rules
Creates, updates, deletes, gets or lists a rules resource.
Overview
| Name | rules |
| Type | Resource |
| Id | cloudflare.firewall.rules |
Fields
The following fields are returned by SELECT queries:
SELECT not supported for this resource, use SHOW METHODS to view available operations for the resource.
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
firewall_rules_create_firewall_rules | insert | zone_id, filter, action | Create one or more firewall rules. | |
ip_access_rules_for_a_user_create_an_ip_access_rule | insert | mode, configuration | Creates a new IP Access rule for all zones owned by the current user. Note: To create an IP Access rule that applies to a specific zone, refer to the IP Access rules for a zone endpoints. | |
edit | update | rule_id, package_id, zone_id | Updates a WAF rule. You can only update the mode/action of the rule. Note: Applies only to the previous version of WAF managed rules. | |
firewall_rules_update_priority_of_a_firewall_rule | update | rule_id, zone_id | Updates the priority of an existing firewall rule. | |
ip_access_rules_for_a_user_update_an_ip_access_rule | update | rule_id | Updates an IP Access rule defined at the user level. You can only update the rule action (mode parameter) and notes. | |
firewall_rules_update_priority_of_firewall_rules | update | zone_id | Updates the priority of existing firewall rules. | |
update | replace | rule_id, zone_id, filter, action | Updates an existing firewall rule. | |
firewall_rules_update_firewall_rules | replace | zone_id | Updates one or more existing firewall rules. | |
delete | delete | rule_id, zone_id | Deletes an existing firewall rule. | |
ip_access_rules_for_a_user_delete_an_ip_access_rule | delete | rule_id | Deletes an IP Access rule at the user level. Note: Deleting a user-level rule will affect all zones owned by the user. | |
firewall_rules_delete_firewall_rules | delete | zone_id | Deletes existing firewall rules. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
package_id | string | |
rule_id | string | The rule ID. |
zone_id | string | The Cloudflare zone ID. |
INSERT examples
- firewall_rules_create_firewall_rules
- ip_access_rules_for_a_user_create_an_ip_access_rule
- Manifest
Create one or more firewall rules.
INSERT INTO cloudflare.firewall.rules (
action,
filter,
zone_id
)
SELECT
'{{ action }}' /* required */,
'{{ filter }}' /* required */,
'{{ zone_id }}'
RETURNING
errors,
messages,
result,
result_info,
success
;
Creates a new IP Access rule for all zones owned by the current user. Note: To create an IP Access rule that applies to a specific zone, refer to the IP Access rules for a zone endpoints.
INSERT INTO cloudflare.firewall.rules (
configuration,
mode,
notes
)
SELECT
'{{ configuration }}' /* required */,
'{{ mode }}' /* required */,
'{{ notes }}'
RETURNING
errors,
messages,
result,
success
;
# Description fields are for documentation purposes
- name: rules
props:
- name: zone_id
value: "{{ zone_id }}"
description: Required parameter for the rules resource.
- name: action
description: |
The action to perform when the threshold of matched traffic within the configured period is exceeded.
value:
mode: "{{ mode }}"
response:
body: "{{ body }}"
content_type: "{{ content_type }}"
timeout: {{ timeout }}
- name: filter
value:
description: "{{ description }}"
expression: "{{ expression }}"
id: "{{ id }}"
paused: {{ paused }}
ref: "{{ ref }}"
- name: configuration
description: |
The rule configuration.
value:
target: "{{ target }}"
value: "{{ value }}"
- name: mode
value: "{{ mode }}"
description: |
The action to apply to a matched request.
valid_values: ['block', 'challenge', 'whitelist', 'js_challenge', 'managed_challenge']
- name: notes
value: "{{ notes }}"
description: |
An informative summary of the rule, typically used as a reminder or explanation.
default:
UPDATE examples
- edit
- firewall_rules_update_priority_of_a_firewall_rule
- ip_access_rules_for_a_user_update_an_ip_access_rule
- firewall_rules_update_priority_of_firewall_rules
Updates a WAF rule. You can only update the mode/action of the rule. Note: Applies only to the previous version of WAF managed rules.
UPDATE cloudflare.firewall.rules
SET
mode = '{{ mode }}'
WHERE
rule_id = '{{ rule_id }}' --required
AND package_id = '{{ package_id }}' --required
AND zone_id = '{{ zone_id }}' --required
RETURNING
errors,
messages,
result,
success;
Updates the priority of an existing firewall rule.
UPDATE cloudflare.firewall.rules
SET
-- No updatable properties
WHERE
rule_id = '{{ rule_id }}' --required
AND zone_id = '{{ zone_id }}' --required
RETURNING
errors,
messages,
result,
result_info,
success;
Updates an IP Access rule defined at the user level. You can only update the rule action (mode parameter) and notes.
UPDATE cloudflare.firewall.rules
SET
mode = '{{ mode }}',
notes = '{{ notes }}'
WHERE
rule_id = '{{ rule_id }}' --required
RETURNING
errors,
messages,
result,
success;
Updates the priority of existing firewall rules.
UPDATE cloudflare.firewall.rules
SET
-- No updatable properties
WHERE
zone_id = '{{ zone_id }}' --required
RETURNING
errors,
messages,
result,
result_info,
success;
REPLACE examples
- update
- firewall_rules_update_firewall_rules
Updates an existing firewall rule.
REPLACE cloudflare.firewall.rules
SET
action = '{{ action }}',
filter = '{{ filter }}'
WHERE
rule_id = '{{ rule_id }}' --required
AND zone_id = '{{ zone_id }}' --required
AND filter = '{{ filter }}' --required
AND action = '{{ action }}' --required
RETURNING
errors,
messages,
result,
success;
Updates one or more existing firewall rules.
REPLACE cloudflare.firewall.rules
SET
-- No updatable properties
WHERE
zone_id = '{{ zone_id }}' --required
RETURNING
errors,
messages,
result,
result_info,
success;
DELETE examples
- delete
- ip_access_rules_for_a_user_delete_an_ip_access_rule
- firewall_rules_delete_firewall_rules
Deletes an existing firewall rule.
DELETE FROM cloudflare.firewall.rules
WHERE rule_id = '{{ rule_id }}' --required
AND zone_id = '{{ zone_id }}' --required
;
Deletes an IP Access rule at the user level. Note: Deleting a user-level rule will affect all zones owned by the user.
DELETE FROM cloudflare.firewall.rules
WHERE rule_id = '{{ rule_id }}' --required
;
Deletes existing firewall rules.
DELETE FROM cloudflare.firewall.rules
WHERE zone_id = '{{ zone_id }}' --required
;