs.builder()
                    .autoUpdate(TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs.builder()
                        .autoUpdateToLatestVersion("off")
                        .build())
                    .detectionOnly("off")
                    .enabled("on")
                    .managedRuleGroups(                    
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-webshell-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xxe-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-non-compliant-protocol-usages")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-file-upload-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-command-and-code-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ldap-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssrf-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-xss-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-vulnerability-scanners")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-cms-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-other-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-sql-injections")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-unauthorized-file-accesses")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-oa-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-ssti-attacks")
                            .sensitivityLevel("strict")
                            .build(),
                        TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs.builder()
                            .action(TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs.builder()
                                .name("Deny")
                                .build())
                            .groupId("wafgroup-shiro-vulnerabilities")
                            .sensitivityLevel("strict")
                            .build())
                    .semanticAnalysis("off")
                    .build())
                .build())
            .templateId("temp-05dtxkyw")
            .zoneId("zone-37u62pwxfo8s")
            .build());

    }
}

resources:
  example:
    type: tencentcloud:TeoSecurityPolicyConfig
    properties:
      entity: Template
      securityPolicy:
        customRules:
          rules:
            - action:
                blockIpActionParameters:
                  duration: 120s
                name: BlockIP
              condition: $${http.request.host} contain ['abc']
              enabled: on
              name: rule1
              priority: 50
              ruleType: PreciseMatchRule
            - action:
                name: Deny
              condition: $${http.request.ip} in ['119.28.103.58']
              enabled: off
              id: '2182252647'
              name: rule2
              ruleType: BasicAccessRule
        managedRules:
          autoUpdate:
            autoUpdateToLatestVersion: off
          detectionOnly: off
          enabled: on
          managedRuleGroups:
            - action:
                name: Deny
              groupId: wafgroup-webshell-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xxe-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-non-compliant-protocol-usages
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-file-upload-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-command-and-code-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ldap-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssrf-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-xss-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-vulnerability-scanners
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-cms-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-other-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-sql-injections
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-unauthorized-file-accesses
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-oa-vulnerabilities
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-ssti-attacks
              sensitivityLevel: strict
            - action:
                name: Deny
              groupId: wafgroup-shiro-vulnerabilities
              sensitivityLevel: strict
          semanticAnalysis: off
      templateId: temp-05dtxkyw
      zoneId: zone-37u62pwxfo8s

Create TeoSecurityPolicyConfig Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new TeoSecurityPolicyConfig(name: string, args: TeoSecurityPolicyConfigArgs, opts?: CustomResourceOptions);

@overload
def TeoSecurityPolicyConfig(resource_name: str,
                            args: TeoSecurityPolicyConfigArgs,
                            opts: Optional[ResourceOptions] = None)

@overload
def TeoSecurityPolicyConfig(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            zone_id: Optional[str] = None,
                            entity: Optional[str] = None,
                            host: Optional[str] = None,
                            security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
                            template_id: Optional[str] = None,
                            teo_security_policy_config_id: Optional[str] = None)

func NewTeoSecurityPolicyConfig(ctx *Context, name string, args TeoSecurityPolicyConfigArgs, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)

public TeoSecurityPolicyConfig(string name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions? opts = null)

public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args)
public TeoSecurityPolicyConfig(String name, TeoSecurityPolicyConfigArgs args, CustomResourceOptions options)

type: tencentcloud:TeoSecurityPolicyConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args TeoSecurityPolicyConfigArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args TeoSecurityPolicyConfigArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args TeoSecurityPolicyConfigArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args TeoSecurityPolicyConfigArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args TeoSecurityPolicyConfigArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

TeoSecurityPolicyConfig Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The TeoSecurityPolicyConfig resource accepts the following input properties:

ZoneId string: Zone ID.
Entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
Host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
SecurityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
TemplateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
TeoSecurityPolicyConfigId string: ID of the resource.

ZoneId string: Zone ID.
Entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
Host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
SecurityPolicy TeoSecurityPolicyConfigSecurityPolicyArgs: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
TemplateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
TeoSecurityPolicyConfigId string: ID of the resource.

zoneId String: Zone ID.
entity String: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host String: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId String: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId String: ID of the resource.

zoneId string: Zone ID.
entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId string: ID of the resource.

zone_id str: Zone ID.
entity str: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host str: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
security_policy TeoSecurityPolicyConfigSecurityPolicyArgs: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
template_id str: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teo_security_policy_config_id str: ID of the resource.

zoneId String: Zone ID.
entity String: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host String: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy Property Map: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId String: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId String: ID of the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the TeoSecurityPolicyConfig resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing TeoSecurityPolicyConfig Resource

Get an existing TeoSecurityPolicyConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: TeoSecurityPolicyConfigState, opts?: CustomResourceOptions): TeoSecurityPolicyConfig

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        entity: Optional[str] = None,
        host: Optional[str] = None,
        security_policy: Optional[TeoSecurityPolicyConfigSecurityPolicyArgs] = None,
        template_id: Optional[str] = None,
        teo_security_policy_config_id: Optional[str] = None,
        zone_id: Optional[str] = None) -> TeoSecurityPolicyConfig

func GetTeoSecurityPolicyConfig(ctx *Context, name string, id IDInput, state *TeoSecurityPolicyConfigState, opts ...ResourceOption) (*TeoSecurityPolicyConfig, error)

public static TeoSecurityPolicyConfig Get(string name, Input<string> id, TeoSecurityPolicyConfigState? state, CustomResourceOptions? opts = null)

public static TeoSecurityPolicyConfig get(String name, Output<String> id, TeoSecurityPolicyConfigState state, CustomResourceOptions options)

resources:  _:    type: tencentcloud:TeoSecurityPolicyConfig    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
Host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
SecurityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
TemplateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
TeoSecurityPolicyConfigId string: ID of the resource.
ZoneId string: Zone ID.

Entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
Host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
SecurityPolicy TeoSecurityPolicyConfigSecurityPolicyArgs: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
TemplateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
TeoSecurityPolicyConfigId string: ID of the resource.
ZoneId string: Zone ID.

entity String: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host String: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId String: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId String: ID of the resource.
zoneId String: Zone ID.

entity string: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host string: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy TeoSecurityPolicyConfigSecurityPolicy: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId string: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId string: ID of the resource.
zoneId string: Zone ID.

entity str: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host str: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
security_policy TeoSecurityPolicyConfigSecurityPolicyArgs: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
template_id str: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teo_security_policy_config_id str: ID of the resource.
zone_id str: Zone ID.

entity String: Security policy type. the following parameter values can be used: ZoneDefaultPolicy: used to specify a site-level policy; Template: used to specify a policy Template. you need to simultaneously specify the TemplateId parameter; Host: used to specify a domain-level policy (note: when using a domain name to specify a dns service policy, only dns services or policy templates that have applied a domain-level policy are supported)..
host String: Specifies the specified domain. when the Entity parameter value is Host, use the domain-level policy specified by this parameter. for example: use www.example.com to configure the domain-level policy of the domain.
securityPolicy Property Map: Security policy configuration. it is recommended to use for custom policies and managed rule configurations of Web protection. it supports configuring security policies with expression grammar.
templateId String: Specify the policy Template ID. use this parameter to specify the ID of the policy Template when the Entity parameter value is Template.
teoSecurityPolicyConfigId String: ID of the resource.
zoneId String: Zone ID.

Supporting Types

TeoSecurityPolicyConfigSecurityPolicy, TeoSecurityPolicyConfigSecurityPolicyArgs

CustomRules TeoSecurityPolicyConfigSecurityPolicyCustomRules: Custom rule configuration.
ManagedRules TeoSecurityPolicyConfigSecurityPolicyManagedRules: Managed rule configuration.

CustomRules TeoSecurityPolicyConfigSecurityPolicyCustomRules: Custom rule configuration.
ManagedRules TeoSecurityPolicyConfigSecurityPolicyManagedRules: Managed rule configuration.

customRules TeoSecurityPolicyConfigSecurityPolicyCustomRules: Custom rule configuration.
managedRules TeoSecurityPolicyConfigSecurityPolicyManagedRules: Managed rule configuration.

customRules TeoSecurityPolicyConfigSecurityPolicyCustomRules: Custom rule configuration.
managedRules TeoSecurityPolicyConfigSecurityPolicyManagedRules: Managed rule configuration.

custom_rules TeoSecurityPolicyConfigSecurityPolicyCustomRules: Custom rule configuration.
managed_rules TeoSecurityPolicyConfigSecurityPolicyManagedRules: Managed rule configuration.

customRules Property Map: Custom rule configuration.
managedRules Property Map: Managed rule configuration.

TeoSecurityPolicyConfigSecurityPolicyCustomRules, TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs

Rules List<TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule>: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

Rules []TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

rules List<TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule>: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

rules TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule[]: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

rules Sequence[TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule]: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

rules List<Property Map>: List of custom rule definitions. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the parameter value of CustomRules in the SecurityPolicy parameter is not specified: keep the existing custom rule configuration without modification.

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs

Action TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
Condition string: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
Enabled string: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
Name string: The name of the custom rule.
Id string: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
Priority double: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
RuleType string: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

Action TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
Condition string: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
Enabled string: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
Name string: The name of the custom rule.
Id string: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
Priority float64: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
RuleType string: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

action TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
condition String: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
enabled String: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
name String: The name of the custom rule.
id String: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
priority Double: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
ruleType String: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

action TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
condition string: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
enabled string: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
name string: The name of the custom rule.
id string: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
priority number: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
ruleType string: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

action TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
condition str: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
enabled str: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
name str: The name of the custom rule.
id str: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
priority float: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
rule_type str: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

action Property Map: Execution actions for custom rules. the Name parameter value of SecurityAction supports: Deny: block; Monitor: observe; ReturnCustomPage: block using a specified page; Redirect: Redirect to URL; BlockIP: IP blocking; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge; Allow: Allow..
condition String: The specific content of the custom rule must comply with the expression grammar. please refer to the product document for detailed specifications.
enabled String: Indicates whether the custom rule is enabled. valid values: on: enabled off: disabled.
name String: The name of the custom rule.
id String: The ID of a custom rule. the rule ID supports different rule configuration operations: - add a new rule: ID is empty or the ID parameter is not specified; - modify an existing rule: specify the rule ID that needs to be updated/modified; - delete an existing rule: existing Rules not included in the Rules list of the CustomRules parameter will be deleted.
priority Number: Customizes the priority of rules. value range: 0-100. it defaults to 0. only supports rule_type is PreciseMatchRule.
ruleType String: Type of custom rule. valid values: BasicAccessRule: basic access control; PreciseMatchRule: exact matching rule, default; ManagedAccessRule: expert customized rule, for output only. the default value is PreciseMatchRule.

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name string: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name str: Specific actions for safe execution. valid values:.
block_ip_action_parameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirect_action_parameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters: Additional parameter when Name is Redirect.
return_custom_page_action_parameters TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters Property Map: Additional parameter when Name is BlockIP.
redirectActionParameters Property Map: Additional parameter when Name is Redirect.
returnCustomPageActionParameters Property Map: Additional parameter when Name is ReturnCustomPage.

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration str: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParametersArgs

Url string: Redirect URL.

Url string: Redirect URL.

url String: Redirect URL.

url string: Redirect URL.

url str: Redirect URL.

url String: Redirect URL.

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParametersArgs

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

errorPageId string: Response custom page ID.
responseCode string: Response status code.

error_page_id str: Response custom page ID.
response_code str: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

TeoSecurityPolicyConfigSecurityPolicyManagedRules, TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs

DetectionOnly string: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
Enabled string: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
AutoUpdate TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate: Managed rule automatic update option.
ManagedRuleGroups List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup>: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
SemanticAnalysis string: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

DetectionOnly string: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
Enabled string: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
AutoUpdate TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate: Managed rule automatic update option.
ManagedRuleGroups []TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
SemanticAnalysis string: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

detectionOnly String: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
enabled String: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
autoUpdate TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate: Managed rule automatic update option.
managedRuleGroups List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup>: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
semanticAnalysis String: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

detectionOnly string: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
enabled string: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
autoUpdate TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate: Managed rule automatic update option.
managedRuleGroups TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup[]: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
semanticAnalysis string: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

detection_only str: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
enabled str: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
auto_update TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate: Managed rule automatic update option.
managed_rule_groups Sequence[TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup]: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
semantic_analysis str: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

detectionOnly String: Indicates whether the evaluation mode is Enabled. it is valid only when the Enabled parameter is set to on. valid values: on: Enabled. all managed rules take effect in observation mode. off: disabled. all managed rules take effect according to the actual configuration..
enabled String: Indicates whether the managed rule is enabled. valid values: on: enabled. all managed rules take effect as configured; off: disabled. all managed rules do not take effect..
autoUpdate Property Map: Managed rule automatic update option.
managedRuleGroups List<Property Map>: Configuration of the managed rule group. if this structure is passed as an empty array or the GroupId is not included in the list, it will be processed based on the default method.
semanticAnalysis String: Whether the managed rule semantic analysis option is Enabled is valid only when the Enabled parameter is on. valid values: on: enable. perform semantic analysis on requests before processing them; off: disable. process requests directly without semantic analysis. default off.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate, TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs

AutoUpdateToLatestVersion string: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
RulesetVersion string: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

AutoUpdateToLatestVersion string: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
RulesetVersion string: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

autoUpdateToLatestVersion String: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
rulesetVersion String: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

autoUpdateToLatestVersion string: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
rulesetVersion string: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

auto_update_to_latest_version str: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
ruleset_version str: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

autoUpdateToLatestVersion String: Indicates whether to enable automatic update to the latest version. valid values: on: enabled off: disabled.
rulesetVersion String: The currently used version, in the format compliant with ISO 8601 standard, such as 2023-12-21T12:00:32Z. it is empty by default and is only an output parameter.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs

Action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
GroupId string: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
SensitivityLevel string: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
MetaDatas List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData>: Managed rule group information, for output only.
RuleActions List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction>: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

Action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
GroupId string: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
SensitivityLevel string: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
MetaDatas []TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData: Managed rule group information, for output only.
RuleActions []TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
groupId String: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
sensitivityLevel String: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
metaDatas List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData>: Managed rule group information, for output only.
ruleActions List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction>: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
groupId string: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
sensitivityLevel string: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
metaDatas TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData[]: Managed rule group information, for output only.
ruleActions TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction[]: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
group_id str: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
sensitivity_level str: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
meta_datas Sequence[TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData]: Managed rule group information, for output only.
rule_actions Sequence[TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction]: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

action Property Map: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
groupId String: Group name of the managed rule. if the rule group for the configuration is not specified, it will be processed based on the default configuration. refer to product documentation for the specific value of GroupId.
sensitivityLevel String: Protection level of the managed rule group. valid values: loose: lenient, only contains ultra-high risk rules. at this point, configure Action, and RuleActions configuration is invalid; normal: normal, contains ultra-high risk and high-risk rules. at this point, configure Action, and RuleActions configuration is invalid; strict: strict, contains ultra-high risk, high-risk and medium-risk rules. at this point, configure Action, and RuleActions configuration is invalid; extreme: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules. at this point, configure Action, and RuleActions configuration is invalid; custom: custom, refined strategy. configure the disposal method for each individual rule. at this point, the Action field is invalid. use RuleActions to configure the refined strategy for each individual rule..
metaDatas List<Property Map>: Managed rule group information, for output only.
ruleActions List<Property Map>: Specific configuration of rule items under the managed rule group. the configuration is effective only when SensitivityLevel is custom.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name string: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name str: Specific actions for safe execution. valid values:.
block_ip_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirect_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters: Additional parameter when Name is Redirect.
return_custom_page_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters Property Map: Additional parameter when Name is BlockIP.
redirectActionParameters Property Map: Additional parameter when Name is Redirect.
returnCustomPageActionParameters Property Map: Additional parameter when Name is ReturnCustomPage.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParametersArgs

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration str: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParametersArgs

Url string: Redirect URL.

Url string: Redirect URL.

url String: Redirect URL.

url string: Redirect URL.

url str: Redirect URL.

url String: Redirect URL.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParametersArgs

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

errorPageId string: Response custom page ID.
responseCode string: Response status code.

error_page_id str: Response custom page ID.
response_code str: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataArgs

GroupDetail string
GroupName string
RuleDetails List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail>

GroupDetail string
GroupName string
RuleDetails []TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail

groupDetail String
groupName String
ruleDetails List<TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail>

groupDetail string
groupName string
ruleDetails TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail[]

group_detail str
group_name str
rule_details Sequence[TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail]

groupDetail String
groupName String
ruleDetails List<Property Map>

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetailArgs

Description string
RiskLevel string
RuleId string
RuleVersion string
Tags List<string>

Description string
RiskLevel string
RuleId string
RuleVersion string
Tags []string

description String
riskLevel String
ruleId String
ruleVersion String
tags List<String>

description string
riskLevel string
ruleId string
ruleVersion string
tags string[]

description str
risk_level str
rule_id str
rule_version str
tags Sequence[str]

description String
riskLevel String
ruleId String
ruleVersion String
tags List<String>

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionArgs

Action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
RuleId string: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

Action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
RuleId string: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
ruleId String: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
ruleId string: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

action TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
rule_id str: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

action Property Map: Specify the handling action for the managed rule item in RuleId. the Name parameter value of SecurityAction supports: Deny: block and respond with an interception page; Monitor: observe, do not process the request and record the security event in logs; Disabled: Disabled, do not scan the request and skip this rule..
ruleId String: Specific items under the managed rule group, which are used to rewrite the configuration content of this individual rule item. refer to product documentation for details.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionArgs

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

Name string: Specific actions for safe execution. valid values:.
BlockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
RedirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters: Additional parameter when Name is Redirect.
ReturnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name string: Specific actions for safe execution. valid values:.
blockIpActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirectActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters: Additional parameter when Name is Redirect.
returnCustomPageActionParameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name str: Specific actions for safe execution. valid values:.
block_ip_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters: Additional parameter when Name is BlockIP.
redirect_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters: Additional parameter when Name is Redirect.
return_custom_page_action_parameters TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters: Additional parameter when Name is ReturnCustomPage.

name String: Specific actions for safe execution. valid values:.
blockIpActionParameters Property Map: Additional parameter when Name is BlockIP.
redirectActionParameters Property Map: Additional parameter when Name is Redirect.
returnCustomPageActionParameters Property Map: Additional parameter when Name is ReturnCustomPage.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParametersArgs

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

Duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration string: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration str: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

duration String: Penalty duration for blocking ips. supported units: s: second, value range 1-120; m: minute, value range 1-120; h: hour, value range 1-48..

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParametersArgs

Url string: Redirect URL.

Url string: Redirect URL.

url String: Redirect URL.

url string: Redirect URL.

url str: Redirect URL.

url String: Redirect URL.

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParametersArgs

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

ErrorPageId string: Response custom page ID.
ResponseCode string: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

errorPageId string: Response custom page ID.
responseCode string: Response status code.

error_page_id str: Response custom page ID.
response_code str: Response status code.

errorPageId String: Response custom page ID.
responseCode String: Response status code.

Import

teo security policy can be imported using the id, e.g.

If entity is ZoneDefaultPolicy

$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#ZoneDefaultPolicy

If entity is Host

$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Host#www.example.com

If entity is Template

$ pulumi import tencentcloud:index/teoSecurityPolicyConfig:TeoSecurityPolicyConfig example zone-37u62pwxfo8s#Template#temp-05dtxkyw

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: tencentcloud tencentcloudstack/terraform-provider-tencentcloud
License
Notes: This Pulumi package is based on the tencentcloud Terraform Provider.

tencentcloud 1.81.183 published on Wednesday, Apr 16, 2025 by tencentcloudstack

tencentcloudstack/terraform-provider-tencentcloud

tencentcloud.TeoSecurityPolicyConfig

On this page

On this page

Example Usage

If entity is ZoneDefaultPolicy

If entity is Host

If entity is Template

Create TeoSecurityPolicyConfig Resource

Constructor syntax

Parameters

TeoSecurityPolicyConfig Resource Properties

Inputs

Outputs

Look up Existing TeoSecurityPolicyConfig Resource

Supporting Types

TeoSecurityPolicyConfigSecurityPolicy, TeoSecurityPolicyConfigSecurityPolicyArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRules, TeoSecurityPolicyConfigSecurityPolicyCustomRulesArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRule, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleAction, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionBlockIpActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionRedirectActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyCustomRulesRuleActionReturnCustomPageActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRules, TeoSecurityPolicyConfigSecurityPolicyManagedRulesArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdate, TeoSecurityPolicyConfigSecurityPolicyManagedRulesAutoUpdateArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroup, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionBlockIpActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionRedirectActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupActionReturnCustomPageActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaData, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetail, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupMetaDataRuleDetailArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionAction, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionBlockIpActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionRedirectActionParametersArgs

TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParameters, TeoSecurityPolicyConfigSecurityPolicyManagedRulesManagedRuleGroupRuleActionActionReturnCustomPageActionParametersArgs

Import

Package Details

On this page

On this page