Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Cloudflare Provider
  3. API Docs
  4. Ruleset
Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare

cloudflare.Ruleset

Explore with Pulumi AI

Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare

The Cloudflare Ruleset Engine (https://developers.cloudflare.com/ruleset-engine/about/) allows you to create and deploy rules and rulesets.

Cloudflare uses the Ruleset Engine in different products, allowing you to configure several products using the same basic syntax.

Create Ruleset Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Ruleset(name: string, args: RulesetArgs, opts?: CustomResourceOptions);
@overload
def Ruleset(resource_name: str,
            args: RulesetArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Ruleset(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            kind: Optional[str] = None,
            name: Optional[str] = None,
            phase: Optional[str] = None,
            account_id: Optional[str] = None,
            description: Optional[str] = None,
            rules: Optional[Sequence[RulesetRuleArgs]] = None,
            zone_id: Optional[str] = None)
func NewRuleset(ctx *Context, name string, args RulesetArgs, opts ...ResourceOption) (*Ruleset, error)
public Ruleset(string name, RulesetArgs args, CustomResourceOptions? opts = null)
public Ruleset(String name, RulesetArgs args)
public Ruleset(String name, RulesetArgs args, CustomResourceOptions options)

type: cloudflare:Ruleset
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. RulesetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. RulesetArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. RulesetArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. RulesetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. RulesetArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var rulesetResource = new Cloudflare.Ruleset("rulesetResource", new()
{
    Kind = "string",
    Name = "string",
    Phase = "string",
    AccountId = "string",
    Description = "string",
    Rules = new[]
    {
        new Cloudflare.Inputs.RulesetRuleArgs
        {
            Expression = "string",
            Action = "string",
            ActionParameters = new Cloudflare.Inputs.RulesetRuleActionParametersArgs
            {
                AdditionalCacheablePorts = new[]
                {
                    0,
                },
                Algorithms = new[]
                {
                    new Cloudflare.Inputs.RulesetRuleActionParametersAlgorithmArgs
                    {
                        Name = "string",
                    },
                },
                AutomaticHttpsRewrites = false,
                Autominifies = new[]
                {
                    new Cloudflare.Inputs.RulesetRuleActionParametersAutominifyArgs
                    {
                        Css = false,
                        Html = false,
                        Js = false,
                    },
                },
                Bic = false,
                BrowserTtl = new Cloudflare.Inputs.RulesetRuleActionParametersBrowserTtlArgs
                {
                    Mode = "string",
                    Default = 0,
                },
                Cache = false,
                CacheKey = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyArgs
                {
                    CacheByDeviceType = false,
                    CacheDeceptionArmor = false,
                    CustomKey = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyArgs
                    {
                        Cookie = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs
                        {
                            CheckPresences = new[]
                            {
                                "string",
                            },
                            Includes = new[]
                            {
                                "string",
                            },
                        },
                        Header = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs
                        {
                            CheckPresences = new[]
                            {
                                "string",
                            },
                            Contains = 
                            {
                                { "string", new[]
                                {
                                    "string",
                                } },
                            },
                            ExcludeOrigin = false,
                            Includes = new[]
                            {
                                "string",
                            },
                        },
                        Host = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs
                        {
                            Resolved = false,
                        },
                        QueryString = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs
                        {
                            Excludes = new[]
                            {
                                "string",
                            },
                            Includes = new[]
                            {
                                "string",
                            },
                        },
                        User = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs
                        {
                            DeviceType = false,
                            Geo = false,
                            Lang = false,
                        },
                    },
                    IgnoreQueryStringsOrder = false,
                },
                CacheReserve = new Cloudflare.Inputs.RulesetRuleActionParametersCacheReserveArgs
                {
                    Eligible = false,
                    MinimumFileSize = 0,
                },
                Content = "string",
                ContentType = "string",
                CookieFields = new[]
                {
                    "string",
                },
                DisableApps = false,
                DisableRailgun = false,
                DisableRum = false,
                DisableZaraz = false,
                EdgeTtl = new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlArgs
                {
                    Mode = "string",
                    Default = 0,
                    StatusCodeTtls = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs
                        {
                            StatusCode = 0,
                            StatusCodeRanges = new[]
                            {
                                new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs
                                {
                                    From = 0,
                                    To = 0,
                                },
                            },
                            Value = 0,
                        },
                    },
                },
                EmailObfuscation = false,
                Fonts = false,
                FromList = new Cloudflare.Inputs.RulesetRuleActionParametersFromListArgs
                {
                    Key = "string",
                    Name = "string",
                },
                FromValue = new Cloudflare.Inputs.RulesetRuleActionParametersFromValueArgs
                {
                    PreserveQueryString = false,
                    StatusCode = 0,
                    TargetUrl = new Cloudflare.Inputs.RulesetRuleActionParametersFromValueTargetUrlArgs
                    {
                        Expression = "string",
                        Value = "string",
                    },
                },
                Headers = new[]
                {
                    new Cloudflare.Inputs.RulesetRuleActionParametersHeaderArgs
                    {
                        Expression = "string",
                        Name = "string",
                        Operation = "string",
                        Value = "string",
                    },
                },
                HostHeader = "string",
                HotlinkProtection = false,
                Id = "string",
                Increment = 0,
                MatchedData = new Cloudflare.Inputs.RulesetRuleActionParametersMatchedDataArgs
                {
                    PublicKey = "string",
                },
                Mirage = false,
                OpportunisticEncryption = false,
                Origin = new Cloudflare.Inputs.RulesetRuleActionParametersOriginArgs
                {
                    Host = "string",
                    Port = 0,
                },
                OriginCacheControl = false,
                OriginErrorPagePassthru = false,
                Overrides = new Cloudflare.Inputs.RulesetRuleActionParametersOverridesArgs
                {
                    Action = "string",
                    Categories = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersOverridesCategoryArgs
                        {
                            Action = "string",
                            Category = "string",
                            Enabled = false,
                        },
                    },
                    Enabled = false,
                    Rules = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersOverridesRuleArgs
                        {
                            Action = "string",
                            Enabled = false,
                            Id = "string",
                            ScoreThreshold = 0,
                            SensitivityLevel = "string",
                        },
                    },
                    SensitivityLevel = "string",
                },
                Phases = new[]
                {
                    "string",
                },
                Polish = "string",
                Products = new[]
                {
                    "string",
                },
                ReadTimeout = 0,
                RequestFields = new[]
                {
                    "string",
                },
                RespectStrongEtags = false,
                ResponseFields = new[]
                {
                    "string",
                },
                Responses = new[]
                {
                    new Cloudflare.Inputs.RulesetRuleActionParametersResponseArgs
                    {
                        Content = "string",
                        ContentType = "string",
                        StatusCode = 0,
                    },
                },
                RocketLoader = false,
                Rules = 
                {
                    { "string", "string" },
                },
                Ruleset = "string",
                Rulesets = new[]
                {
                    "string",
                },
                SecurityLevel = "string",
                ServeStale = new Cloudflare.Inputs.RulesetRuleActionParametersServeStaleArgs
                {
                    DisableStaleWhileUpdating = false,
                },
                ServerSideExcludes = false,
                Sni = new Cloudflare.Inputs.RulesetRuleActionParametersSniArgs
                {
                    Value = "string",
                },
                Ssl = "string",
                StatusCode = 0,
                Sxg = false,
                Uri = new Cloudflare.Inputs.RulesetRuleActionParametersUriArgs
                {
                    Origin = false,
                    Path = new Cloudflare.Inputs.RulesetRuleActionParametersUriPathArgs
                    {
                        Expression = "string",
                        Value = "string",
                    },
                    Query = new Cloudflare.Inputs.RulesetRuleActionParametersUriQueryArgs
                    {
                        Expression = "string",
                        Value = "string",
                    },
                },
            },
            Description = "string",
            Enabled = false,
            ExposedCredentialCheck = new Cloudflare.Inputs.RulesetRuleExposedCredentialCheckArgs
            {
                PasswordExpression = "string",
                UsernameExpression = "string",
            },
            Id = "string",
            Logging = new Cloudflare.Inputs.RulesetRuleLoggingArgs
            {
                Enabled = false,
            },
            Ratelimit = new Cloudflare.Inputs.RulesetRuleRatelimitArgs
            {
                Characteristics = new[]
                {
                    "string",
                },
                CountingExpression = "string",
                MitigationTimeout = 0,
                Period = 0,
                RequestsPerPeriod = 0,
                RequestsToOrigin = false,
                ScorePerPeriod = 0,
                ScoreResponseHeaderName = "string",
            },
            Ref = "string",
        },
    },
    ZoneId = "string",
});
Copy
example, err := cloudflare.NewRuleset(ctx, "rulesetResource", &cloudflare.RulesetArgs{
	Kind:        pulumi.String("string"),
	Name:        pulumi.String("string"),
	Phase:       pulumi.String("string"),
	AccountId:   pulumi.String("string"),
	Description: pulumi.String("string"),
	Rules: cloudflare.RulesetRuleArray{
		&cloudflare.RulesetRuleArgs{
			Expression: pulumi.String("string"),
			Action:     pulumi.String("string"),
			ActionParameters: &cloudflare.RulesetRuleActionParametersArgs{
				AdditionalCacheablePorts: pulumi.IntArray{
					pulumi.Int(0),
				},
				Algorithms: cloudflare.RulesetRuleActionParametersAlgorithmArray{
					&cloudflare.RulesetRuleActionParametersAlgorithmArgs{
						Name: pulumi.String("string"),
					},
				},
				AutomaticHttpsRewrites: pulumi.Bool(false),
				Autominifies: cloudflare.RulesetRuleActionParametersAutominifyArray{
					&cloudflare.RulesetRuleActionParametersAutominifyArgs{
						Css:  pulumi.Bool(false),
						Html: pulumi.Bool(false),
						Js:   pulumi.Bool(false),
					},
				},
				Bic: pulumi.Bool(false),
				BrowserTtl: &cloudflare.RulesetRuleActionParametersBrowserTtlArgs{
					Mode:    pulumi.String("string"),
					Default: pulumi.Int(0),
				},
				Cache: pulumi.Bool(false),
				CacheKey: &cloudflare.RulesetRuleActionParametersCacheKeyArgs{
					CacheByDeviceType:   pulumi.Bool(false),
					CacheDeceptionArmor: pulumi.Bool(false),
					CustomKey: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyArgs{
						Cookie: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs{
							CheckPresences: pulumi.StringArray{
								pulumi.String("string"),
							},
							Includes: pulumi.StringArray{
								pulumi.String("string"),
							},
						},
						Header: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs{
							CheckPresences: pulumi.StringArray{
								pulumi.String("string"),
							},
							Contains: pulumi.StringArrayMap{
								"string": pulumi.StringArray{
									pulumi.String("string"),
								},
							},
							ExcludeOrigin: pulumi.Bool(false),
							Includes: pulumi.StringArray{
								pulumi.String("string"),
							},
						},
						Host: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs{
							Resolved: pulumi.Bool(false),
						},
						QueryString: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs{
							Excludes: pulumi.StringArray{
								pulumi.String("string"),
							},
							Includes: pulumi.StringArray{
								pulumi.String("string"),
							},
						},
						User: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs{
							DeviceType: pulumi.Bool(false),
							Geo:        pulumi.Bool(false),
							Lang:       pulumi.Bool(false),
						},
					},
					IgnoreQueryStringsOrder: pulumi.Bool(false),
				},
				CacheReserve: &cloudflare.RulesetRuleActionParametersCacheReserveArgs{
					Eligible:        pulumi.Bool(false),
					MinimumFileSize: pulumi.Int(0),
				},
				Content:     pulumi.String("string"),
				ContentType: pulumi.String("string"),
				CookieFields: pulumi.StringArray{
					pulumi.String("string"),
				},
				DisableApps:    pulumi.Bool(false),
				DisableRailgun: pulumi.Bool(false),
				DisableRum:     pulumi.Bool(false),
				DisableZaraz:   pulumi.Bool(false),
				EdgeTtl: &cloudflare.RulesetRuleActionParametersEdgeTtlArgs{
					Mode:    pulumi.String("string"),
					Default: pulumi.Int(0),
					StatusCodeTtls: cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArray{
						&cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs{
							StatusCode: pulumi.Int(0),
							StatusCodeRanges: cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArray{
								&cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs{
									From: pulumi.Int(0),
									To:   pulumi.Int(0),
								},
							},
							Value: pulumi.Int(0),
						},
					},
				},
				EmailObfuscation: pulumi.Bool(false),
				Fonts:            pulumi.Bool(false),
				FromList: &cloudflare.RulesetRuleActionParametersFromListArgs{
					Key:  pulumi.String("string"),
					Name: pulumi.String("string"),
				},
				FromValue: &cloudflare.RulesetRuleActionParametersFromValueArgs{
					PreserveQueryString: pulumi.Bool(false),
					StatusCode:          pulumi.Int(0),
					TargetUrl: &cloudflare.RulesetRuleActionParametersFromValueTargetUrlArgs{
						Expression: pulumi.String("string"),
						Value:      pulumi.String("string"),
					},
				},
				Headers: cloudflare.RulesetRuleActionParametersHeaderArray{
					&cloudflare.RulesetRuleActionParametersHeaderArgs{
						Expression: pulumi.String("string"),
						Name:       pulumi.String("string"),
						Operation:  pulumi.String("string"),
						Value:      pulumi.String("string"),
					},
				},
				HostHeader:        pulumi.String("string"),
				HotlinkProtection: pulumi.Bool(false),
				Id:                pulumi.String("string"),
				Increment:         pulumi.Int(0),
				MatchedData: &cloudflare.RulesetRuleActionParametersMatchedDataArgs{
					PublicKey: pulumi.String("string"),
				},
				Mirage:                  pulumi.Bool(false),
				OpportunisticEncryption: pulumi.Bool(false),
				Origin: &cloudflare.RulesetRuleActionParametersOriginArgs{
					Host: pulumi.String("string"),
					Port: pulumi.Int(0),
				},
				OriginCacheControl:      pulumi.Bool(false),
				OriginErrorPagePassthru: pulumi.Bool(false),
				Overrides: &cloudflare.RulesetRuleActionParametersOverridesArgs{
					Action: pulumi.String("string"),
					Categories: cloudflare.RulesetRuleActionParametersOverridesCategoryArray{
						&cloudflare.RulesetRuleActionParametersOverridesCategoryArgs{
							Action:   pulumi.String("string"),
							Category: pulumi.String("string"),
							Enabled:  pulumi.Bool(false),
						},
					},
					Enabled: pulumi.Bool(false),
					Rules: cloudflare.RulesetRuleActionParametersOverridesRuleArray{
						&cloudflare.RulesetRuleActionParametersOverridesRuleArgs{
							Action:           pulumi.String("string"),
							Enabled:          pulumi.Bool(false),
							Id:               pulumi.String("string"),
							ScoreThreshold:   pulumi.Int(0),
							SensitivityLevel: pulumi.String("string"),
						},
					},
					SensitivityLevel: pulumi.String("string"),
				},
				Phases: pulumi.StringArray{
					pulumi.String("string"),
				},
				Polish: pulumi.String("string"),
				Products: pulumi.StringArray{
					pulumi.String("string"),
				},
				ReadTimeout: pulumi.Int(0),
				RequestFields: pulumi.StringArray{
					pulumi.String("string"),
				},
				RespectStrongEtags: pulumi.Bool(false),
				ResponseFields: pulumi.StringArray{
					pulumi.String("string"),
				},
				Responses: cloudflare.RulesetRuleActionParametersResponseArray{
					&cloudflare.RulesetRuleActionParametersResponseArgs{
						Content:     pulumi.String("string"),
						ContentType: pulumi.String("string"),
						StatusCode:  pulumi.Int(0),
					},
				},
				RocketLoader: pulumi.Bool(false),
				Rules: pulumi.StringMap{
					"string": pulumi.String("string"),
				},
				Ruleset: pulumi.String("string"),
				Rulesets: pulumi.StringArray{
					pulumi.String("string"),
				},
				SecurityLevel: pulumi.String("string"),
				ServeStale: &cloudflare.RulesetRuleActionParametersServeStaleArgs{
					DisableStaleWhileUpdating: pulumi.Bool(false),
				},
				ServerSideExcludes: pulumi.Bool(false),
				Sni: &cloudflare.RulesetRuleActionParametersSniArgs{
					Value: pulumi.String("string"),
				},
				Ssl:        pulumi.String("string"),
				StatusCode: pulumi.Int(0),
				Sxg:        pulumi.Bool(false),
				Uri: &cloudflare.RulesetRuleActionParametersUriArgs{
					Origin: pulumi.Bool(false),
					Path: &cloudflare.RulesetRuleActionParametersUriPathArgs{
						Expression: pulumi.String("string"),
						Value:      pulumi.String("string"),
					},
					Query: &cloudflare.RulesetRuleActionParametersUriQueryArgs{
						Expression: pulumi.String("string"),
						Value:      pulumi.String("string"),
					},
				},
			},
			Description: pulumi.String("string"),
			Enabled:     pulumi.Bool(false),
			ExposedCredentialCheck: &cloudflare.RulesetRuleExposedCredentialCheckArgs{
				PasswordExpression: pulumi.String("string"),
				UsernameExpression: pulumi.String("string"),
			},
			Id: pulumi.String("string"),
			Logging: &cloudflare.RulesetRuleLoggingArgs{
				Enabled: pulumi.Bool(false),
			},
			Ratelimit: &cloudflare.RulesetRuleRatelimitArgs{
				Characteristics: pulumi.StringArray{
					pulumi.String("string"),
				},
				CountingExpression:      pulumi.String("string"),
				MitigationTimeout:       pulumi.Int(0),
				Period:                  pulumi.Int(0),
				RequestsPerPeriod:       pulumi.Int(0),
				RequestsToOrigin:        pulumi.Bool(false),
				ScorePerPeriod:          pulumi.Int(0),
				ScoreResponseHeaderName: pulumi.String("string"),
			},
			Ref: pulumi.String("string"),
		},
	},
	ZoneId: pulumi.String("string"),
})
Copy
var rulesetResource = new Ruleset("rulesetResource", RulesetArgs.builder()
    .kind("string")
    .name("string")
    .phase("string")
    .accountId("string")
    .description("string")
    .rules(RulesetRuleArgs.builder()
        .expression("string")
        .action("string")
        .actionParameters(RulesetRuleActionParametersArgs.builder()
            .additionalCacheablePorts(0)
            .algorithms(RulesetRuleActionParametersAlgorithmArgs.builder()
                .name("string")
                .build())
            .automaticHttpsRewrites(false)
            .autominifies(RulesetRuleActionParametersAutominifyArgs.builder()
                .css(false)
                .html(false)
                .js(false)
                .build())
            .bic(false)
            .browserTtl(RulesetRuleActionParametersBrowserTtlArgs.builder()
                .mode("string")
                .default_(0)
                .build())
            .cache(false)
            .cacheKey(RulesetRuleActionParametersCacheKeyArgs.builder()
                .cacheByDeviceType(false)
                .cacheDeceptionArmor(false)
                .customKey(RulesetRuleActionParametersCacheKeyCustomKeyArgs.builder()
                    .cookie(RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs.builder()
                        .checkPresences("string")
                        .includes("string")
                        .build())
                    .header(RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs.builder()
                        .checkPresences("string")
                        .contains(Map.of("string", "string"))
                        .excludeOrigin(false)
                        .includes("string")
                        .build())
                    .host(RulesetRuleActionParametersCacheKeyCustomKeyHostArgs.builder()
                        .resolved(false)
                        .build())
                    .queryString(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs.builder()
                        .excludes("string")
                        .includes("string")
                        .build())
                    .user(RulesetRuleActionParametersCacheKeyCustomKeyUserArgs.builder()
                        .deviceType(false)
                        .geo(false)
                        .lang(false)
                        .build())
                    .build())
                .ignoreQueryStringsOrder(false)
                .build())
            .cacheReserve(RulesetRuleActionParametersCacheReserveArgs.builder()
                .eligible(false)
                .minimumFileSize(0)
                .build())
            .content("string")
            .contentType("string")
            .cookieFields("string")
            .disableApps(false)
            .disableRailgun(false)
            .disableRum(false)
            .disableZaraz(false)
            .edgeTtl(RulesetRuleActionParametersEdgeTtlArgs.builder()
                .mode("string")
                .default_(0)
                .statusCodeTtls(RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
                    .statusCode(0)
                    .statusCodeRanges(RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs.builder()
                        .from(0)
                        .to(0)
                        .build())
                    .value(0)
                    .build())
                .build())
            .emailObfuscation(false)
            .fonts(false)
            .fromList(RulesetRuleActionParametersFromListArgs.builder()
                .key("string")
                .name("string")
                .build())
            .fromValue(RulesetRuleActionParametersFromValueArgs.builder()
                .preserveQueryString(false)
                .statusCode(0)
                .targetUrl(RulesetRuleActionParametersFromValueTargetUrlArgs.builder()
                    .expression("string")
                    .value("string")
                    .build())
                .build())
            .headers(RulesetRuleActionParametersHeaderArgs.builder()
                .expression("string")
                .name("string")
                .operation("string")
                .value("string")
                .build())
            .hostHeader("string")
            .hotlinkProtection(false)
            .id("string")
            .increment(0)
            .matchedData(RulesetRuleActionParametersMatchedDataArgs.builder()
                .publicKey("string")
                .build())
            .mirage(false)
            .opportunisticEncryption(false)
            .origin(RulesetRuleActionParametersOriginArgs.builder()
                .host("string")
                .port(0)
                .build())
            .originCacheControl(false)
            .originErrorPagePassthru(false)
            .overrides(RulesetRuleActionParametersOverridesArgs.builder()
                .action("string")
                .categories(RulesetRuleActionParametersOverridesCategoryArgs.builder()
                    .action("string")
                    .category("string")
                    .enabled(false)
                    .build())
                .enabled(false)
                .rules(RulesetRuleActionParametersOverridesRuleArgs.builder()
                    .action("string")
                    .enabled(false)
                    .id("string")
                    .scoreThreshold(0)
                    .sensitivityLevel("string")
                    .build())
                .sensitivityLevel("string")
                .build())
            .phases("string")
            .polish("string")
            .products("string")
            .readTimeout(0)
            .requestFields("string")
            .respectStrongEtags(false)
            .responseFields("string")
            .responses(RulesetRuleActionParametersResponseArgs.builder()
                .content("string")
                .contentType("string")
                .statusCode(0)
                .build())
            .rocketLoader(false)
            .rules(Map.of("string", "string"))
            .ruleset("string")
            .rulesets("string")
            .securityLevel("string")
            .serveStale(RulesetRuleActionParametersServeStaleArgs.builder()
                .disableStaleWhileUpdating(false)
                .build())
            .serverSideExcludes(false)
            .sni(RulesetRuleActionParametersSniArgs.builder()
                .value("string")
                .build())
            .ssl("string")
            .statusCode(0)
            .sxg(false)
            .uri(RulesetRuleActionParametersUriArgs.builder()
                .origin(false)
                .path(RulesetRuleActionParametersUriPathArgs.builder()
                    .expression("string")
                    .value("string")
                    .build())
                .query(RulesetRuleActionParametersUriQueryArgs.builder()
                    .expression("string")
                    .value("string")
                    .build())
                .build())
            .build())
        .description("string")
        .enabled(false)
        .exposedCredentialCheck(RulesetRuleExposedCredentialCheckArgs.builder()
            .passwordExpression("string")
            .usernameExpression("string")
            .build())
        .id("string")
        .logging(RulesetRuleLoggingArgs.builder()
            .enabled(false)
            .build())
        .ratelimit(RulesetRuleRatelimitArgs.builder()
            .characteristics("string")
            .countingExpression("string")
            .mitigationTimeout(0)
            .period(0)
            .requestsPerPeriod(0)
            .requestsToOrigin(false)
            .scorePerPeriod(0)
            .scoreResponseHeaderName("string")
            .build())
        .ref("string")
        .build())
    .zoneId("string")
    .build());
Copy
ruleset_resource = cloudflare.Ruleset("rulesetResource",
    kind="string",
    name="string",
    phase="string",
    account_id="string",
    description="string",
    rules=[{
        "expression": "string",
        "action": "string",
        "action_parameters": {
            "additional_cacheable_ports": [0],
            "algorithms": [{
                "name": "string",
            }],
            "automatic_https_rewrites": False,
            "autominifies": [{
                "css": False,
                "html": False,
                "js": False,
            }],
            "bic": False,
            "browser_ttl": {
                "mode": "string",
                "default": 0,
            },
            "cache": False,
            "cache_key": {
                "cache_by_device_type": False,
                "cache_deception_armor": False,
                "custom_key": {
                    "cookie": {
                        "check_presences": ["string"],
                        "includes": ["string"],
                    },
                    "header": {
                        "check_presences": ["string"],
                        "contains": {
                            "string": ["string"],
                        },
                        "exclude_origin": False,
                        "includes": ["string"],
                    },
                    "host": {
                        "resolved": False,
                    },
                    "query_string": {
                        "excludes": ["string"],
                        "includes": ["string"],
                    },
                    "user": {
                        "device_type": False,
                        "geo": False,
                        "lang": False,
                    },
                },
                "ignore_query_strings_order": False,
            },
            "cache_reserve": {
                "eligible": False,
                "minimum_file_size": 0,
            },
            "content": "string",
            "content_type": "string",
            "cookie_fields": ["string"],
            "disable_apps": False,
            "disable_railgun": False,
            "disable_rum": False,
            "disable_zaraz": False,
            "edge_ttl": {
                "mode": "string",
                "default": 0,
                "status_code_ttls": [{
                    "status_code": 0,
                    "status_code_ranges": [{
                        "from_": 0,
                        "to": 0,
                    }],
                    "value": 0,
                }],
            },
            "email_obfuscation": False,
            "fonts": False,
            "from_list": {
                "key": "string",
                "name": "string",
            },
            "from_value": {
                "preserve_query_string": False,
                "status_code": 0,
                "target_url": {
                    "expression": "string",
                    "value": "string",
                },
            },
            "headers": [{
                "expression": "string",
                "name": "string",
                "operation": "string",
                "value": "string",
            }],
            "host_header": "string",
            "hotlink_protection": False,
            "id": "string",
            "increment": 0,
            "matched_data": {
                "public_key": "string",
            },
            "mirage": False,
            "opportunistic_encryption": False,
            "origin": {
                "host": "string",
                "port": 0,
            },
            "origin_cache_control": False,
            "origin_error_page_passthru": False,
            "overrides": {
                "action": "string",
                "categories": [{
                    "action": "string",
                    "category": "string",
                    "enabled": False,
                }],
                "enabled": False,
                "rules": [{
                    "action": "string",
                    "enabled": False,
                    "id": "string",
                    "score_threshold": 0,
                    "sensitivity_level": "string",
                }],
                "sensitivity_level": "string",
            },
            "phases": ["string"],
            "polish": "string",
            "products": ["string"],
            "read_timeout": 0,
            "request_fields": ["string"],
            "respect_strong_etags": False,
            "response_fields": ["string"],
            "responses": [{
                "content": "string",
                "content_type": "string",
                "status_code": 0,
            }],
            "rocket_loader": False,
            "rules": {
                "string": "string",
            },
            "ruleset": "string",
            "rulesets": ["string"],
            "security_level": "string",
            "serve_stale": {
                "disable_stale_while_updating": False,
            },
            "server_side_excludes": False,
            "sni": {
                "value": "string",
            },
            "ssl": "string",
            "status_code": 0,
            "sxg": False,
            "uri": {
                "origin": False,
                "path": {
                    "expression": "string",
                    "value": "string",
                },
                "query": {
                    "expression": "string",
                    "value": "string",
                },
            },
        },
        "description": "string",
        "enabled": False,
        "exposed_credential_check": {
            "password_expression": "string",
            "username_expression": "string",
        },
        "id": "string",
        "logging": {
            "enabled": False,
        },
        "ratelimit": {
            "characteristics": ["string"],
            "counting_expression": "string",
            "mitigation_timeout": 0,
            "period": 0,
            "requests_per_period": 0,
            "requests_to_origin": False,
            "score_per_period": 0,
            "score_response_header_name": "string",
        },
        "ref": "string",
    }],
    zone_id="string")
Copy
const rulesetResource = new cloudflare.Ruleset("rulesetResource", {
    kind: "string",
    name: "string",
    phase: "string",
    accountId: "string",
    description: "string",
    rules: [{
        expression: "string",
        action: "string",
        actionParameters: {
            additionalCacheablePorts: [0],
            algorithms: [{
                name: "string",
            }],
            automaticHttpsRewrites: false,
            autominifies: [{
                css: false,
                html: false,
                js: false,
            }],
            bic: false,
            browserTtl: {
                mode: "string",
                "default": 0,
            },
            cache: false,
            cacheKey: {
                cacheByDeviceType: false,
                cacheDeceptionArmor: false,
                customKey: {
                    cookie: {
                        checkPresences: ["string"],
                        includes: ["string"],
                    },
                    header: {
                        checkPresences: ["string"],
                        contains: {
                            string: ["string"],
                        },
                        excludeOrigin: false,
                        includes: ["string"],
                    },
                    host: {
                        resolved: false,
                    },
                    queryString: {
                        excludes: ["string"],
                        includes: ["string"],
                    },
                    user: {
                        deviceType: false,
                        geo: false,
                        lang: false,
                    },
                },
                ignoreQueryStringsOrder: false,
            },
            cacheReserve: {
                eligible: false,
                minimumFileSize: 0,
            },
            content: "string",
            contentType: "string",
            cookieFields: ["string"],
            disableApps: false,
            disableRailgun: false,
            disableRum: false,
            disableZaraz: false,
            edgeTtl: {
                mode: "string",
                "default": 0,
                statusCodeTtls: [{
                    statusCode: 0,
                    statusCodeRanges: [{
                        from: 0,
                        to: 0,
                    }],
                    value: 0,
                }],
            },
            emailObfuscation: false,
            fonts: false,
            fromList: {
                key: "string",
                name: "string",
            },
            fromValue: {
                preserveQueryString: false,
                statusCode: 0,
                targetUrl: {
                    expression: "string",
                    value: "string",
                },
            },
            headers: [{
                expression: "string",
                name: "string",
                operation: "string",
                value: "string",
            }],
            hostHeader: "string",
            hotlinkProtection: false,
            id: "string",
            increment: 0,
            matchedData: {
                publicKey: "string",
            },
            mirage: false,
            opportunisticEncryption: false,
            origin: {
                host: "string",
                port: 0,
            },
            originCacheControl: false,
            originErrorPagePassthru: false,
            overrides: {
                action: "string",
                categories: [{
                    action: "string",
                    category: "string",
                    enabled: false,
                }],
                enabled: false,
                rules: [{
                    action: "string",
                    enabled: false,
                    id: "string",
                    scoreThreshold: 0,
                    sensitivityLevel: "string",
                }],
                sensitivityLevel: "string",
            },
            phases: ["string"],
            polish: "string",
            products: ["string"],
            readTimeout: 0,
            requestFields: ["string"],
            respectStrongEtags: false,
            responseFields: ["string"],
            responses: [{
                content: "string",
                contentType: "string",
                statusCode: 0,
            }],
            rocketLoader: false,
            rules: {
                string: "string",
            },
            ruleset: "string",
            rulesets: ["string"],
            securityLevel: "string",
            serveStale: {
                disableStaleWhileUpdating: false,
            },
            serverSideExcludes: false,
            sni: {
                value: "string",
            },
            ssl: "string",
            statusCode: 0,
            sxg: false,
            uri: {
                origin: false,
                path: {
                    expression: "string",
                    value: "string",
                },
                query: {
                    expression: "string",
                    value: "string",
                },
            },
        },
        description: "string",
        enabled: false,
        exposedCredentialCheck: {
            passwordExpression: "string",
            usernameExpression: "string",
        },
        id: "string",
        logging: {
            enabled: false,
        },
        ratelimit: {
            characteristics: ["string"],
            countingExpression: "string",
            mitigationTimeout: 0,
            period: 0,
            requestsPerPeriod: 0,
            requestsToOrigin: false,
            scorePerPeriod: 0,
            scoreResponseHeaderName: "string",
        },
        ref: "string",
    }],
    zoneId: "string",
});
Copy
type: cloudflare:Ruleset
properties:
    accountId: string
    description: string
    kind: string
    name: string
    phase: string
    rules:
        - action: string
          actionParameters:
            additionalCacheablePorts:
                - 0
            algorithms:
                - name: string
            automaticHttpsRewrites: false
            autominifies:
                - css: false
                  html: false
                  js: false
            bic: false
            browserTtl:
                default: 0
                mode: string
            cache: false
            cacheKey:
                cacheByDeviceType: false
                cacheDeceptionArmor: false
                customKey:
                    cookie:
                        checkPresences:
                            - string
                        includes:
                            - string
                    header:
                        checkPresences:
                            - string
                        contains:
                            string:
                                - string
                        excludeOrigin: false
                        includes:
                            - string
                    host:
                        resolved: false
                    queryString:
                        excludes:
                            - string
                        includes:
                            - string
                    user:
                        deviceType: false
                        geo: false
                        lang: false
                ignoreQueryStringsOrder: false
            cacheReserve:
                eligible: false
                minimumFileSize: 0
            content: string
            contentType: string
            cookieFields:
                - string
            disableApps: false
            disableRailgun: false
            disableRum: false
            disableZaraz: false
            edgeTtl:
                default: 0
                mode: string
                statusCodeTtls:
                    - statusCode: 0
                      statusCodeRanges:
                        - from: 0
                          to: 0
                      value: 0
            emailObfuscation: false
            fonts: false
            fromList:
                key: string
                name: string
            fromValue:
                preserveQueryString: false
                statusCode: 0
                targetUrl:
                    expression: string
                    value: string
            headers:
                - expression: string
                  name: string
                  operation: string
                  value: string
            hostHeader: string
            hotlinkProtection: false
            id: string
            increment: 0
            matchedData:
                publicKey: string
            mirage: false
            opportunisticEncryption: false
            origin:
                host: string
                port: 0
            originCacheControl: false
            originErrorPagePassthru: false
            overrides:
                action: string
                categories:
                    - action: string
                      category: string
                      enabled: false
                enabled: false
                rules:
                    - action: string
                      enabled: false
                      id: string
                      scoreThreshold: 0
                      sensitivityLevel: string
                sensitivityLevel: string
            phases:
                - string
            polish: string
            products:
                - string
            readTimeout: 0
            requestFields:
                - string
            respectStrongEtags: false
            responseFields:
                - string
            responses:
                - content: string
                  contentType: string
                  statusCode: 0
            rocketLoader: false
            rules:
                string: string
            ruleset: string
            rulesets:
                - string
            securityLevel: string
            serveStale:
                disableStaleWhileUpdating: false
            serverSideExcludes: false
            sni:
                value: string
            ssl: string
            statusCode: 0
            sxg: false
            uri:
                origin: false
                path:
                    expression: string
                    value: string
                query:
                    expression: string
                    value: string
          description: string
          enabled: false
          exposedCredentialCheck:
            passwordExpression: string
            usernameExpression: string
          expression: string
          id: string
          logging:
            enabled: false
          ratelimit:
            characteristics:
                - string
            countingExpression: string
            mitigationTimeout: 0
            period: 0
            requestsPerPeriod: 0
            requestsToOrigin: false
            scorePerPeriod: 0
            scoreResponseHeaderName: string
          ref: string
    zoneId: string
Copy

Ruleset Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Ruleset resource accepts the following input properties:

Kind This property is required. string
Type of Ruleset to create. Available values: custom, managed, root, zone.
Name This property is required. string
Name of the ruleset.
Phase This property is required. string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
AccountId string
The account identifier to target for the resource.
Description string
Brief summary of the ruleset and its intended use.
Rules List<RulesetRule>
List of rules to apply to the ruleset.
ZoneId string
The zone identifier to target for the resource.
Kind This property is required. string
Type of Ruleset to create. Available values: custom, managed, root, zone.
Name This property is required. string
Name of the ruleset.
Phase This property is required. string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
AccountId string
The account identifier to target for the resource.
Description string
Brief summary of the ruleset and its intended use.
Rules []RulesetRuleArgs
List of rules to apply to the ruleset.
ZoneId string
The zone identifier to target for the resource.
kind This property is required. String
Type of Ruleset to create. Available values: custom, managed, root, zone.
name This property is required. String
Name of the ruleset.
phase This property is required. String
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
accountId String
The account identifier to target for the resource.
description String
Brief summary of the ruleset and its intended use.
rules List<RulesetRule>
List of rules to apply to the ruleset.
zoneId String
The zone identifier to target for the resource.
kind This property is required. string
Type of Ruleset to create. Available values: custom, managed, root, zone.
name This property is required. string
Name of the ruleset.
phase This property is required. string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
accountId string
The account identifier to target for the resource.
description string
Brief summary of the ruleset and its intended use.
rules RulesetRule[]
List of rules to apply to the ruleset.
zoneId string
The zone identifier to target for the resource.
kind This property is required. str
Type of Ruleset to create. Available values: custom, managed, root, zone.
name This property is required. str
Name of the ruleset.
phase This property is required. str
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
account_id str
The account identifier to target for the resource.
description str
Brief summary of the ruleset and its intended use.
rules Sequence[RulesetRuleArgs]
List of rules to apply to the ruleset.
zone_id str
The zone identifier to target for the resource.
kind This property is required. String
Type of Ruleset to create. Available values: custom, managed, root, zone.
name This property is required. String
Name of the ruleset.
phase This property is required. String
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
accountId String
The account identifier to target for the resource.
description String
Brief summary of the ruleset and its intended use.
rules List<Property Map>
List of rules to apply to the ruleset.
zoneId String
The zone identifier to target for the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the Ruleset resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing Ruleset Resource

Get an existing Ruleset resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RulesetState, opts?: CustomResourceOptions): Ruleset
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        description: Optional[str] = None,
        kind: Optional[str] = None,
        name: Optional[str] = None,
        phase: Optional[str] = None,
        rules: Optional[Sequence[RulesetRuleArgs]] = None,
        zone_id: Optional[str] = None) -> Ruleset
func GetRuleset(ctx *Context, name string, id IDInput, state *RulesetState, opts ...ResourceOption) (*Ruleset, error)
public static Ruleset Get(string name, Input<string> id, RulesetState? state, CustomResourceOptions? opts = null)
public static Ruleset get(String name, Output<String> id, RulesetState state, CustomResourceOptions options)
resources:  _:    type: cloudflare:Ruleset    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccountId string
The account identifier to target for the resource.
Description string
Brief summary of the ruleset and its intended use.
Kind string
Type of Ruleset to create. Available values: custom, managed, root, zone.
Name string
Name of the ruleset.
Phase string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
Rules List<RulesetRule>
List of rules to apply to the ruleset.
ZoneId string
The zone identifier to target for the resource.
AccountId string
The account identifier to target for the resource.
Description string
Brief summary of the ruleset and its intended use.
Kind string
Type of Ruleset to create. Available values: custom, managed, root, zone.
Name string
Name of the ruleset.
Phase string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
Rules []RulesetRuleArgs
List of rules to apply to the ruleset.
ZoneId string
The zone identifier to target for the resource.
accountId String
The account identifier to target for the resource.
description String
Brief summary of the ruleset and its intended use.
kind String
Type of Ruleset to create. Available values: custom, managed, root, zone.
name String
Name of the ruleset.
phase String
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
rules List<RulesetRule>
List of rules to apply to the ruleset.
zoneId String
The zone identifier to target for the resource.
accountId string
The account identifier to target for the resource.
description string
Brief summary of the ruleset and its intended use.
kind string
Type of Ruleset to create. Available values: custom, managed, root, zone.
name string
Name of the ruleset.
phase string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
rules RulesetRule[]
List of rules to apply to the ruleset.
zoneId string
The zone identifier to target for the resource.
account_id str
The account identifier to target for the resource.
description str
Brief summary of the ruleset and its intended use.
kind str
Type of Ruleset to create. Available values: custom, managed, root, zone.
name str
Name of the ruleset.
phase str
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
rules Sequence[RulesetRuleArgs]
List of rules to apply to the ruleset.
zone_id str
The zone identifier to target for the resource.
accountId String
The account identifier to target for the resource.
description String
Brief summary of the ruleset and its intended use.
kind String
Type of Ruleset to create. Available values: custom, managed, root, zone.
name String
Name of the ruleset.
phase String
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
rules List<Property Map>
List of rules to apply to the ruleset.
zoneId String
The zone identifier to target for the resource.

Supporting Types

RulesetRule
, RulesetRuleArgs

Expression This property is required. string
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Action string
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
ActionParameters RulesetRuleActionParameters
List of parameters that configure the behavior of the ruleset rule action.
Description string
Brief summary of the ruleset rule and its intended use.
Enabled bool
Whether the rule is active.
ExposedCredentialCheck RulesetRuleExposedCredentialCheck
List of parameters that configure exposed credential checks.
Id string
Unique rule identifier.
Logging RulesetRuleLogging
List parameters to configure how the rule generates logs. Only valid for skip action.
Ratelimit RulesetRuleRatelimit
List of parameters that configure HTTP rate limiting behaviour.
Ref string
Rule reference.
Expression This property is required. string
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Action string
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
ActionParameters RulesetRuleActionParameters
List of parameters that configure the behavior of the ruleset rule action.
Description string
Brief summary of the ruleset rule and its intended use.
Enabled bool
Whether the rule is active.
ExposedCredentialCheck RulesetRuleExposedCredentialCheck
List of parameters that configure exposed credential checks.
Id string
Unique rule identifier.
Logging RulesetRuleLogging
List parameters to configure how the rule generates logs. Only valid for skip action.
Ratelimit RulesetRuleRatelimit
List of parameters that configure HTTP rate limiting behaviour.
Ref string
Rule reference.
expression This property is required. String
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
action String
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
actionParameters RulesetRuleActionParameters
List of parameters that configure the behavior of the ruleset rule action.
description String
Brief summary of the ruleset rule and its intended use.
enabled Boolean
Whether the rule is active.
exposedCredentialCheck RulesetRuleExposedCredentialCheck
List of parameters that configure exposed credential checks.
id String
Unique rule identifier.
logging RulesetRuleLogging
List parameters to configure how the rule generates logs. Only valid for skip action.
ratelimit RulesetRuleRatelimit
List of parameters that configure HTTP rate limiting behaviour.
ref String
Rule reference.
expression This property is required. string
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
action string
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
actionParameters RulesetRuleActionParameters
List of parameters that configure the behavior of the ruleset rule action.
description string
Brief summary of the ruleset rule and its intended use.
enabled boolean
Whether the rule is active.
exposedCredentialCheck RulesetRuleExposedCredentialCheck
List of parameters that configure exposed credential checks.
id string
Unique rule identifier.
logging RulesetRuleLogging
List parameters to configure how the rule generates logs. Only valid for skip action.
ratelimit RulesetRuleRatelimit
List of parameters that configure HTTP rate limiting behaviour.
ref string
Rule reference.
expression This property is required. str
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
action str
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
action_parameters RulesetRuleActionParameters
List of parameters that configure the behavior of the ruleset rule action.
description str
Brief summary of the ruleset rule and its intended use.
enabled bool
Whether the rule is active.
exposed_credential_check RulesetRuleExposedCredentialCheck
List of parameters that configure exposed credential checks.
id str
Unique rule identifier.
logging RulesetRuleLogging
List parameters to configure how the rule generates logs. Only valid for skip action.
ratelimit RulesetRuleRatelimit
List of parameters that configure HTTP rate limiting behaviour.
ref str
Rule reference.
expression This property is required. String
Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
action String
Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
actionParameters Property Map
List of parameters that configure the behavior of the ruleset rule action.
description String
Brief summary of the ruleset rule and its intended use.
enabled Boolean
Whether the rule is active.
exposedCredentialCheck Property Map
List of parameters that configure exposed credential checks.
id String
Unique rule identifier.
logging Property Map
List parameters to configure how the rule generates logs. Only valid for skip action.
ratelimit Property Map
List of parameters that configure HTTP rate limiting behaviour.
ref String
Rule reference.

RulesetRuleActionParameters
, RulesetRuleActionParametersArgs

AdditionalCacheablePorts List<int>
Specifies uncommon ports to allow cacheable assets to be served from.
Algorithms List<RulesetRuleActionParametersAlgorithm>
Compression algorithms to use in order of preference.
AutomaticHttpsRewrites bool
Turn on or off Cloudflare Automatic HTTPS rewrites.
Autominifies List<RulesetRuleActionParametersAutominify>
Indicate which file extensions to minify automatically.
Bic bool
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
BrowserTtl RulesetRuleActionParametersBrowserTtl
List of browser TTL parameters to apply to the request.
Cache bool
Whether to cache if expression matches.
CacheKey RulesetRuleActionParametersCacheKey
List of cache key parameters to apply to the request.
CacheReserve RulesetRuleActionParametersCacheReserve
List of cache reserve parameters to apply to the request.
Content string
Content of the custom error response.
ContentType string
Content-Type of the custom error response.
CookieFields List<string>
List of cookie values to include as part of custom fields logging.
DisableApps bool
Turn off all active Cloudflare Apps.
DisableRailgun bool
Turn off railgun feature of the Cloudflare Speed app.
DisableRum bool
Turn off RUM feature.
DisableZaraz bool
Turn off zaraz feature.
EdgeTtl RulesetRuleActionParametersEdgeTtl
List of edge TTL parameters to apply to the request.
EmailObfuscation bool
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
Fonts bool
Toggle fonts.
FromList RulesetRuleActionParametersFromList
Use a list to lookup information for the action.
FromValue RulesetRuleActionParametersFromValue
Use a value to lookup information for the action.
Headers List<RulesetRuleActionParametersHeader>
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
HostHeader string
Host Header that request origin receives.
HotlinkProtection bool
Turn on or off the hotlink protection feature.
Id string
Identifier of the action parameter to modify.
Increment int
MatchedData RulesetRuleActionParametersMatchedData
List of properties to configure WAF payload logging.
Mirage bool
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
OpportunisticEncryption bool
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
Origin RulesetRuleActionParametersOrigin
List of properties to change request origin.
OriginCacheControl bool
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
OriginErrorPagePassthru bool
Pass-through error page for origin.
Overrides RulesetRuleActionParametersOverrides
List of override configurations to apply to the ruleset.
Phases List<string>
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
Polish string
Apply options from the Polish feature of the Cloudflare Speed app.
Products List<string>
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
ReadTimeout int
Specifies a maximum timeout for reading content from an origin server.
RequestFields List<string>
List of request headers to include as part of custom fields logging, in lowercase.
RespectStrongEtags bool
Respect strong ETags.
ResponseFields List<string>
List of response headers to include as part of custom fields logging, in lowercase.
Responses List<RulesetRuleActionParametersResponse>
List of parameters that configure the response given to end users.
RocketLoader bool
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
Rules Dictionary<string, string>
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
Ruleset string
Which ruleset ID to target.
Rulesets List<string>
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
SecurityLevel string
Control options for the Security Level feature from the Security app.
ServeStale RulesetRuleActionParametersServeStale
List of serve stale parameters to apply to the request.
ServerSideExcludes bool
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
Sni RulesetRuleActionParametersSni
List of properties to manange Server Name Indication.
Ssl string
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
StatusCode int
HTTP status code of the custom error response.
Sxg bool
Turn on or off the SXG feature.
Uri RulesetRuleActionParametersUri
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
AdditionalCacheablePorts []int
Specifies uncommon ports to allow cacheable assets to be served from.
Algorithms []RulesetRuleActionParametersAlgorithm
Compression algorithms to use in order of preference.
AutomaticHttpsRewrites bool
Turn on or off Cloudflare Automatic HTTPS rewrites.
Autominifies []RulesetRuleActionParametersAutominify
Indicate which file extensions to minify automatically.
Bic bool
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
BrowserTtl RulesetRuleActionParametersBrowserTtl
List of browser TTL parameters to apply to the request.
Cache bool
Whether to cache if expression matches.
CacheKey RulesetRuleActionParametersCacheKey
List of cache key parameters to apply to the request.
CacheReserve RulesetRuleActionParametersCacheReserve
List of cache reserve parameters to apply to the request.
Content string
Content of the custom error response.
ContentType string
Content-Type of the custom error response.
CookieFields []string
List of cookie values to include as part of custom fields logging.
DisableApps bool
Turn off all active Cloudflare Apps.
DisableRailgun bool
Turn off railgun feature of the Cloudflare Speed app.
DisableRum bool
Turn off RUM feature.
DisableZaraz bool
Turn off zaraz feature.
EdgeTtl RulesetRuleActionParametersEdgeTtl
List of edge TTL parameters to apply to the request.
EmailObfuscation bool
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
Fonts bool
Toggle fonts.
FromList RulesetRuleActionParametersFromList
Use a list to lookup information for the action.
FromValue RulesetRuleActionParametersFromValue
Use a value to lookup information for the action.
Headers []RulesetRuleActionParametersHeader
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
HostHeader string
Host Header that request origin receives.
HotlinkProtection bool
Turn on or off the hotlink protection feature.
Id string
Identifier of the action parameter to modify.
Increment int
MatchedData RulesetRuleActionParametersMatchedData
List of properties to configure WAF payload logging.
Mirage bool
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
OpportunisticEncryption bool
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
Origin RulesetRuleActionParametersOrigin
List of properties to change request origin.
OriginCacheControl bool
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
OriginErrorPagePassthru bool
Pass-through error page for origin.
Overrides RulesetRuleActionParametersOverrides
List of override configurations to apply to the ruleset.
Phases []string
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
Polish string
Apply options from the Polish feature of the Cloudflare Speed app.
Products []string
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
ReadTimeout int
Specifies a maximum timeout for reading content from an origin server.
RequestFields []string
List of request headers to include as part of custom fields logging, in lowercase.
RespectStrongEtags bool
Respect strong ETags.
ResponseFields []string
List of response headers to include as part of custom fields logging, in lowercase.
Responses []RulesetRuleActionParametersResponse
List of parameters that configure the response given to end users.
RocketLoader bool
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
Rules map[string]string
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
Ruleset string
Which ruleset ID to target.
Rulesets []string
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
SecurityLevel string
Control options for the Security Level feature from the Security app.
ServeStale RulesetRuleActionParametersServeStale
List of serve stale parameters to apply to the request.
ServerSideExcludes bool
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
Sni RulesetRuleActionParametersSni
List of properties to manange Server Name Indication.
Ssl string
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
StatusCode int
HTTP status code of the custom error response.
Sxg bool
Turn on or off the SXG feature.
Uri RulesetRuleActionParametersUri
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
additionalCacheablePorts List<Integer>
Specifies uncommon ports to allow cacheable assets to be served from.
algorithms List<RulesetRuleActionParametersAlgorithm>
Compression algorithms to use in order of preference.
automaticHttpsRewrites Boolean
Turn on or off Cloudflare Automatic HTTPS rewrites.
autominifies List<RulesetRuleActionParametersAutominify>
Indicate which file extensions to minify automatically.
bic Boolean
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
browserTtl RulesetRuleActionParametersBrowserTtl
List of browser TTL parameters to apply to the request.
cache Boolean
Whether to cache if expression matches.
cacheKey RulesetRuleActionParametersCacheKey
List of cache key parameters to apply to the request.
cacheReserve RulesetRuleActionParametersCacheReserve
List of cache reserve parameters to apply to the request.
content String
Content of the custom error response.
contentType String
Content-Type of the custom error response.
cookieFields List<String>
List of cookie values to include as part of custom fields logging.
disableApps Boolean
Turn off all active Cloudflare Apps.
disableRailgun Boolean
Turn off railgun feature of the Cloudflare Speed app.
disableRum Boolean
Turn off RUM feature.
disableZaraz Boolean
Turn off zaraz feature.
edgeTtl RulesetRuleActionParametersEdgeTtl
List of edge TTL parameters to apply to the request.
emailObfuscation Boolean
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
fonts Boolean
Toggle fonts.
fromList RulesetRuleActionParametersFromList
Use a list to lookup information for the action.
fromValue RulesetRuleActionParametersFromValue
Use a value to lookup information for the action.
headers List<RulesetRuleActionParametersHeader>
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
hostHeader String
Host Header that request origin receives.
hotlinkProtection Boolean
Turn on or off the hotlink protection feature.
id String
Identifier of the action parameter to modify.
increment Integer
matchedData RulesetRuleActionParametersMatchedData
List of properties to configure WAF payload logging.
mirage Boolean
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
opportunisticEncryption Boolean
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
origin RulesetRuleActionParametersOrigin
List of properties to change request origin.
originCacheControl Boolean
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
originErrorPagePassthru Boolean
Pass-through error page for origin.
overrides RulesetRuleActionParametersOverrides
List of override configurations to apply to the ruleset.
phases List<String>
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
polish String
Apply options from the Polish feature of the Cloudflare Speed app.
products List<String>
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
readTimeout Integer
Specifies a maximum timeout for reading content from an origin server.
requestFields List<String>
List of request headers to include as part of custom fields logging, in lowercase.
respectStrongEtags Boolean
Respect strong ETags.
responseFields List<String>
List of response headers to include as part of custom fields logging, in lowercase.
responses List<RulesetRuleActionParametersResponse>
List of parameters that configure the response given to end users.
rocketLoader Boolean
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
rules Map<String,String>
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
ruleset String
Which ruleset ID to target.
rulesets List<String>
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
securityLevel String
Control options for the Security Level feature from the Security app.
serveStale RulesetRuleActionParametersServeStale
List of serve stale parameters to apply to the request.
serverSideExcludes Boolean
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
sni RulesetRuleActionParametersSni
List of properties to manange Server Name Indication.
ssl String
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
statusCode Integer
HTTP status code of the custom error response.
sxg Boolean
Turn on or off the SXG feature.
uri RulesetRuleActionParametersUri
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
additionalCacheablePorts number[]
Specifies uncommon ports to allow cacheable assets to be served from.
algorithms RulesetRuleActionParametersAlgorithm[]
Compression algorithms to use in order of preference.
automaticHttpsRewrites boolean
Turn on or off Cloudflare Automatic HTTPS rewrites.
autominifies RulesetRuleActionParametersAutominify[]
Indicate which file extensions to minify automatically.
bic boolean
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
browserTtl RulesetRuleActionParametersBrowserTtl
List of browser TTL parameters to apply to the request.
cache boolean
Whether to cache if expression matches.
cacheKey RulesetRuleActionParametersCacheKey
List of cache key parameters to apply to the request.
cacheReserve RulesetRuleActionParametersCacheReserve
List of cache reserve parameters to apply to the request.
content string
Content of the custom error response.
contentType string
Content-Type of the custom error response.
cookieFields string[]
List of cookie values to include as part of custom fields logging.
disableApps boolean
Turn off all active Cloudflare Apps.
disableRailgun boolean
Turn off railgun feature of the Cloudflare Speed app.
disableRum boolean
Turn off RUM feature.
disableZaraz boolean
Turn off zaraz feature.
edgeTtl RulesetRuleActionParametersEdgeTtl
List of edge TTL parameters to apply to the request.
emailObfuscation boolean
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
fonts boolean
Toggle fonts.
fromList RulesetRuleActionParametersFromList
Use a list to lookup information for the action.
fromValue RulesetRuleActionParametersFromValue
Use a value to lookup information for the action.
headers RulesetRuleActionParametersHeader[]
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
hostHeader string
Host Header that request origin receives.
hotlinkProtection boolean
Turn on or off the hotlink protection feature.
id string
Identifier of the action parameter to modify.
increment number
matchedData RulesetRuleActionParametersMatchedData
List of properties to configure WAF payload logging.
mirage boolean
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
opportunisticEncryption boolean
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
origin RulesetRuleActionParametersOrigin
List of properties to change request origin.
originCacheControl boolean
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
originErrorPagePassthru boolean
Pass-through error page for origin.
overrides RulesetRuleActionParametersOverrides
List of override configurations to apply to the ruleset.
phases string[]
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
polish string
Apply options from the Polish feature of the Cloudflare Speed app.
products string[]
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
readTimeout number
Specifies a maximum timeout for reading content from an origin server.
requestFields string[]
List of request headers to include as part of custom fields logging, in lowercase.
respectStrongEtags boolean
Respect strong ETags.
responseFields string[]
List of response headers to include as part of custom fields logging, in lowercase.
responses RulesetRuleActionParametersResponse[]
List of parameters that configure the response given to end users.
rocketLoader boolean
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
rules {[key: string]: string}
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
ruleset string
Which ruleset ID to target.
rulesets string[]
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
securityLevel string
Control options for the Security Level feature from the Security app.
serveStale RulesetRuleActionParametersServeStale
List of serve stale parameters to apply to the request.
serverSideExcludes boolean
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
sni RulesetRuleActionParametersSni
List of properties to manange Server Name Indication.
ssl string
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
statusCode number
HTTP status code of the custom error response.
sxg boolean
Turn on or off the SXG feature.
uri RulesetRuleActionParametersUri
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
additional_cacheable_ports Sequence[int]
Specifies uncommon ports to allow cacheable assets to be served from.
algorithms Sequence[RulesetRuleActionParametersAlgorithm]
Compression algorithms to use in order of preference.
automatic_https_rewrites bool
Turn on or off Cloudflare Automatic HTTPS rewrites.
autominifies Sequence[RulesetRuleActionParametersAutominify]
Indicate which file extensions to minify automatically.
bic bool
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
browser_ttl RulesetRuleActionParametersBrowserTtl
List of browser TTL parameters to apply to the request.
cache bool
Whether to cache if expression matches.
cache_key RulesetRuleActionParametersCacheKey
List of cache key parameters to apply to the request.
cache_reserve RulesetRuleActionParametersCacheReserve
List of cache reserve parameters to apply to the request.
content str
Content of the custom error response.
content_type str
Content-Type of the custom error response.
cookie_fields Sequence[str]
List of cookie values to include as part of custom fields logging.
disable_apps bool
Turn off all active Cloudflare Apps.
disable_railgun bool
Turn off railgun feature of the Cloudflare Speed app.
disable_rum bool
Turn off RUM feature.
disable_zaraz bool
Turn off zaraz feature.
edge_ttl RulesetRuleActionParametersEdgeTtl
List of edge TTL parameters to apply to the request.
email_obfuscation bool
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
fonts bool
Toggle fonts.
from_list RulesetRuleActionParametersFromList
Use a list to lookup information for the action.
from_value RulesetRuleActionParametersFromValue
Use a value to lookup information for the action.
headers Sequence[RulesetRuleActionParametersHeader]
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
host_header str
Host Header that request origin receives.
hotlink_protection bool
Turn on or off the hotlink protection feature.
id str
Identifier of the action parameter to modify.
increment int
matched_data RulesetRuleActionParametersMatchedData
List of properties to configure WAF payload logging.
mirage bool
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
opportunistic_encryption bool
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
origin RulesetRuleActionParametersOrigin
List of properties to change request origin.
origin_cache_control bool
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
origin_error_page_passthru bool
Pass-through error page for origin.
overrides RulesetRuleActionParametersOverrides
List of override configurations to apply to the ruleset.
phases Sequence[str]
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
polish str
Apply options from the Polish feature of the Cloudflare Speed app.
products Sequence[str]
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
read_timeout int
Specifies a maximum timeout for reading content from an origin server.
request_fields Sequence[str]
List of request headers to include as part of custom fields logging, in lowercase.
respect_strong_etags bool
Respect strong ETags.
response_fields Sequence[str]
List of response headers to include as part of custom fields logging, in lowercase.
responses Sequence[RulesetRuleActionParametersResponse]
List of parameters that configure the response given to end users.
rocket_loader bool
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
rules Mapping[str, str]
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
ruleset str
Which ruleset ID to target.
rulesets Sequence[str]
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
security_level str
Control options for the Security Level feature from the Security app.
serve_stale RulesetRuleActionParametersServeStale
List of serve stale parameters to apply to the request.
server_side_excludes bool
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
sni RulesetRuleActionParametersSni
List of properties to manange Server Name Indication.
ssl str
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
status_code int
HTTP status code of the custom error response.
sxg bool
Turn on or off the SXG feature.
uri RulesetRuleActionParametersUri
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
additionalCacheablePorts List<Number>
Specifies uncommon ports to allow cacheable assets to be served from.
algorithms List<Property Map>
Compression algorithms to use in order of preference.
automaticHttpsRewrites Boolean
Turn on or off Cloudflare Automatic HTTPS rewrites.
autominifies List<Property Map>
Indicate which file extensions to minify automatically.
bic Boolean
Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
browserTtl Property Map
List of browser TTL parameters to apply to the request.
cache Boolean
Whether to cache if expression matches.
cacheKey Property Map
List of cache key parameters to apply to the request.
cacheReserve Property Map
List of cache reserve parameters to apply to the request.
content String
Content of the custom error response.
contentType String
Content-Type of the custom error response.
cookieFields List<String>
List of cookie values to include as part of custom fields logging.
disableApps Boolean
Turn off all active Cloudflare Apps.
disableRailgun Boolean
Turn off railgun feature of the Cloudflare Speed app.
disableRum Boolean
Turn off RUM feature.
disableZaraz Boolean
Turn off zaraz feature.
edgeTtl Property Map
List of edge TTL parameters to apply to the request.
emailObfuscation Boolean
Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
fonts Boolean
Toggle fonts.
fromList Property Map
Use a list to lookup information for the action.
fromValue Property Map
Use a value to lookup information for the action.
headers List<Property Map>
List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
hostHeader String
Host Header that request origin receives.
hotlinkProtection Boolean
Turn on or off the hotlink protection feature.
id String
Identifier of the action parameter to modify.
increment Number
matchedData Property Map
List of properties to configure WAF payload logging.
mirage Boolean
Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
opportunisticEncryption Boolean
Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
origin Property Map
List of properties to change request origin.
originCacheControl Boolean
Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
originErrorPagePassthru Boolean
Pass-through error page for origin.
overrides Property Map
List of override configurations to apply to the ruleset.
phases List<String>
Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
polish String
Apply options from the Polish feature of the Cloudflare Speed app.
products List<String>
Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
readTimeout Number
Specifies a maximum timeout for reading content from an origin server.
requestFields List<String>
List of request headers to include as part of custom fields logging, in lowercase.
respectStrongEtags Boolean
Respect strong ETags.
responseFields List<String>
List of response headers to include as part of custom fields logging, in lowercase.
responses List<Property Map>
List of parameters that configure the response given to end users.
rocketLoader Boolean
Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
rules Map<String>
Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
ruleset String
Which ruleset ID to target.
rulesets List<String>
List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
securityLevel String
Control options for the Security Level feature from the Security app.
serveStale Property Map
List of serve stale parameters to apply to the request.
serverSideExcludes Boolean
Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
sni Property Map
List of properties to manange Server Name Indication.
ssl String
Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
statusCode Number
HTTP status code of the custom error response.
sxg Boolean
Turn on or off the SXG feature.
uri Property Map
List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.

RulesetRuleActionParametersAlgorithm
, RulesetRuleActionParametersAlgorithmArgs

Name This property is required. string
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none
Name This property is required. string
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none
name This property is required. String
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none
name This property is required. string
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none
name This property is required. str
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none
name This property is required. String
Name of the compression algorithm to use. Available values: zstd, gzip, brotli, auto, default, none

RulesetRuleActionParametersAutominify
, RulesetRuleActionParametersAutominifyArgs

Css bool
CSS minification.
Html bool
HTML minification.
Js bool
JS minification.
Css bool
CSS minification.
Html bool
HTML minification.
Js bool
JS minification.
css Boolean
CSS minification.
html Boolean
HTML minification.
js Boolean
JS minification.
css boolean
CSS minification.
html boolean
HTML minification.
js boolean
JS minification.
css bool
CSS minification.
html bool
HTML minification.
js bool
JS minification.
css Boolean
CSS minification.
html Boolean
HTML minification.
js Boolean
JS minification.

RulesetRuleActionParametersBrowserTtl
, RulesetRuleActionParametersBrowserTtlArgs

Mode This property is required. string
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
Default int
Default browser TTL. This value is required when override_origin is set
Mode This property is required. string
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
Default int
Default browser TTL. This value is required when override_origin is set
mode This property is required. String
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
default_ Integer
Default browser TTL. This value is required when override_origin is set
mode This property is required. string
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
default number
Default browser TTL. This value is required when override_origin is set
mode This property is required. str
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
default int
Default browser TTL. This value is required when override_origin is set
mode This property is required. String
Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
default Number
Default browser TTL. This value is required when override_origin is set

RulesetRuleActionParametersCacheKey
, RulesetRuleActionParametersCacheKeyArgs

CacheByDeviceType bool
Cache by device type.
CacheDeceptionArmor bool
Cache deception armor.
CustomKey RulesetRuleActionParametersCacheKeyCustomKey
Custom key parameters for the request.
IgnoreQueryStringsOrder bool
Ignore query strings order.
CacheByDeviceType bool
Cache by device type.
CacheDeceptionArmor bool
Cache deception armor.
CustomKey RulesetRuleActionParametersCacheKeyCustomKey
Custom key parameters for the request.
IgnoreQueryStringsOrder bool
Ignore query strings order.
cacheByDeviceType Boolean
Cache by device type.
cacheDeceptionArmor Boolean
Cache deception armor.
customKey RulesetRuleActionParametersCacheKeyCustomKey
Custom key parameters for the request.
ignoreQueryStringsOrder Boolean
Ignore query strings order.
cacheByDeviceType boolean
Cache by device type.
cacheDeceptionArmor boolean
Cache deception armor.
customKey RulesetRuleActionParametersCacheKeyCustomKey
Custom key parameters for the request.
ignoreQueryStringsOrder boolean
Ignore query strings order.
cache_by_device_type bool
Cache by device type.
cache_deception_armor bool
Cache deception armor.
custom_key RulesetRuleActionParametersCacheKeyCustomKey
Custom key parameters for the request.
ignore_query_strings_order bool
Ignore query strings order.
cacheByDeviceType Boolean
Cache by device type.
cacheDeceptionArmor Boolean
Cache deception armor.
customKey Property Map
Custom key parameters for the request.
ignoreQueryStringsOrder Boolean
Ignore query strings order.

RulesetRuleActionParametersCacheKeyCustomKey
, RulesetRuleActionParametersCacheKeyCustomKeyArgs

Cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
Cookie parameters for the custom key.
Header RulesetRuleActionParametersCacheKeyCustomKeyHeader
Header parameters for the custom key.
Host RulesetRuleActionParametersCacheKeyCustomKeyHost
Host parameters for the custom key.
QueryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
Query string parameters for the custom key.
User RulesetRuleActionParametersCacheKeyCustomKeyUser
User parameters for the custom key.
Cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
Cookie parameters for the custom key.
Header RulesetRuleActionParametersCacheKeyCustomKeyHeader
Header parameters for the custom key.
Host RulesetRuleActionParametersCacheKeyCustomKeyHost
Host parameters for the custom key.
QueryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
Query string parameters for the custom key.
User RulesetRuleActionParametersCacheKeyCustomKeyUser
User parameters for the custom key.
cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
Cookie parameters for the custom key.
header RulesetRuleActionParametersCacheKeyCustomKeyHeader
Header parameters for the custom key.
host RulesetRuleActionParametersCacheKeyCustomKeyHost
Host parameters for the custom key.
queryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
Query string parameters for the custom key.
user RulesetRuleActionParametersCacheKeyCustomKeyUser
User parameters for the custom key.
cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
Cookie parameters for the custom key.
header RulesetRuleActionParametersCacheKeyCustomKeyHeader
Header parameters for the custom key.
host RulesetRuleActionParametersCacheKeyCustomKeyHost
Host parameters for the custom key.
queryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
Query string parameters for the custom key.
user RulesetRuleActionParametersCacheKeyCustomKeyUser
User parameters for the custom key.
cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
Cookie parameters for the custom key.
header RulesetRuleActionParametersCacheKeyCustomKeyHeader
Header parameters for the custom key.
host RulesetRuleActionParametersCacheKeyCustomKeyHost
Host parameters for the custom key.
query_string RulesetRuleActionParametersCacheKeyCustomKeyQueryString
Query string parameters for the custom key.
user RulesetRuleActionParametersCacheKeyCustomKeyUser
User parameters for the custom key.
cookie Property Map
Cookie parameters for the custom key.
header Property Map
Header parameters for the custom key.
host Property Map
Host parameters for the custom key.
queryString Property Map
Query string parameters for the custom key.
user Property Map
User parameters for the custom key.

RulesetRuleActionParametersCacheKeyCustomKeyCookie
, RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs

CheckPresences List<string>
List of cookies to check for presence in the custom key.
Includes List<string>
List of cookies to include in the custom key.
CheckPresences []string
List of cookies to check for presence in the custom key.
Includes []string
List of cookies to include in the custom key.
checkPresences List<String>
List of cookies to check for presence in the custom key.
includes List<String>
List of cookies to include in the custom key.
checkPresences string[]
List of cookies to check for presence in the custom key.
includes string[]
List of cookies to include in the custom key.
check_presences Sequence[str]
List of cookies to check for presence in the custom key.
includes Sequence[str]
List of cookies to include in the custom key.
checkPresences List<String>
List of cookies to check for presence in the custom key.
includes List<String>
List of cookies to include in the custom key.

RulesetRuleActionParametersCacheKeyCustomKeyHeader
, RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs

CheckPresences List<string>
List of headers to check for presence in the custom key.
Contains Dictionary<string, ImmutableArray<string>>
Dictionary of headers mapping to lists of values to check for presence in the custom key.
ExcludeOrigin bool
Exclude the origin header from the custom key.
Includes List<string>
List of headers to include in the custom key.
CheckPresences []string
List of headers to check for presence in the custom key.
Contains map[string][]string
Dictionary of headers mapping to lists of values to check for presence in the custom key.
ExcludeOrigin bool
Exclude the origin header from the custom key.
Includes []string
List of headers to include in the custom key.
checkPresences List<String>
List of headers to check for presence in the custom key.
contains Map<String,List<String>>
Dictionary of headers mapping to lists of values to check for presence in the custom key.
excludeOrigin Boolean
Exclude the origin header from the custom key.
includes List<String>
List of headers to include in the custom key.
checkPresences string[]
List of headers to check for presence in the custom key.
contains {[key: string]: string[]}
Dictionary of headers mapping to lists of values to check for presence in the custom key.
excludeOrigin boolean
Exclude the origin header from the custom key.
includes string[]
List of headers to include in the custom key.
check_presences Sequence[str]
List of headers to check for presence in the custom key.
contains Mapping[str, Sequence[str]]
Dictionary of headers mapping to lists of values to check for presence in the custom key.
exclude_origin bool
Exclude the origin header from the custom key.
includes Sequence[str]
List of headers to include in the custom key.
checkPresences List<String>
List of headers to check for presence in the custom key.
contains Map<List<String>>
Dictionary of headers mapping to lists of values to check for presence in the custom key.
excludeOrigin Boolean
Exclude the origin header from the custom key.
includes List<String>
List of headers to include in the custom key.

RulesetRuleActionParametersCacheKeyCustomKeyHost
, RulesetRuleActionParametersCacheKeyCustomKeyHostArgs

Resolved bool
Resolve hostname to IP address.
Resolved bool
Resolve hostname to IP address.
resolved Boolean
Resolve hostname to IP address.
resolved boolean
Resolve hostname to IP address.
resolved bool
Resolve hostname to IP address.
resolved Boolean
Resolve hostname to IP address.

RulesetRuleActionParametersCacheKeyCustomKeyQueryString
, RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs

Excludes List<string>
List of query string parameters to exclude from the custom key.
Includes List<string>
List of query string parameters to include in the custom key.
Excludes []string
List of query string parameters to exclude from the custom key.
Includes []string
List of query string parameters to include in the custom key.
excludes List<String>
List of query string parameters to exclude from the custom key.
includes List<String>
List of query string parameters to include in the custom key.
excludes string[]
List of query string parameters to exclude from the custom key.
includes string[]
List of query string parameters to include in the custom key.
excludes Sequence[str]
List of query string parameters to exclude from the custom key.
includes Sequence[str]
List of query string parameters to include in the custom key.
excludes List<String>
List of query string parameters to exclude from the custom key.
includes List<String>
List of query string parameters to include in the custom key.

RulesetRuleActionParametersCacheKeyCustomKeyUser
, RulesetRuleActionParametersCacheKeyCustomKeyUserArgs

DeviceType bool
Add device type to the custom key.
Geo bool
Add geo data to the custom key.
Lang bool
Add language data to the custom key.
DeviceType bool
Add device type to the custom key.
Geo bool
Add geo data to the custom key.
Lang bool
Add language data to the custom key.
deviceType Boolean
Add device type to the custom key.
geo Boolean
Add geo data to the custom key.
lang Boolean
Add language data to the custom key.
deviceType boolean
Add device type to the custom key.
geo boolean
Add geo data to the custom key.
lang boolean
Add language data to the custom key.
device_type bool
Add device type to the custom key.
geo bool
Add geo data to the custom key.
lang bool
Add language data to the custom key.
deviceType Boolean
Add device type to the custom key.
geo Boolean
Add geo data to the custom key.
lang Boolean
Add language data to the custom key.

RulesetRuleActionParametersCacheReserve
, RulesetRuleActionParametersCacheReserveArgs

Eligible This property is required. bool
Determines whether Cloudflare will write the eligible resource to cache reserve.
MinimumFileSize int
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.
Eligible This property is required. bool
Determines whether Cloudflare will write the eligible resource to cache reserve.
MinimumFileSize int
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.
eligible This property is required. Boolean
Determines whether Cloudflare will write the eligible resource to cache reserve.
minimumFileSize Integer
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.
eligible This property is required. boolean
Determines whether Cloudflare will write the eligible resource to cache reserve.
minimumFileSize number
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.
eligible This property is required. bool
Determines whether Cloudflare will write the eligible resource to cache reserve.
minimum_file_size int
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.
eligible This property is required. Boolean
Determines whether Cloudflare will write the eligible resource to cache reserve.
minimumFileSize Number
The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default.

RulesetRuleActionParametersEdgeTtl
, RulesetRuleActionParametersEdgeTtlArgs

Mode This property is required. string
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
Default int
Default edge TTL.
StatusCodeTtls List<RulesetRuleActionParametersEdgeTtlStatusCodeTtl>
Edge TTL for the status codes.
Mode This property is required. string
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
Default int
Default edge TTL.
StatusCodeTtls []RulesetRuleActionParametersEdgeTtlStatusCodeTtl
Edge TTL for the status codes.
mode This property is required. String
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
default_ Integer
Default edge TTL.
statusCodeTtls List<RulesetRuleActionParametersEdgeTtlStatusCodeTtl>
Edge TTL for the status codes.
mode This property is required. string
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
default number
Default edge TTL.
statusCodeTtls RulesetRuleActionParametersEdgeTtlStatusCodeTtl[]
Edge TTL for the status codes.
mode This property is required. str
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
default int
Default edge TTL.
status_code_ttls Sequence[RulesetRuleActionParametersEdgeTtlStatusCodeTtl]
Edge TTL for the status codes.
mode This property is required. String
Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
default Number
Default edge TTL.
statusCodeTtls List<Property Map>
Edge TTL for the status codes.

RulesetRuleActionParametersEdgeTtlStatusCodeTtl
, RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs

StatusCode int
Status code for which the edge TTL is applied.
StatusCodeRanges List<RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange>
Status code range for which the edge TTL is applied.
Value int
Status code edge TTL value.
StatusCode int
Status code for which the edge TTL is applied.
StatusCodeRanges []RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange
Status code range for which the edge TTL is applied.
Value int
Status code edge TTL value.
statusCode Integer
Status code for which the edge TTL is applied.
statusCodeRanges List<RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange>
Status code range for which the edge TTL is applied.
value Integer
Status code edge TTL value.
statusCode number
Status code for which the edge TTL is applied.
statusCodeRanges RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange[]
Status code range for which the edge TTL is applied.
value number
Status code edge TTL value.
status_code int
Status code for which the edge TTL is applied.
status_code_ranges Sequence[RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange]
Status code range for which the edge TTL is applied.
value int
Status code edge TTL value.
statusCode Number
Status code for which the edge TTL is applied.
statusCodeRanges List<Property Map>
Status code range for which the edge TTL is applied.
value Number
Status code edge TTL value.

RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange
, RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs

From int
From status code.
To int
To status code.
From int
From status code.
To int
To status code.
from Integer
From status code.
to Integer
To status code.
from number
From status code.
to number
To status code.
from_ int
From status code.
to int
To status code.
from Number
From status code.
to Number
To status code.

RulesetRuleActionParametersFromList
, RulesetRuleActionParametersFromListArgs

Key string
Expression to use for the list lookup.
Name string
Name of the list.
Key string
Expression to use for the list lookup.
Name string
Name of the list.
key String
Expression to use for the list lookup.
name String
Name of the list.
key string
Expression to use for the list lookup.
name string
Name of the list.
key str
Expression to use for the list lookup.
name str
Name of the list.
key String
Expression to use for the list lookup.
name String
Name of the list.

RulesetRuleActionParametersFromValue
, RulesetRuleActionParametersFromValueArgs

PreserveQueryString bool
Preserve query string for redirect URL.
StatusCode int
Status code for redirect.
TargetUrl RulesetRuleActionParametersFromValueTargetUrl
Target URL for redirect.
PreserveQueryString bool
Preserve query string for redirect URL.
StatusCode int
Status code for redirect.
TargetUrl RulesetRuleActionParametersFromValueTargetUrl
Target URL for redirect.
preserveQueryString Boolean
Preserve query string for redirect URL.
statusCode Integer
Status code for redirect.
targetUrl RulesetRuleActionParametersFromValueTargetUrl
Target URL for redirect.
preserveQueryString boolean
Preserve query string for redirect URL.
statusCode number
Status code for redirect.
targetUrl RulesetRuleActionParametersFromValueTargetUrl
Target URL for redirect.
preserve_query_string bool
Preserve query string for redirect URL.
status_code int
Status code for redirect.
target_url RulesetRuleActionParametersFromValueTargetUrl
Target URL for redirect.
preserveQueryString Boolean
Preserve query string for redirect URL.
statusCode Number
Status code for redirect.
targetUrl Property Map
Target URL for redirect.

RulesetRuleActionParametersFromValueTargetUrl
, RulesetRuleActionParametersFromValueTargetUrlArgs

Expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static value to provide as the HTTP request header value.
Expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static value to provide as the HTTP request header value.
expression String
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static value to provide as the HTTP request header value.
expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value string
Static value to provide as the HTTP request header value.
expression str
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value str
Static value to provide as the HTTP request header value.
expression String
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static value to provide as the HTTP request header value.

RulesetRuleActionParametersHeader
, RulesetRuleActionParametersHeaderArgs

Expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Name string
Name of the HTTP request header to target.
Operation string
Action to perform on the HTTP request header. Available values: remove, set, add.
Value string
Static value to provide as the HTTP request header value.
Expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Name string
Name of the HTTP request header to target.
Operation string
Action to perform on the HTTP request header. Available values: remove, set, add.
Value string
Static value to provide as the HTTP request header value.
expression String
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
name String
Name of the HTTP request header to target.
operation String
Action to perform on the HTTP request header. Available values: remove, set, add.
value String
Static value to provide as the HTTP request header value.
expression string
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
name string
Name of the HTTP request header to target.
operation string
Action to perform on the HTTP request header. Available values: remove, set, add.
value string
Static value to provide as the HTTP request header value.
expression str
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
name str
Name of the HTTP request header to target.
operation str
Action to perform on the HTTP request header. Available values: remove, set, add.
value str
Static value to provide as the HTTP request header value.
expression String
Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
name String
Name of the HTTP request header to target.
operation String
Action to perform on the HTTP request header. Available values: remove, set, add.
value String
Static value to provide as the HTTP request header value.

RulesetRuleActionParametersMatchedData
, RulesetRuleActionParametersMatchedDataArgs

PublicKey string
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
PublicKey string
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
publicKey String
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
publicKey string
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
public_key str
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
publicKey String
Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.

RulesetRuleActionParametersOrigin
, RulesetRuleActionParametersOriginArgs

Host string
Origin Hostname where request is sent.
Port int
Origin Port where request is sent.
Host string
Origin Hostname where request is sent.
Port int
Origin Port where request is sent.
host String
Origin Hostname where request is sent.
port Integer
Origin Port where request is sent.
host string
Origin Hostname where request is sent.
port number
Origin Port where request is sent.
host str
Origin Hostname where request is sent.
port int
Origin Port where request is sent.
host String
Origin Hostname where request is sent.
port Number
Origin Port where request is sent.

RulesetRuleActionParametersOverrides
, RulesetRuleActionParametersOverridesArgs

Action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Categories List<RulesetRuleActionParametersOverridesCategory>
List of tag-based overrides.
Enabled bool
Defines if the current ruleset-level override enables or disables the ruleset.
Rules List<RulesetRuleActionParametersOverridesRule>
List of rule-based overrides.
SensitivityLevel string
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
Action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Categories []RulesetRuleActionParametersOverridesCategory
List of tag-based overrides.
Enabled bool
Defines if the current ruleset-level override enables or disables the ruleset.
Rules []RulesetRuleActionParametersOverridesRule
List of rule-based overrides.
SensitivityLevel string
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
action String
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
categories List<RulesetRuleActionParametersOverridesCategory>
List of tag-based overrides.
enabled Boolean
Defines if the current ruleset-level override enables or disables the ruleset.
rules List<RulesetRuleActionParametersOverridesRule>
List of rule-based overrides.
sensitivityLevel String
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
categories RulesetRuleActionParametersOverridesCategory[]
List of tag-based overrides.
enabled boolean
Defines if the current ruleset-level override enables or disables the ruleset.
rules RulesetRuleActionParametersOverridesRule[]
List of rule-based overrides.
sensitivityLevel string
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
action str
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
categories Sequence[RulesetRuleActionParametersOverridesCategory]
List of tag-based overrides.
enabled bool
Defines if the current ruleset-level override enables or disables the ruleset.
rules Sequence[RulesetRuleActionParametersOverridesRule]
List of rule-based overrides.
sensitivity_level str
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
action String
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
categories List<Property Map>
List of tag-based overrides.
enabled Boolean
Defines if the current ruleset-level override enables or disables the ruleset.
rules List<Property Map>
List of rule-based overrides.
sensitivityLevel String
Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.

RulesetRuleActionParametersOverridesCategory
, RulesetRuleActionParametersOverridesCategoryArgs

Action string
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Category string
Tag name to apply the ruleset rule override to.
Enabled bool
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
Action string
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Category string
Tag name to apply the ruleset rule override to.
Enabled bool
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
action String
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
category String
Tag name to apply the ruleset rule override to.
enabled Boolean
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
action string
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
category string
Tag name to apply the ruleset rule override to.
enabled boolean
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
action str
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
category str
Tag name to apply the ruleset rule override to.
enabled bool
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
action String
Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
category String
Tag name to apply the ruleset rule override to.
enabled Boolean
Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.

RulesetRuleActionParametersOverridesRule
, RulesetRuleActionParametersOverridesRuleArgs

Action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Enabled bool
Defines if the current rule-level override enables or disables the rule.
Id string
Rule ID to apply the override to.
ScoreThreshold int
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
SensitivityLevel string
Sensitivity level for a ruleset rule override.
Action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
Enabled bool
Defines if the current rule-level override enables or disables the rule.
Id string
Rule ID to apply the override to.
ScoreThreshold int
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
SensitivityLevel string
Sensitivity level for a ruleset rule override.
action String
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
enabled Boolean
Defines if the current rule-level override enables or disables the rule.
id String
Rule ID to apply the override to.
scoreThreshold Integer
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
sensitivityLevel String
Sensitivity level for a ruleset rule override.
action string
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
enabled boolean
Defines if the current rule-level override enables or disables the rule.
id string
Rule ID to apply the override to.
scoreThreshold number
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
sensitivityLevel string
Sensitivity level for a ruleset rule override.
action str
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
enabled bool
Defines if the current rule-level override enables or disables the rule.
id str
Rule ID to apply the override to.
score_threshold int
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
sensitivity_level str
Sensitivity level for a ruleset rule override.
action String
Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
enabled Boolean
Defines if the current rule-level override enables or disables the rule.
id String
Rule ID to apply the override to.
scoreThreshold Number
Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
sensitivityLevel String
Sensitivity level for a ruleset rule override.

RulesetRuleActionParametersResponse
, RulesetRuleActionParametersResponseArgs

Content string
Body content to include in the response.
ContentType string
HTTP content type to send in the response.
StatusCode int
HTTP status code to send in the response.
Content string
Body content to include in the response.
ContentType string
HTTP content type to send in the response.
StatusCode int
HTTP status code to send in the response.
content String
Body content to include in the response.
contentType String
HTTP content type to send in the response.
statusCode Integer
HTTP status code to send in the response.
content string
Body content to include in the response.
contentType string
HTTP content type to send in the response.
statusCode number
HTTP status code to send in the response.
content str
Body content to include in the response.
content_type str
HTTP content type to send in the response.
status_code int
HTTP status code to send in the response.
content String
Body content to include in the response.
contentType String
HTTP content type to send in the response.
statusCode Number
HTTP status code to send in the response.

RulesetRuleActionParametersServeStale
, RulesetRuleActionParametersServeStaleArgs

DisableStaleWhileUpdating bool
Disable stale while updating.
DisableStaleWhileUpdating bool
Disable stale while updating.
disableStaleWhileUpdating Boolean
Disable stale while updating.
disableStaleWhileUpdating boolean
Disable stale while updating.
disable_stale_while_updating bool
Disable stale while updating.
disableStaleWhileUpdating Boolean
Disable stale while updating.

RulesetRuleActionParametersSni
, RulesetRuleActionParametersSniArgs

Value string
Value to define for SNI.
Value string
Value to define for SNI.
value String
Value to define for SNI.
value string
Value to define for SNI.
value str
Value to define for SNI.
value String
Value to define for SNI.

RulesetRuleActionParametersUri
, RulesetRuleActionParametersUriArgs

Origin bool
Path RulesetRuleActionParametersUriPath
URI path configuration when performing a URL rewrite.
Query RulesetRuleActionParametersUriQuery
Query string configuration when performing a URL rewrite.
Origin bool
Path RulesetRuleActionParametersUriPath
URI path configuration when performing a URL rewrite.
Query RulesetRuleActionParametersUriQuery
Query string configuration when performing a URL rewrite.
origin Boolean
path RulesetRuleActionParametersUriPath
URI path configuration when performing a URL rewrite.
query RulesetRuleActionParametersUriQuery
Query string configuration when performing a URL rewrite.
origin boolean
path RulesetRuleActionParametersUriPath
URI path configuration when performing a URL rewrite.
query RulesetRuleActionParametersUriQuery
Query string configuration when performing a URL rewrite.
origin bool
path RulesetRuleActionParametersUriPath
URI path configuration when performing a URL rewrite.
query RulesetRuleActionParametersUriQuery
Query string configuration when performing a URL rewrite.
origin Boolean
path Property Map
URI path configuration when performing a URL rewrite.
query Property Map
Query string configuration when performing a URL rewrite.

RulesetRuleActionParametersUriPath
, RulesetRuleActionParametersUriPathArgs

Expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static string value of the updated URI path or query string component.
Expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static string value of the updated URI path or query string component.
expression String
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static string value of the updated URI path or query string component.
expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value string
Static string value of the updated URI path or query string component.
expression str
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value str
Static string value of the updated URI path or query string component.
expression String
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static string value of the updated URI path or query string component.

RulesetRuleActionParametersUriQuery
, RulesetRuleActionParametersUriQueryArgs

Expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static string value of the updated URI path or query string component.
Expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
Value string
Static string value of the updated URI path or query string component.
expression String
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static string value of the updated URI path or query string component.
expression string
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value string
Static string value of the updated URI path or query string component.
expression str
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value str
Static string value of the updated URI path or query string component.
expression String
Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
value String
Static string value of the updated URI path or query string component.

RulesetRuleExposedCredentialCheck
, RulesetRuleExposedCredentialCheckArgs

PasswordExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
UsernameExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
PasswordExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
UsernameExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
passwordExpression String
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
usernameExpression String
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
passwordExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
usernameExpression string
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
password_expression str
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
username_expression str
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
passwordExpression String
Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
usernameExpression String
Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.

RulesetRuleLogging
, RulesetRuleLoggingArgs

Enabled bool
Override the default logging behavior when a rule is matched.
Enabled bool
Override the default logging behavior when a rule is matched.
enabled Boolean
Override the default logging behavior when a rule is matched.
enabled boolean
Override the default logging behavior when a rule is matched.
enabled bool
Override the default logging behavior when a rule is matched.
enabled Boolean
Override the default logging behavior when a rule is matched.

RulesetRuleRatelimit
, RulesetRuleRatelimitArgs

Characteristics List<string>
List of parameters that define how Cloudflare tracks the request rate for this rule.
CountingExpression string
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
MitigationTimeout int
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
Period int
The period of time to consider (in seconds) when evaluating the request rate.
RequestsPerPeriod int
The number of requests over the period of time that will trigger the Rate Limiting rule.
RequestsToOrigin bool
Whether to include requests to origin within the Rate Limiting count.
ScorePerPeriod int
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
ScoreResponseHeaderName string
Name of HTTP header in the response, set by the origin server, with the score for the current request.
Characteristics []string
List of parameters that define how Cloudflare tracks the request rate for this rule.
CountingExpression string
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
MitigationTimeout int
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
Period int
The period of time to consider (in seconds) when evaluating the request rate.
RequestsPerPeriod int
The number of requests over the period of time that will trigger the Rate Limiting rule.
RequestsToOrigin bool
Whether to include requests to origin within the Rate Limiting count.
ScorePerPeriod int
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
ScoreResponseHeaderName string
Name of HTTP header in the response, set by the origin server, with the score for the current request.
characteristics List<String>
List of parameters that define how Cloudflare tracks the request rate for this rule.
countingExpression String
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
mitigationTimeout Integer
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
period Integer
The period of time to consider (in seconds) when evaluating the request rate.
requestsPerPeriod Integer
The number of requests over the period of time that will trigger the Rate Limiting rule.
requestsToOrigin Boolean
Whether to include requests to origin within the Rate Limiting count.
scorePerPeriod Integer
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
scoreResponseHeaderName String
Name of HTTP header in the response, set by the origin server, with the score for the current request.
characteristics string[]
List of parameters that define how Cloudflare tracks the request rate for this rule.
countingExpression string
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
mitigationTimeout number
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
period number
The period of time to consider (in seconds) when evaluating the request rate.
requestsPerPeriod number
The number of requests over the period of time that will trigger the Rate Limiting rule.
requestsToOrigin boolean
Whether to include requests to origin within the Rate Limiting count.
scorePerPeriod number
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
scoreResponseHeaderName string
Name of HTTP header in the response, set by the origin server, with the score for the current request.
characteristics Sequence[str]
List of parameters that define how Cloudflare tracks the request rate for this rule.
counting_expression str
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
mitigation_timeout int
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
period int
The period of time to consider (in seconds) when evaluating the request rate.
requests_per_period int
The number of requests over the period of time that will trigger the Rate Limiting rule.
requests_to_origin bool
Whether to include requests to origin within the Rate Limiting count.
score_per_period int
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
score_response_header_name str
Name of HTTP header in the response, set by the origin server, with the score for the current request.
characteristics List<String>
List of parameters that define how Cloudflare tracks the request rate for this rule.
countingExpression String
Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
mitigationTimeout Number
Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
period Number
The period of time to consider (in seconds) when evaluating the request rate.
requestsPerPeriod Number
The number of requests over the period of time that will trigger the Rate Limiting rule.
requestsToOrigin Boolean
Whether to include requests to origin within the Rate Limiting count.
scorePerPeriod Number
The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
scoreResponseHeaderName String
Name of HTTP header in the response, set by the origin server, with the score for the current request.

Import

Import an account scoped Ruleset configuration.

$ pulumi import cloudflare:index/ruleset:Ruleset example account/<account_id>/<ruleset_id>
Copy

Import a zone scoped Ruleset configuration.

$ pulumi import cloudflare:index/ruleset:Ruleset example zone/<zone_id>/<ruleset_id>
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Cloudflare pulumi/pulumi-cloudflare
License
Apache-2.0
Notes
This Pulumi package is based on the cloudflare Terraform Provider.
Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare