Docs
PackagesCloudflare v5.26.0 published on Wednesday, Apr 17, 2024 by Pulumi
cloudflare.RateLimit
Explore with Pulumi AI
Provides a Cloudflare rate limit resource for a given zone. This can be used to limit the traffic you receive zone-wide, or matching more specific types of requests/responses.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const example = new cloudflare.RateLimit("example", {
action: {
mode: "simulate",
response: {
body: "custom response body",
contentType: "text/plain",
},
timeout: 43200,
},
bypassUrlPatterns: [
"example.com/bypass1",
"example.com/bypass2",
],
correlate: {
by: "nat",
},
description: "example rate limit for a zone",
disabled: false,
match: {
request: {
methods: [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
],
schemes: [
"HTTP",
"HTTPS",
],
urlPattern: `${_var.cloudflare_zone}/*`,
},
response: {
headers: [
{
name: "Host",
op: "eq",
value: "localhost",
},
{
name: "X-Example",
op: "ne",
value: "my-example",
},
],
originTraffic: false,
statuses: [
200,
201,
202,
301,
429,
],
},
},
period: 2,
threshold: 2000,
zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
});
import pulumi
import pulumi_cloudflare as cloudflare
example = cloudflare.RateLimit("example",
action=cloudflare.RateLimitActionArgs(
mode="simulate",
response=cloudflare.RateLimitActionResponseArgs(
body="custom response body",
content_type="text/plain",
),
timeout=43200,
),
bypass_url_patterns=[
"example.com/bypass1",
"example.com/bypass2",
],
correlate=cloudflare.RateLimitCorrelateArgs(
by="nat",
),
description="example rate limit for a zone",
disabled=False,
match=cloudflare.RateLimitMatchArgs(
request=cloudflare.RateLimitMatchRequestArgs(
methods=[
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
],
schemes=[
"HTTP",
"HTTPS",
],
url_pattern=f"{var['cloudflare_zone']}/*",
),
response=cloudflare.RateLimitMatchResponseArgs(
headers=[
{
"name": "Host",
"op": "eq",
"value": "localhost",
},
{
"name": "X-Example",
"op": "ne",
"value": "my-example",
},
],
origin_traffic=False,
statuses=[
200,
201,
202,
301,
429,
],
),
),
period=2,
threshold=2000,
zone_id="0da42c8d2132a9ddaf714f9e7c920711")
package main
import (
"fmt"
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewRateLimit(ctx, "example", &cloudflare.RateLimitArgs{
Action: &cloudflare.RateLimitActionArgs{
Mode: pulumi.String("simulate"),
Response: &cloudflare.RateLimitActionResponseArgs{
Body: pulumi.String("custom response body"),
ContentType: pulumi.String("text/plain"),
},
Timeout: pulumi.Int(43200),
},
BypassUrlPatterns: pulumi.StringArray{
pulumi.String("example.com/bypass1"),
pulumi.String("example.com/bypass2"),
},
Correlate: &cloudflare.RateLimitCorrelateArgs{
By: pulumi.String("nat"),
},
Description: pulumi.String("example rate limit for a zone"),
Disabled: pulumi.Bool(false),
Match: &cloudflare.RateLimitMatchArgs{
Request: &cloudflare.RateLimitMatchRequestArgs{
Methods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("POST"),
pulumi.String("PUT"),
pulumi.String("DELETE"),
pulumi.String("PATCH"),
pulumi.String("HEAD"),
},
Schemes: pulumi.StringArray{
pulumi.String("HTTP"),
pulumi.String("HTTPS"),
},
UrlPattern: pulumi.String(fmt.Sprintf("%v/*", _var.Cloudflare_zone)),
},
Response: &cloudflare.RateLimitMatchResponseArgs{
Headers: pulumi.StringMapArray{
pulumi.StringMap{
"name": pulumi.String("Host"),
"op": pulumi.String("eq"),
"value": pulumi.String("localhost"),
},
pulumi.StringMap{
"name": pulumi.String("X-Example"),
"op": pulumi.String("ne"),
"value": pulumi.String("my-example"),
},
},
OriginTraffic: pulumi.Bool(false),
Statuses: pulumi.IntArray{
pulumi.Int(200),
pulumi.Int(201),
pulumi.Int(202),
pulumi.Int(301),
pulumi.Int(429),
},
},
},
Period: pulumi.Int(2),
Threshold: pulumi.Int(2000),
ZoneId: pulumi.String("0da42c8d2132a9ddaf714f9e7c920711"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var example = new Cloudflare.RateLimit("example", new()
{
Action = new Cloudflare.Inputs.RateLimitActionArgs
{
Mode = "simulate",
Response = new Cloudflare.Inputs.RateLimitActionResponseArgs
{
Body = "custom response body",
ContentType = "text/plain",
},
Timeout = 43200,
},
BypassUrlPatterns = new[]
{
"example.com/bypass1",
"example.com/bypass2",
},
Correlate = new Cloudflare.Inputs.RateLimitCorrelateArgs
{
By = "nat",
},
Description = "example rate limit for a zone",
Disabled = false,
Match = new Cloudflare.Inputs.RateLimitMatchArgs
{
Request = new Cloudflare.Inputs.RateLimitMatchRequestArgs
{
Methods = new[]
{
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
},
Schemes = new[]
{
"HTTP",
"HTTPS",
},
UrlPattern = $"{@var.Cloudflare_zone}/*",
},
Response = new Cloudflare.Inputs.RateLimitMatchResponseArgs
{
Headers = new[]
{
{
{ "name", "Host" },
{ "op", "eq" },
{ "value", "localhost" },
},
{
{ "name", "X-Example" },
{ "op", "ne" },
{ "value", "my-example" },
},
},
OriginTraffic = false,
Statuses = new[]
{
200,
201,
202,
301,
429,
},
},
},
Period = 2,
Threshold = 2000,
ZoneId = "0da42c8d2132a9ddaf714f9e7c920711",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.RateLimit;
import com.pulumi.cloudflare.RateLimitArgs;
import com.pulumi.cloudflare.inputs.RateLimitActionArgs;
import com.pulumi.cloudflare.inputs.RateLimitActionResponseArgs;
import com.pulumi.cloudflare.inputs.RateLimitCorrelateArgs;
import com.pulumi.cloudflare.inputs.RateLimitMatchArgs;
import com.pulumi.cloudflare.inputs.RateLimitMatchRequestArgs;
import com.pulumi.cloudflare.inputs.RateLimitMatchResponseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new RateLimit("example", RateLimitArgs.builder()
.action(RateLimitActionArgs.builder()
.mode("simulate")
.response(RateLimitActionResponseArgs.builder()
.body("custom response body")
.contentType("text/plain")
.build())
.timeout(43200)
.build())
.bypassUrlPatterns(
"example.com/bypass1",
"example.com/bypass2")
.correlate(RateLimitCorrelateArgs.builder()
.by("nat")
.build())
.description("example rate limit for a zone")
.disabled(false)
.match(RateLimitMatchArgs.builder()
.request(RateLimitMatchRequestArgs.builder()
.methods(
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD")
.schemes(
"HTTP",
"HTTPS")
.urlPattern(String.format("%s/*", var_.cloudflare_zone()))
.build())
.response(RateLimitMatchResponseArgs.builder()
.headers(
Map.ofEntries(
Map.entry("name", "Host"),
Map.entry("op", "eq"),
Map.entry("value", "localhost")
),
Map.ofEntries(
Map.entry("name", "X-Example"),
Map.entry("op", "ne"),
Map.entry("value", "my-example")
))
.originTraffic(false)
.statuses(
200,
201,
202,
301,
429)
.build())
.build())
.period(2)
.threshold(2000)
.zoneId("0da42c8d2132a9ddaf714f9e7c920711")
.build());
}
}
resources:
example:
type: cloudflare:RateLimit
properties:
action:
mode: simulate
response:
body: custom response body
contentType: text/plain
timeout: 43200
bypassUrlPatterns:
- example.com/bypass1
- example.com/bypass2
correlate:
by: nat
description: example rate limit for a zone
disabled: false
match:
request:
methods:
- GET
- POST
- PUT
- DELETE
- PATCH
- HEAD
schemes:
- HTTP
- HTTPS
urlPattern: ${var.cloudflare_zone}/*
response:
headers:
- name: Host
op: eq
value: localhost
- name: X-Example
op: ne
value: my-example
originTraffic: false
statuses:
- 200
- 201
- 202
- 301
- 429
period: 2
threshold: 2000
zoneId: 0da42c8d2132a9ddaf714f9e7c920711
Create RateLimit Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RateLimit(name: string, args: RateLimitArgs, opts?: CustomResourceOptions);@overload
def RateLimit(resource_name: str,
args: RateLimitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RateLimit(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[RateLimitActionArgs] = None,
period: Optional[int] = None,
threshold: Optional[int] = None,
zone_id: Optional[str] = None,
bypass_url_patterns: Optional[Sequence[str]] = None,
correlate: Optional[RateLimitCorrelateArgs] = None,
description: Optional[str] = None,
disabled: Optional[bool] = None,
match: Optional[RateLimitMatchArgs] = None)func NewRateLimit(ctx *Context, name string, args RateLimitArgs, opts ...ResourceOption) (*RateLimit, error)public RateLimit(string name, RateLimitArgs args, CustomResourceOptions? opts = null)
public RateLimit(String name, RateLimitArgs args)
public RateLimit(String name, RateLimitArgs args, CustomResourceOptions options)
type: cloudflare:RateLimit
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RateLimitArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RateLimitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RateLimitArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RateLimitArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RateLimitArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var rateLimitResource = new Cloudflare.RateLimit("rateLimitResource", new()
{
Action = new Cloudflare.Inputs.RateLimitActionArgs
{
Mode = "string",
Response = new Cloudflare.Inputs.RateLimitActionResponseArgs
{
Body = "string",
ContentType = "string",
},
Timeout = 0,
},
Period = 0,
Threshold = 0,
ZoneId = "string",
BypassUrlPatterns = new[]
{
"string",
},
Correlate = new Cloudflare.Inputs.RateLimitCorrelateArgs
{
By = "string",
},
Description = "string",
Disabled = false,
Match = new Cloudflare.Inputs.RateLimitMatchArgs
{
Request = new Cloudflare.Inputs.RateLimitMatchRequestArgs
{
Methods = new[]
{
"string",
},
Schemes = new[]
{
"string",
},
UrlPattern = "string",
},
Response = new Cloudflare.Inputs.RateLimitMatchResponseArgs
{
Headers = new[]
{
{
{ "string", "string" },
},
},
OriginTraffic = false,
Statuses = new[]
{
0,
},
},
},
});
example, err := cloudflare.NewRateLimit(ctx, "rateLimitResource", &cloudflare.RateLimitArgs{
Action: &cloudflare.RateLimitActionArgs{
Mode: pulumi.String("string"),
Response: &cloudflare.RateLimitActionResponseArgs{
Body: pulumi.String("string"),
ContentType: pulumi.String("string"),
},
Timeout: pulumi.Int(0),
},
Period: pulumi.Int(0),
Threshold: pulumi.Int(0),
ZoneId: pulumi.String("string"),
BypassUrlPatterns: pulumi.StringArray{
pulumi.String("string"),
},
Correlate: &cloudflare.RateLimitCorrelateArgs{
By: pulumi.String("string"),
},
Description: pulumi.String("string"),
Disabled: pulumi.Bool(false),
Match: &cloudflare.RateLimitMatchArgs{
Request: &cloudflare.RateLimitMatchRequestArgs{
Methods: pulumi.StringArray{
pulumi.String("string"),
},
Schemes: pulumi.StringArray{
pulumi.String("string"),
},
UrlPattern: pulumi.String("string"),
},
Response: &cloudflare.RateLimitMatchResponseArgs{
Headers: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
OriginTraffic: pulumi.Bool(false),
Statuses: pulumi.IntArray{
pulumi.Int(0),
},
},
},
})
var rateLimitResource = new RateLimit("rateLimitResource", RateLimitArgs.builder()
.action(RateLimitActionArgs.builder()
.mode("string")
.response(RateLimitActionResponseArgs.builder()
.body("string")
.contentType("string")
.build())
.timeout(0)
.build())
.period(0)
.threshold(0)
.zoneId("string")
.bypassUrlPatterns("string")
.correlate(RateLimitCorrelateArgs.builder()
.by("string")
.build())
.description("string")
.disabled(false)
.match(RateLimitMatchArgs.builder()
.request(RateLimitMatchRequestArgs.builder()
.methods("string")
.schemes("string")
.urlPattern("string")
.build())
.response(RateLimitMatchResponseArgs.builder()
.headers(Map.of("string", "string"))
.originTraffic(false)
.statuses(0)
.build())
.build())
.build());
rate_limit_resource = cloudflare.RateLimit("rateLimitResource",
action=cloudflare.RateLimitActionArgs(
mode="string",
response=cloudflare.RateLimitActionResponseArgs(
body="string",
content_type="string",
),
timeout=0,
),
period=0,
threshold=0,
zone_id="string",
bypass_url_patterns=["string"],
correlate=cloudflare.RateLimitCorrelateArgs(
by="string",
),
description="string",
disabled=False,
match=cloudflare.RateLimitMatchArgs(
request=cloudflare.RateLimitMatchRequestArgs(
methods=["string"],
schemes=["string"],
url_pattern="string",
),
response=cloudflare.RateLimitMatchResponseArgs(
headers=[{
"string": "string",
}],
origin_traffic=False,
statuses=[0],
),
))
const rateLimitResource = new cloudflare.RateLimit("rateLimitResource", {
action: {
mode: "string",
response: {
body: "string",
contentType: "string",
},
timeout: 0,
},
period: 0,
threshold: 0,
zoneId: "string",
bypassUrlPatterns: ["string"],
correlate: {
by: "string",
},
description: "string",
disabled: false,
match: {
request: {
methods: ["string"],
schemes: ["string"],
urlPattern: "string",
},
response: {
headers: [{
string: "string",
}],
originTraffic: false,
statuses: [0],
},
},
});
type: cloudflare:RateLimit
properties:
action:
mode: string
response:
body: string
contentType: string
timeout: 0
bypassUrlPatterns:
- string
correlate:
by: string
description: string
disabled: false
match:
request:
methods:
- string
schemes:
- string
urlPattern: string
response:
headers:
- string: string
originTraffic: false
statuses:
- 0
period: 0
threshold: 0
zoneId: string
RateLimit Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RateLimit resource accepts the following input properties:
- Action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- Period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- Threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- Zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Bypass
Url List<string>Patterns - Correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- Description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- Disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - Match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- Action
Rate
Limit Action Args - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- Period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- Threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- Zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Bypass
Url []stringPatterns - Correlate
Rate
Limit Correlate Args - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- Description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- Disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - Match
Rate
Limit Match Args - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- period Integer
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold Integer
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id String - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- bypass
Url List<String>Patterns - correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description String
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled Boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- period number
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold number
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- bypass
Url string[]Patterns - correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- action
Rate
Limit Action Args - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- zone_
id str - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- bypass_
url_ Sequence[str]patterns - correlate
Rate
Limit Correlate Args - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description str
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match Args - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- action Property Map
- The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- period Number
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold Number
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id String - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- bypass
Url List<String>Patterns - correlate Property Map
- Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description String
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled Boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match Property Map
- Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
Outputs
All input properties are implicitly available as output properties. Additionally, the RateLimit resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RateLimit Resource
Get an existing RateLimit resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RateLimitState, opts?: CustomResourceOptions): RateLimit@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[RateLimitActionArgs] = None,
bypass_url_patterns: Optional[Sequence[str]] = None,
correlate: Optional[RateLimitCorrelateArgs] = None,
description: Optional[str] = None,
disabled: Optional[bool] = None,
match: Optional[RateLimitMatchArgs] = None,
period: Optional[int] = None,
threshold: Optional[int] = None,
zone_id: Optional[str] = None) -> RateLimitfunc GetRateLimit(ctx *Context, name string, id IDInput, state *RateLimitState, opts ...ResourceOption) (*RateLimit, error)public static RateLimit Get(string name, Input<string> id, RateLimitState? state, CustomResourceOptions? opts = null)public static RateLimit get(String name, Output<String> id, RateLimitState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- Bypass
Url List<string>Patterns - Correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- Description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- Disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - Match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- Period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- Threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- Zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Action
Rate
Limit Action Args - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- Bypass
Url []stringPatterns - Correlate
Rate
Limit Correlate Args - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- Description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- Disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - Match
Rate
Limit Match Args - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- Period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- Threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- Zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- bypass
Url List<String>Patterns - correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description String
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled Boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- period Integer
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold Integer
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id String - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- action
Rate
Limit Action - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- bypass
Url string[]Patterns - correlate
Rate
Limit Correlate - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description string
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- period number
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold number
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id string - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- action
Rate
Limit Action Args - The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- bypass_
url_ Sequence[str]patterns - correlate
Rate
Limit Correlate Args - Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description str
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled bool
- Whether this ratelimit is currently disabled. Defaults to
false. - match
Rate
Limit Match Args - Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- period int
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold int
- The threshold that triggers the rate limit mitigations, combine with period.
- zone_
id str - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- action Property Map
- The action to be performed when the threshold of matched traffic within the period defined is exceeded.
- bypass
Url List<String>Patterns - correlate Property Map
- Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
- description String
- A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
- disabled Boolean
- Whether this ratelimit is currently disabled. Defaults to
false. - match Property Map
- Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone.
- period Number
- The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed.
- threshold Number
- The threshold that triggers the rate limit mitigations, combine with period.
- zone
Id String - The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
Supporting Types
RateLimitAction, RateLimitActionArgs
- Mode string
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - Response
Rate
Limit Action Response - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- Timeout int
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
- Mode string
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - Response
Rate
Limit Action Response - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- Timeout int
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
- mode String
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - response
Rate
Limit Action Response - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- timeout Integer
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
- mode string
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - response
Rate
Limit Action Response - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- timeout number
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
- mode str
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - response
Rate
Limit Action Response - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- timeout int
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
- mode String
- The type of action to perform. Available values:
simulate,ban,challenge,js_challenge,managed_challenge. - response Property Map
- Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page.
- timeout Number
- The time in seconds as an integer to perform the mitigation action. This field is required if the
modeis eithersimulateorban. Must be the same or greater than the period.
RateLimitActionResponse, RateLimitActionResponseArgs
- Body string
- The body to return, the content here should conform to the
content_type. - Content
Type string - The content-type of the body. Available values:
text/plain,text/xml,application/json.
- Body string
- The body to return, the content here should conform to the
content_type. - Content
Type string - The content-type of the body. Available values:
text/plain,text/xml,application/json.
- body String
- The body to return, the content here should conform to the
content_type. - content
Type String - The content-type of the body. Available values:
text/plain,text/xml,application/json.
- body string
- The body to return, the content here should conform to the
content_type. - content
Type string - The content-type of the body. Available values:
text/plain,text/xml,application/json.
- body str
- The body to return, the content here should conform to the
content_type. - content_
type str - The content-type of the body. Available values:
text/plain,text/xml,application/json.
- body String
- The body to return, the content here should conform to the
content_type. - content
Type String - The content-type of the body. Available values:
text/plain,text/xml,application/json.
RateLimitCorrelate, RateLimitCorrelateArgs
- By string
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
- By string
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
- by String
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
- by string
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
- by str
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
- by String
- If set to 'nat', NAT support will be enabled for rate limiting. Available values:
nat.
RateLimitMatch, RateLimitMatchArgs
- Request
Rate
Limit Match Request - Matches HTTP requests (from the client to Cloudflare).
- Response
Rate
Limit Match Response - Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
- Request
Rate
Limit Match Request - Matches HTTP requests (from the client to Cloudflare).
- Response
Rate
Limit Match Response - Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
- request
Rate
Limit Match Request - Matches HTTP requests (from the client to Cloudflare).
- response
Rate
Limit Match Response - Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
- request
Rate
Limit Match Request - Matches HTTP requests (from the client to Cloudflare).
- response
Rate
Limit Match Response - Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
- request
Rate
Limit Match Request - Matches HTTP requests (from the client to Cloudflare).
- response
Rate
Limit Match Response - Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
- request Property Map
- Matches HTTP requests (from the client to Cloudflare).
- response Property Map
- Matches HTTP responses before they are returned to the client from Cloudflare. If this is defined, then the entire counting of traffic occurs at this stage.
RateLimitMatchRequest, RateLimitMatchRequestArgs
- Methods List<string>
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - Schemes List<string>
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - Url
Pattern string - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
- Methods []string
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - Schemes []string
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - Url
Pattern string - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
- methods List<String>
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - schemes List<String>
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - url
Pattern String - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
- methods string[]
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - schemes string[]
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - url
Pattern string - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
- methods Sequence[str]
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - schemes Sequence[str]
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - url_
pattern str - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
- methods List<String>
- HTTP Methods to match traffic on. Available values:
GET,POST,PUT,DELETE,PATCH,HEAD,_ALL_. - schemes List<String>
- HTTP schemes to match traffic on. Available values:
HTTP,HTTPS,_ALL_. - url
Pattern String - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use _ for all traffic to your zone.
RateLimitMatchResponse, RateLimitMatchResponseArgs
- Headers
List<Immutable
Dictionary<string, string>> - List of HTTP headers maps to match the origin response on.
- Origin
Traffic bool - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- Statuses List<int>
- HTTP Status codes, can be one, many or indicate all by not providing this value.
- Headers []map[string]string
- List of HTTP headers maps to match the origin response on.
- Origin
Traffic bool - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- Statuses []int
- HTTP Status codes, can be one, many or indicate all by not providing this value.
- headers List<Map<String,String>>
- List of HTTP headers maps to match the origin response on.
- origin
Traffic Boolean - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- statuses List<Integer>
- HTTP Status codes, can be one, many or indicate all by not providing this value.
- headers {[key: string]: string}[]
- List of HTTP headers maps to match the origin response on.
- origin
Traffic boolean - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- statuses number[]
- HTTP Status codes, can be one, many or indicate all by not providing this value.
- headers Sequence[Mapping[str, str]]
- List of HTTP headers maps to match the origin response on.
- origin_
traffic bool - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- statuses Sequence[int]
- HTTP Status codes, can be one, many or indicate all by not providing this value.
- headers List<Map<String>>
- List of HTTP headers maps to match the origin response on.
- origin
Traffic Boolean - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting.
- statuses List<Number>
- HTTP Status codes, can be one, many or indicate all by not providing this value.
Import
$ pulumi import cloudflare:index/rateLimit:RateLimit example <zone_id>/<rate_limit_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.