From 0fb6bcd26520833cb0e3a39b4ffc3ab1ecc43081 Mon Sep 17 00:00:00 2001 From: Andrei Lukyanchyk Date: Tue, 29 Oct 2024 15:32:23 +0100 Subject: [PATCH 1/4] CDI-890: add waap to option schema --- gcore/resource_gcore_cdn_options.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/gcore/resource_gcore_cdn_options.go b/gcore/resource_gcore_cdn_options.go index 1ae7aef..f8574ab 100644 --- a/gcore/resource_gcore_cdn_options.go +++ b/gcore/resource_gcore_cdn_options.go @@ -928,6 +928,25 @@ var ( }, }, }, + "waap": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Description: "Option allows to enable WAAP (Web Application and API Protection).", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, + "value": { + Type: schema.TypeBool, + Required: true, + }, + }, + }, + }, "waf": { Type: schema.TypeList, MaxItems: 1, From 4ba19192813a1a385ca6822ece9ea0b020784e6a Mon Sep 17 00:00:00 2001 From: Andrei Lukyanchyk Date: Wed, 30 Oct 2024 09:31:46 +0100 Subject: [PATCH 2/4] CDI-890: upd Gcore CDN SDK version --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index cf18dbc..8dd8054 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/AlekSi/pointer v1.2.0 github.com/G-Core/gcore-dns-sdk-go v0.2.9 github.com/G-Core/gcore-storage-sdk-go v0.1.34 - github.com/G-Core/gcorelabscdn-go v1.0.17 + github.com/G-Core/gcorelabscdn-go v1.0.19 github.com/G-Core/gcorelabscloud-go v0.8.8 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0 diff --git a/go.sum b/go.sum index ff1a505..a396667 100644 --- a/go.sum +++ b/go.sum @@ -11,6 +11,8 @@ github.com/G-Core/gcore-storage-sdk-go v0.1.34 h1:0GPQfz1kA6mQi6fiisGsh0Um4H9PZe github.com/G-Core/gcore-storage-sdk-go v0.1.34/go.mod h1:BUAEZZZJJt/+luRFunqziv3+JnbVMLbQXDWz9kV8Te8= github.com/G-Core/gcorelabscdn-go v1.0.17 h1:g5i53mzPpg513qcXzxuEdL1v/rK3yiAd8LOVjMh/noM= github.com/G-Core/gcorelabscdn-go v1.0.17/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE= +github.com/G-Core/gcorelabscdn-go v1.0.19 h1:P4qYP+cnO+0DrVftGnL1gt7En8/RYsl20zw4wud9Krs= +github.com/G-Core/gcorelabscdn-go v1.0.19/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE= github.com/G-Core/gcorelabscloud-go v0.8.0 h1:6w+Mikiz+GbHJs1PD+tPD1gIR88Xl3UPkJuvQVuG7bs= github.com/G-Core/gcorelabscloud-go v0.8.0/go.mod h1:13Z1USxlxPbDFuYQyWqfNexlk4kUvOYTXbnvV/Z1lZo= github.com/G-Core/gcorelabscloud-go v0.8.4 h1:Yf0c0ZFOTxu0VjMgMVooHp2k2fYYKLLU5jqFRuEVEcg= From 1936c2e544c5aec8cea6b01c447aecd15c62c3e3 Mon Sep 17 00:00:00 2001 From: Andrei Lukyanchyk Date: Wed, 30 Oct 2024 09:32:01 +0100 Subject: [PATCH 3/4] CDI-890: add handling for WAAP option --- gcore/resource_gcore_cdn_resource.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/gcore/resource_gcore_cdn_resource.go b/gcore/resource_gcore_cdn_resource.go index 8e94377..96efb86 100644 --- a/gcore/resource_gcore_cdn_resource.go +++ b/gcore/resource_gcore_cdn_resource.go @@ -559,6 +559,12 @@ func listToOptions(l []interface{}) *gcdn.Options { Value: opt["value"].(bool), } } + if opt, ok := getOptByName(fields, "waap"); ok { + opts.WAAP = &gcdn.WAAP{ + Enabled: opt["enabled"].(bool), + Value: opt["value"].(bool), + } + } if opt, ok := getOptByName(fields, "waf"); ok { opts.WAF = &gcdn.WAF{ Enabled: opt["enabled"].(bool), @@ -775,6 +781,10 @@ func optionsToList(options *gcdn.Options) []interface{} { m := structToMap(options.UseRSALECert) result["use_rsa_le_cert"] = []interface{}{m} } + if options.WAAP != nil { + m := structToMap(options.WAAP) + result["waap"] = []interface{}{m} + } if options.WAF != nil { m := structToMap(options.WAF) result["waf"] = []interface{}{m} From 7e2b10cf7a780810d6fb402b37fe9854105f1209 Mon Sep 17 00:00:00 2001 From: Andrei Lukyanchyk Date: Wed, 30 Oct 2024 09:33:46 +0100 Subject: [PATCH 4/4] CDI-890: add WAAP option to docs --- docs/resources/cdn_resource.md | 13 +++++++++++++ docs/resources/cdn_rule.md | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/docs/resources/cdn_resource.md b/docs/resources/cdn_resource.md index ed260ae..71d5b4e 100644 --- a/docs/resources/cdn_resource.md +++ b/docs/resources/cdn_resource.md @@ -151,6 +151,7 @@ Optional: - `use_default_le_chain` (Block List, Max: 1) The option allows choosing a Let's Encrypt certificate chain. The specified chain will be used during the next Let's Encrypt certificate issue or renewal. (see [below for nested schema](#nestedblock--options--use_default_le_chain)) - `use_rsa_le_cert` (Block List, Max: 1) The option allows choosing the RSA Let's Encrypt certificate type for the resource. (see [below for nested schema](#nestedblock--options--use_rsa_le_cert)) - `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl)) +- `waap` (Block List, Max: 1) Option allows to enable WAAP (Web Application and API Protection). (see [below for nested schema](#nestedblock--options--waap)) - `waf` (Block List, Max: 1) Option allows to enable Basic WAF to protect you against the most common threats. (see [below for nested schema](#nestedblock--options--waf)) - `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets)) @@ -695,6 +696,18 @@ Optional: - `enabled` (Boolean) + +### Nested Schema for `options.waap` + +Required: + +- `value` (Boolean) + +Optional: + +- `enabled` (Boolean) + + ### Nested Schema for `options.waf` diff --git a/docs/resources/cdn_rule.md b/docs/resources/cdn_rule.md index 35bc05b..a20141f 100644 --- a/docs/resources/cdn_rule.md +++ b/docs/resources/cdn_rule.md @@ -186,6 +186,7 @@ Optional: - `static_request_headers` (Block List, Max: 1) Specify custom HTTP Headers for a CDN server to add to request. (see [below for nested schema](#nestedblock--options--static_request_headers)) - `static_response_headers` (Block List, Max: 1) Specify custom HTTP Headers that a CDN server adds to a response. (see [below for nested schema](#nestedblock--options--static_response_headers)) - `user_agent_acl` (Block List, Max: 1) User agents policy option allows to control access to the content for specified user-agent. (see [below for nested schema](#nestedblock--options--user_agent_acl)) +- `waap` (Block List, Max: 1) Option allows to enable WAAP (Web Application and API Protection). (see [below for nested schema](#nestedblock--options--waap)) - `waf` (Block List, Max: 1) Option allows to enable Basic WAF to protect you against the most common threats. (see [below for nested schema](#nestedblock--options--waf)) - `websockets` (Block List, Max: 1) WebSockets option allows WebSockets connections to an origin server. (see [below for nested schema](#nestedblock--options--websockets)) @@ -682,6 +683,18 @@ Optional: - `enabled` (Boolean) + +### Nested Schema for `options.waap` + +Required: + +- `value` (Boolean) + +Optional: + +- `enabled` (Boolean) + + ### Nested Schema for `options.waf`