Skip to content

Commit

Permalink
CDI-467: add the Basic WAF option support (#58)
Browse files Browse the repository at this point in the history 
* CDI-467: add the WAF option to CDN resource
* CDI-467: add the WAF option to the CDN Rule docs
  • Loading branch information
@andrei-lukyanchyk
andrei-lukyanchyk authored Jan 11, 2024
1 parent 2d4ba18 commit 2b766de
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 0 deletions.
13 changes: 13 additions & 0 deletions docs/resources/cdn_resource.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,7 @@ Optional:
- `use_default_le_chain` (Block List, Max: 1) The option allows choosing a Let's Encrypt certificate chain. The specified chain will be used during the next Let's Encrypt certificate issue or renewal. (see [below for nested schema](#nestedblock--options--use_default_le_chain))
- `use_rsa_le_cert` (Block List, Max: 1) The option allows choosing the RSA Let's Encrypt certificate type for the resource. (see [below for nested schema](#nestedblock--options--use_rsa_le_cert))
- `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl))
- `waf` (Block List, Max: 1) The Basic WAF option protects you against the most common threats. (see [below for nested schema](#nestedblock--options--waf))
- `webp` (Block List, Max: 1) Legacy option. Use the image_stack option instead. (see [below for nested schema](#nestedblock--options--webp))
- `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets))

Expand Down Expand Up @@ -667,6 +668,18 @@ Optional:
- `enabled` (Boolean)


<a id="nestedblock--options--waf"></a>
### Nested Schema for `options.waf`

Required:

- `value` (Boolean)

Optional:

- `enabled` (Boolean)


<a id="nestedblock--options--webp"></a>
### Nested Schema for `options.webp`

Expand Down
14 changes: 14 additions & 0 deletions docs/resources/cdn_rule.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,7 @@ Optional:
- `use_default_le_chain` (Block List, Max: 1) The option allows choosing a Let's Encrypt certificate chain. The specified chain will be used during the next Let's Encrypt certificate issue or renewal. (see [below for nested schema](#nestedblock--options--use_default_le_chain))
- `use_rsa_le_cert` (Block List, Max: 1) The option allows choosing the RSA Let's Encrypt certificate type for the resource. (see [below for nested schema](#nestedblock--options--use_rsa_le_cert))
- `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl))
- `waf` (Block List, Max: 1) The Basic WAF option protects you against the most common threats. (see [below for nested schema](#nestedblock--options--waf))
- `webp` (Block List, Max: 1) Legacy option. Use the image_stack option instead. (see [below for nested schema](#nestedblock--options--webp))
- `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets))

Expand Down Expand Up @@ -705,6 +706,19 @@ Optional:
- `enabled` (Boolean)


<a id="nestedblock--options--waf"></a>
### Nested Schema for `options.waf`

Required:

- `value` (Boolean)

Optional:

- `enabled` (Boolean)



<a id="nestedblock--options--webp"></a>
### Nested Schema for `options.webp`

Expand Down
29 changes: 29 additions & 0 deletions gcore/resource_gcore_cdn_resource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -977,6 +977,25 @@ var (
},
},
},
"waf": {
Type: schema.TypeList,
MaxItems: 1,
Optional: true,
Description: "Option allows to enable Basic WAF to protect you against the most common threats.",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enabled": {
Type: schema.TypeBool,
Optional: true,
Default: true,
},
"value": {
Type: schema.TypeBool,
Required: true,
},
},
},
},
"webp": { // deprecated in favor of image_stack
Type: schema.TypeList,
MaxItems: 1,
Expand Down Expand Up @@ -1568,6 +1587,12 @@ func listToOptions(l []interface{}) *gcdn.Options {
Value: opt["value"].(bool),
}
}
if opt, ok := getOptByName(fields, "waf"); ok {
opts.WAF = &gcdn.WAF{
Enabled: opt["enabled"].(bool),
Value: opt["value"].(bool),
}
}
if opt, ok := getOptByName(fields, "webp"); ok {
opts.Webp = &gcdn.Webp{
Enabled: opt["enabled"].(bool),
Expand Down Expand Up @@ -1779,6 +1804,10 @@ func optionsToList(options *gcdn.Options) []interface{} {
m := structToMap(options.UseRSALECert)
result["use_rsa_le_cert"] = []interface{}{m}
}
if options.WAF != nil {
m := structToMap(options.WAF)
result["waf"] = []interface{}{m}
}
if options.Webp != nil {
m := structToMap(options.Webp)
result["webp"] = []interface{}{m}
Expand Down

0 comments on commit 2b766de

Please sign in to comment.