Docs Home
Cloudflare v6.1.1 published on Monday, Apr 21, 2025 by Pulumi
cloudflare.getDnsFirewalls
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleDnsFirewalls = cloudflare.getDnsFirewalls({
accountId: "023e105f4ecef8ad9ca31a8372d0c353",
});
import pulumi
import pulumi_cloudflare as cloudflare
example_dns_firewalls = cloudflare.get_dns_firewalls(account_id="023e105f4ecef8ad9ca31a8372d0c353")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.LookupDnsFirewalls(ctx, &cloudflare.LookupDnsFirewallsArgs{
AccountId: "023e105f4ecef8ad9ca31a8372d0c353",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleDnsFirewalls = Cloudflare.GetDnsFirewalls.Invoke(new()
{
AccountId = "023e105f4ecef8ad9ca31a8372d0c353",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetDnsFirewallsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleDnsFirewalls = CloudflareFunctions.getDnsFirewalls(GetDnsFirewallsArgs.builder()
.accountId("023e105f4ecef8ad9ca31a8372d0c353")
.build());
}
}
variables:
exampleDnsFirewalls:
fn::invoke:
function: cloudflare:getDnsFirewalls
arguments:
accountId: 023e105f4ecef8ad9ca31a8372d0c353
Using getDnsFirewalls
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDnsFirewalls(args: GetDnsFirewallsArgs, opts?: InvokeOptions): Promise<GetDnsFirewallsResult>
function getDnsFirewallsOutput(args: GetDnsFirewallsOutputArgs, opts?: InvokeOptions): Output<GetDnsFirewallsResult>def get_dns_firewalls(account_id: Optional[str] = None,
max_items: Optional[int] = None,
opts: Optional[InvokeOptions] = None) -> GetDnsFirewallsResult
def get_dns_firewalls_output(account_id: Optional[pulumi.Input[str]] = None,
max_items: Optional[pulumi.Input[int]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetDnsFirewallsResult]func LookupDnsFirewalls(ctx *Context, args *LookupDnsFirewallsArgs, opts ...InvokeOption) (*LookupDnsFirewallsResult, error)
func LookupDnsFirewallsOutput(ctx *Context, args *LookupDnsFirewallsOutputArgs, opts ...InvokeOption) LookupDnsFirewallsResultOutput> Note: This function is named LookupDnsFirewalls in the Go SDK.
public static class GetDnsFirewalls
{
public static Task<GetDnsFirewallsResult> InvokeAsync(GetDnsFirewallsArgs args, InvokeOptions? opts = null)
public static Output<GetDnsFirewallsResult> Invoke(GetDnsFirewallsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetDnsFirewallsResult> getDnsFirewalls(GetDnsFirewallsArgs args, InvokeOptions options)
public static Output<GetDnsFirewallsResult> getDnsFirewalls(GetDnsFirewallsArgs args, InvokeOptions options)
fn::invoke:
function: cloudflare:index/getDnsFirewalls:getDnsFirewalls
arguments:
# arguments dictionaryThe following arguments are supported:
- account_
id str - Identifier.
- max_
items int - Max items to fetch, default: 1000
getDnsFirewalls Result
The following output properties are available:
- Account
Id string - Identifier.
- Id string
- The provider-assigned unique ID for this managed resource.
- Results
List<Get
Dns Firewalls Result> - The items returned by the data source
- Max
Items int - Max items to fetch, default: 1000
- Account
Id string - Identifier.
- Id string
- The provider-assigned unique ID for this managed resource.
- Results
[]Get
Dns Firewalls Result - The items returned by the data source
- Max
Items int - Max items to fetch, default: 1000
- account
Id String - Identifier.
- id String
- The provider-assigned unique ID for this managed resource.
- results
List<Get
Dns Firewalls Result> - The items returned by the data source
- max
Items Integer - Max items to fetch, default: 1000
- account
Id string - Identifier.
- id string
- The provider-assigned unique ID for this managed resource.
- results
Get
Dns Firewalls Result[] - The items returned by the data source
- max
Items number - Max items to fetch, default: 1000
- account_
id str - Identifier.
- id str
- The provider-assigned unique ID for this managed resource.
- results
Sequence[Get
Dns Firewalls Result] - The items returned by the data source
- max_
items int - Max items to fetch, default: 1000
- account
Id String - Identifier.
- id String
- The provider-assigned unique ID for this managed resource.
- results List<Property Map>
- The items returned by the data source
- max
Items Number - Max items to fetch, default: 1000
Supporting Types
GetDnsFirewallsResult
- Attack
Mitigation GetDns Firewalls Result Attack Mitigation - Attack mitigation settings
- Deprecate
Any boolRequests - Whether to refuse to answer queries for the ANY type
- Dns
Firewall List<string>Ips - Ecs
Fallback bool - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- Id string
- Identifier.
- Maximum
Cache doubleTtl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- Minimum
Cache doubleTtl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- Modified
On string - Last modification of DNS Firewall cluster
- Name string
- DNS Firewall cluster name
- Negative
Cache doubleTtl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- Ratelimit double
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- Retries double
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- Upstream
Ips List<string>
- Attack
Mitigation GetDns Firewalls Result Attack Mitigation - Attack mitigation settings
- Deprecate
Any boolRequests - Whether to refuse to answer queries for the ANY type
- Dns
Firewall []stringIps - Ecs
Fallback bool - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- Id string
- Identifier.
- Maximum
Cache float64Ttl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- Minimum
Cache float64Ttl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- Modified
On string - Last modification of DNS Firewall cluster
- Name string
- DNS Firewall cluster name
- Negative
Cache float64Ttl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- Ratelimit float64
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- Retries float64
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- Upstream
Ips []string
- attack
Mitigation GetDns Firewalls Result Attack Mitigation - Attack mitigation settings
- deprecate
Any BooleanRequests - Whether to refuse to answer queries for the ANY type
- dns
Firewall List<String>Ips - ecs
Fallback Boolean - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- id String
- Identifier.
- maximum
Cache DoubleTtl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- minimum
Cache DoubleTtl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- modified
On String - Last modification of DNS Firewall cluster
- name String
- DNS Firewall cluster name
- negative
Cache DoubleTtl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- ratelimit Double
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- retries Double
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- upstream
Ips List<String>
- attack
Mitigation GetDns Firewalls Result Attack Mitigation - Attack mitigation settings
- deprecate
Any booleanRequests - Whether to refuse to answer queries for the ANY type
- dns
Firewall string[]Ips - ecs
Fallback boolean - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- id string
- Identifier.
- maximum
Cache numberTtl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- minimum
Cache numberTtl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- modified
On string - Last modification of DNS Firewall cluster
- name string
- DNS Firewall cluster name
- negative
Cache numberTtl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- ratelimit number
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- retries number
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- upstream
Ips string[]
- attack_
mitigation GetDns Firewalls Result Attack Mitigation - Attack mitigation settings
- deprecate_
any_ boolrequests - Whether to refuse to answer queries for the ANY type
- dns_
firewall_ Sequence[str]ips - ecs_
fallback bool - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- id str
- Identifier.
- maximum_
cache_ floatttl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- minimum_
cache_ floatttl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- modified_
on str - Last modification of DNS Firewall cluster
- name str
- DNS Firewall cluster name
- negative_
cache_ floatttl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- ratelimit float
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- retries float
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- upstream_
ips Sequence[str]
- attack
Mitigation Property Map - Attack mitigation settings
- deprecate
Any BooleanRequests - Whether to refuse to answer queries for the ANY type
- dns
Firewall List<String>Ips - ecs
Fallback Boolean - Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent
- id String
- Identifier.
- maximum
Cache NumberTtl - Maximum DNS cache TTL This setting sets an upper bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Higher TTLs will be decreased to the maximum defined here for caching purposes.
- minimum
Cache NumberTtl - Minimum DNS cache TTL This setting sets a lower bound on DNS TTLs for purposes of caching between DNS Firewall and the upstream servers. Lower TTLs will be increased to the minimum defined here for caching purposes.
- modified
On String - Last modification of DNS Firewall cluster
- name String
- DNS Firewall cluster name
- negative
Cache NumberTtl - Negative DNS cache TTL This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
- ratelimit Number
- Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster)
- retries Number
- Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt)
- upstream
Ips List<String>
GetDnsFirewallsResultAttackMitigation
- Enabled bool
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- Only
When boolUpstream Unhealthy - Only mitigate attacks when upstream servers seem unhealthy
- Enabled bool
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- Only
When boolUpstream Unhealthy - Only mitigate attacks when upstream servers seem unhealthy
- enabled Boolean
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- only
When BooleanUpstream Unhealthy - Only mitigate attacks when upstream servers seem unhealthy
- enabled boolean
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- only
When booleanUpstream Unhealthy - Only mitigate attacks when upstream servers seem unhealthy
- enabled bool
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- only_
when_ boolupstream_ unhealthy - Only mitigate attacks when upstream servers seem unhealthy
- enabled Boolean
- When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers
- only
When BooleanUpstream Unhealthy - Only mitigate attacks when upstream servers seem unhealthy
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.