diff --git a/docs/resources/cdn_resource.md b/docs/resources/cdn_resource.md
index 722eb546..a9f18d28 100644
--- a/docs/resources/cdn_resource.md
+++ b/docs/resources/cdn_resource.md
@@ -148,6 +148,7 @@ Optional:
 - `use_default_le_chain` (Block List, Max: 1) The option allows choosing a Let's Encrypt certificate chain. The specified chain will be used during the next Let's Encrypt certificate issue or renewal. (see [below for nested schema](#nestedblock--options--use_default_le_chain))
 - `use_rsa_le_cert` (Block List, Max: 1) The option allows choosing the RSA Let's Encrypt certificate type for the resource. (see [below for nested schema](#nestedblock--options--use_rsa_le_cert))
 - `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl))
+- `waf` (Block List, Max: 1) The Basic WAF option protects you against the most common threats. (see [below for nested schema](#nestedblock--options--waf))
 - `webp` (Block List, Max: 1) Legacy option. Use the image_stack option instead. (see [below for nested schema](#nestedblock--options--webp))
 - `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets))
 
@@ -667,6 +668,18 @@ Optional:
 - `enabled` (Boolean)
 
 
+<a id="nestedblock--options--waf"></a>
+### Nested Schema for `options.waf`
+
+Required:
+
+- `value` (Boolean)
+
+Optional:
+
+- `enabled` (Boolean)
+
+
 <a id="nestedblock--options--webp"></a>
 ### Nested Schema for `options.webp`
 
diff --git a/docs/resources/cdn_rule.md b/docs/resources/cdn_rule.md
index 22ad15a0..63d9073e 100644
--- a/docs/resources/cdn_rule.md
+++ b/docs/resources/cdn_rule.md
@@ -186,6 +186,7 @@ Optional:
 - `use_default_le_chain` (Block List, Max: 1) The option allows choosing a Let's Encrypt certificate chain. The specified chain will be used during the next Let's Encrypt certificate issue or renewal. (see [below for nested schema](#nestedblock--options--use_default_le_chain))
 - `use_rsa_le_cert` (Block List, Max: 1) The option allows choosing the RSA Let's Encrypt certificate type for the resource. (see [below for nested schema](#nestedblock--options--use_rsa_le_cert))
 - `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl))
+- `waf` (Block List, Max: 1) The Basic WAF option protects you against the most common threats. (see [below for nested schema](#nestedblock--options--waf))
 - `webp` (Block List, Max: 1) Legacy option. Use the image_stack option instead. (see [below for nested schema](#nestedblock--options--webp))
 - `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets))
 
@@ -705,6 +706,19 @@ Optional:
 - `enabled` (Boolean)
 
 
+<a id="nestedblock--options--waf"></a>
+### Nested Schema for `options.waf`
+
+Required:
+
+- `value` (Boolean)
+
+Optional:
+
+- `enabled` (Boolean)
+
+
+
 <a id="nestedblock--options--webp"></a>
 ### Nested Schema for `options.webp`
 
diff --git a/gcore/resource_gcore_cdn_resource.go b/gcore/resource_gcore_cdn_resource.go
index f29b575b..e1064598 100644
--- a/gcore/resource_gcore_cdn_resource.go
+++ b/gcore/resource_gcore_cdn_resource.go
@@ -977,6 +977,25 @@ var (
 						},
 					},
 				},
+				"waf": {
+					Type:        schema.TypeList,
+					MaxItems:    1,
+					Optional:    true,
+					Description: "Option allows to enable Basic WAF to protect you against the most common threats.",
+					Elem: &schema.Resource{
+						Schema: map[string]*schema.Schema{
+							"enabled": {
+								Type:     schema.TypeBool,
+								Optional: true,
+								Default:  true,
+							},
+							"value": {
+								Type:     schema.TypeBool,
+								Required: true,
+							},
+						},
+					},
+				},
 				"webp": { // deprecated in favor of image_stack
 					Type:        schema.TypeList,
 					MaxItems:    1,
@@ -1568,6 +1587,12 @@ func listToOptions(l []interface{}) *gcdn.Options {
 			Value:   opt["value"].(bool),
 		}
 	}
+	if opt, ok := getOptByName(fields, "waf"); ok {
+		opts.WAF = &gcdn.WAF{
+			Enabled: opt["enabled"].(bool),
+			Value:   opt["value"].(bool),
+		}
+	}
 	if opt, ok := getOptByName(fields, "webp"); ok {
 		opts.Webp = &gcdn.Webp{
 			Enabled:     opt["enabled"].(bool),
@@ -1779,6 +1804,10 @@ func optionsToList(options *gcdn.Options) []interface{} {
 		m := structToMap(options.UseRSALECert)
 		result["use_rsa_le_cert"] = []interface{}{m}
 	}
+	if options.WAF != nil {
+		m := structToMap(options.WAF)
+		result["waf"] = []interface{}{m}
+	}
 	if options.Webp != nil {
 		m := structToMap(options.Webp)
 		result["webp"] = []interface{}{m}