1. Packages
  2. Cloudflare
  3. API Docs
  4. Ruleset
Cloudflare v5.31.0 published on Wednesday, Jun 12, 2024 by Pulumi

cloudflare.Ruleset

Explore with Pulumi AI

cloudflare logo
Cloudflare v5.31.0 published on Wednesday, Jun 12, 2024 by Pulumi

    The Cloudflare Ruleset Engine allows you to create and deploy rules and rulesets.

    The engine syntax, inspired by the Wireshark Display Filter language, is the same syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine in different products, allowing you to configure several products using the same basic syntax.

    Example Usage

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.cloudflare.Ruleset;
    import com.pulumi.cloudflare.RulesetArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOverridesArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriPathArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriQueryArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleRatelimitArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOriginArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersEdgeTtlArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersBrowserTtlArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersServeStaleArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromListArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueArgs;
    import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueTargetUrlArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // Magic Transit
            var magicTransitExample = new Ruleset("magicTransitExample", RulesetArgs.builder()
                .accountId("f037e56e89293a057740de681ac9abbe")
                .name("account magic transit")
                .description("example magic transit ruleset description")
                .kind("root")
                .phase("magic_transit")
                .rules(RulesetRuleArgs.builder()
                    .action("allow")
                    .expression("tcp.dstport in { 32768..65535 }")
                    .description("Allow TCP Ephemeral Ports")
                    .build())
                .build());
    
            // Zone-level WAF Managed Ruleset
            var zoneLevelManagedWaf = new Ruleset("zoneLevelManagedWaf", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("managed WAF")
                .description("managed WAF ruleset description")
                .kind("zone")
                .phase("http_request_firewall_managed")
                .rules(RulesetRuleArgs.builder()
                    .action("execute")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .id("efb7b8c949ac4650a09736fc376e9aee")
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset")
                    .enabled(true)
                    .build())
                .build());
    
            // Zone-level WAF with tag-based overrides
            var zoneLevelManagedWafWithCategoryBasedOverrides = new Ruleset("zoneLevelManagedWafWithCategoryBasedOverrides", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("managed WAF with tag-based overrides")
                .description("managed WAF with tag-based overrides ruleset description")
                .kind("zone")
                .phase("http_request_firewall_managed")
                .rules(RulesetRuleArgs.builder()
                    .action("execute")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .id("efb7b8c949ac4650a09736fc376e9aee")
                        .overrides(RulesetRuleActionParametersOverridesArgs.builder()
                            .categories(                        
                                RulesetRuleActionParametersOverridesCategoryArgs.builder()
                                    .category("wordpress")
                                    .action("block")
                                    .enabled(true)
                                    .build(),
                                RulesetRuleActionParametersOverridesCategoryArgs.builder()
                                    .category("joomla")
                                    .action("block")
                                    .enabled(true)
                                    .build())
                            .build())
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("overrides to only enable wordpress rules to block")
                    .enabled(false)
                    .build())
                .build());
    
            // Rewrite the URI path component to a static path
            var transformUriRulePath = new Ruleset("transformUriRulePath", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("transform rule for URI path")
                .description("change the URI path to a new static path")
                .kind("zone")
                .phase("http_request_transform")
                .rules(RulesetRuleArgs.builder()
                    .action("rewrite")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .uri(RulesetRuleActionParametersUriArgs.builder()
                            .path(RulesetRuleActionParametersUriPathArgs.builder()
                                .value("/my-new-route")
                                .build())
                            .build())
                        .build())
                    .expression("(http.host eq \"example.com\" and http.request.uri.path eq \"/old-path\")")
                    .description("example URI path transform rule")
                    .enabled(true)
                    .build())
                .build());
    
            // Rewrite the URI query component to a static query
            var transformUriRuleQuery = new Ruleset("transformUriRuleQuery", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("transform rule for URI query parameter")
                .description("change the URI query to a new static query")
                .kind("zone")
                .phase("http_request_transform")
                .rules(RulesetRuleArgs.builder()
                    .action("rewrite")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .uri(RulesetRuleActionParametersUriArgs.builder()
                            .query(RulesetRuleActionParametersUriQueryArgs.builder()
                                .value("old=new_again")
                                .build())
                            .build())
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("URI transformation query example")
                    .enabled(true)
                    .build())
                .build());
    
            // Rewrite HTTP headers to a modified values
            var transformUriHttpHeaders = new Ruleset("transformUriHttpHeaders", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("transform rule for HTTP headers")
                .description("modify HTTP headers before reaching origin")
                .kind("zone")
                .phase("http_request_late_transform")
                .rules(RulesetRuleArgs.builder()
                    .action("rewrite")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .headers(                    
                            RulesetRuleActionParametersHeaderArgs.builder()
                                .name("example-http-header-1")
                                .operation("set")
                                .value("my-http-header-value-1")
                                .build(),
                            RulesetRuleActionParametersHeaderArgs.builder()
                                .name("example-http-header-2")
                                .operation("set")
                                .expression("cf.zone.name")
                                .build(),
                            RulesetRuleActionParametersHeaderArgs.builder()
                                .name("example-http-header-3-to-remove")
                                .operation("remove")
                                .build())
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("example request header transform rule")
                    .enabled(false)
                    .build())
                .build());
    
            // HTTP rate limit for an API route
            var rateLimitingExample = new Ruleset("rateLimitingExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("restrict API requests count")
                .description("apply HTTP rate limiting for a route")
                .kind("zone")
                .phase("http_ratelimit")
                .rules(RulesetRuleArgs.builder()
                    .action("block")
                    .ratelimit(RulesetRuleRatelimitArgs.builder()
                        .characteristics(                    
                            "cf.colo.id",
                            "ip.src")
                        .period(60)
                        .requestsPerPeriod(100)
                        .mitigationTimeout(600)
                        .build())
                    .expression("(http.request.uri.path matches \"^/api/\")")
                    .description("rate limit for API")
                    .enabled(true)
                    .build())
                .build());
    
            // Change origin for an API route
            var httpOriginExample = new Ruleset("httpOriginExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("Change to some origin")
                .description("Change origin for a route")
                .kind("zone")
                .phase("http_request_origin")
                .rules(RulesetRuleArgs.builder()
                    .action("route")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .hostHeader("some.host")
                        .origin(RulesetRuleActionParametersOriginArgs.builder()
                            .host("some.host")
                            .port(80)
                            .build())
                        .build())
                    .expression("(http.request.uri.path matches \"^/api/\")")
                    .description("change origin to some.host")
                    .enabled(true)
                    .build())
                .build());
    
            // Custom fields logging
            var customFieldsLoggingExample = new Ruleset("customFieldsLoggingExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("log custom fields")
                .description("add custom fields to logging")
                .kind("zone")
                .phase("http_log_custom_fields")
                .rules(RulesetRuleArgs.builder()
                    .action("log_custom_field")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .requestFields(                    
                            "content-type",
                            "x-forwarded-for",
                            "host")
                        .responseFields(                    
                            "server",
                            "content-type",
                            "allow")
                        .cookieFields(                    
                            "__ga",
                            "accountNumber",
                            "__cfruid")
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("log custom fields rule")
                    .enabled(true)
                    .build())
                .build());
    
            // Custom cache keys + settings
            var cacheSettingsExample = new Ruleset("cacheSettingsExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("set cache settings")
                .description("set cache settings for the request")
                .kind("zone")
                .phase("http_request_cache_settings")
                .rules(RulesetRuleArgs.builder()
                    .action("set_cache_settings")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .edgeTtl(RulesetRuleActionParametersEdgeTtlArgs.builder()
                            .mode("override_origin")
                            .default_(60)
                            .statusCodeTtls(                        
                                RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
                                    .statusCode(200)
                                    .value(50)
                                    .build(),
                                RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
                                    .statusCodeRange(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
                                    .value(30)
                                    .build())
                            .build())
                        .browserTtl(RulesetRuleActionParametersBrowserTtlArgs.builder()
                            .mode("respect_origin")
                            .build())
                        .serveStale(RulesetRuleActionParametersServeStaleArgs.builder()
                            .disableStaleWhileUpdating(true)
                            .build())
                        .respectStrongEtags(true)
                        .cacheKey(RulesetRuleActionParametersCacheKeyArgs.builder()
                            .ignoreQueryStringsOrder(false)
                            .cacheDeceptionArmor(true)
                            .customKey(RulesetRuleActionParametersCacheKeyCustomKeyArgs.builder()
                                .queryString(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs.builder()
                                    .excludes("*")
                                    .build())
                                .header(RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs.builder()
                                    .includes(                                
                                        "habc",
                                        "hdef")
                                    .checkPresences(                                
                                        "habc_t",
                                        "hdef_t")
                                    .excludeOrigin(true)
                                    .build())
                                .cookie(RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs.builder()
                                    .includes(                                
                                        "cabc",
                                        "cdef")
                                    .checkPresences(                                
                                        "cabc_t",
                                        "cdef_t")
                                    .build())
                                .user(RulesetRuleActionParametersCacheKeyCustomKeyUserArgs.builder()
                                    .deviceType(true)
                                    .geo(false)
                                    .build())
                                .host(RulesetRuleActionParametersCacheKeyCustomKeyHostArgs.builder()
                                    .resolved(true)
                                    .build())
                                .build())
                            .build())
                        .originErrorPagePassthru(false)
                        .build())
                    .expression("(http.host eq \"example.host.com\")")
                    .description("set cache settings rule")
                    .enabled(true)
                    .build())
                .build());
    
            // Redirects based on a List resource
            var redirectFromListExample = new Ruleset("redirectFromListExample", RulesetArgs.builder()
                .accountId("f037e56e89293a057740de681ac9abbe")
                .name("redirects")
                .description("Redirect ruleset")
                .kind("root")
                .phase("http_request_redirect")
                .rules(RulesetRuleArgs.builder()
                    .action("redirect")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .fromList(RulesetRuleActionParametersFromListArgs.builder()
                            .name("redirect_list")
                            .key("http.request.full_uri")
                            .build())
                        .build())
                    .expression("http.request.full_uri in $redirect_list")
                    .description("Apply redirects from redirect_list")
                    .enabled(true)
                    .build())
                .build());
    
            // Dynamic Redirects from value resource
            var redirectFromValueExample = new Ruleset("redirectFromValueExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("redirects")
                .description("Redirect ruleset")
                .kind("zone")
                .phase("http_request_dynamic_redirect")
                .rules(RulesetRuleArgs.builder()
                    .action("redirect")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .fromValue(RulesetRuleActionParametersFromValueArgs.builder()
                            .statusCode(301)
                            .targetUrl(RulesetRuleActionParametersFromValueTargetUrlArgs.builder()
                                .value("some_host.com")
                                .build())
                            .preserveQueryString(true)
                            .build())
                        .build())
                    .expression("(http.request.uri.path matches \"^/api/\")")
                    .description("Apply redirect from value")
                    .enabled(true)
                    .build())
                .build());
    
            // Serve some custom error response
            var httpCustomErrorExample = new Ruleset("httpCustomErrorExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("Serve some error response")
                .description("Serve some error response")
                .kind("zone")
                .phase("http_custom_errors")
                .rules(RulesetRuleArgs.builder()
                    .action("serve_error")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .content("some error html")
                        .contentType("text/html")
                        .statusCode("530")
                        .build())
                    .expression("(http.request.uri.path matches \"^/api/\")")
                    .description("serve some error response")
                    .enabled(true)
                    .build())
                .build());
    
            // Set Configuration Rules for an API route
            var httpConfigRulesExample = new Ruleset("httpConfigRulesExample", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("set config rules")
                .description("set config rules for request")
                .kind("zone")
                .phase("http_config_settings")
                .rules(RulesetRuleArgs.builder()
                    .action("set_config")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .emailObfuscation(true)
                        .bic(true)
                        .build())
                    .expression("(http.request.uri.path matches \"^/api/\")")
                    .description("set config rules for matching request")
                    .enabled(true)
                    .build())
                .build());
    
            // Set compress algorithm for response.
            var responseCompressBrotliHtml = new Ruleset("responseCompressBrotliHtml", RulesetArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .name("Brotli response compression for HTML")
                .description("Response compression ruleset")
                .kind("zone")
                .phase("http_response_compression")
                .rules(RulesetRuleArgs.builder()
                    .action("compress_response")
                    .actionParameters(RulesetRuleActionParametersArgs.builder()
                        .algorithms(                    
                            RulesetRuleActionParametersAlgorithmArgs.builder()
                                .name("brotli")
                                .build(),
                            RulesetRuleActionParametersAlgorithmArgs.builder()
                                .name("auto")
                                .build())
                        .build())
                    .expression("http.response.content_type.media_type == \"text/html\"")
                    .description("Prefer brotli compression for HTML")
                    .enabled(true)
                    .build())
                .build());
    
        }
    }
    
    resources:
      # Magic Transit
      magicTransitExample:
        type: cloudflare:Ruleset
        name: magic_transit_example
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          name: account magic transit
          description: example magic transit ruleset description
          kind: root
          phase: magic_transit
          rules:
            - action: allow
              expression: tcp.dstport in { 32768..65535 }
              description: Allow TCP Ephemeral Ports
      # Zone-level WAF Managed Ruleset
      zoneLevelManagedWaf:
        type: cloudflare:Ruleset
        name: zone_level_managed_waf
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: managed WAF
          description: managed WAF ruleset description
          kind: zone
          phase: http_request_firewall_managed
          rules:
            - action: execute
              actionParameters:
                id: efb7b8c949ac4650a09736fc376e9aee
              expression: (http.host eq "example.host.com")
              description: Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset
              enabled: true
      # Zone-level WAF with tag-based overrides
      zoneLevelManagedWafWithCategoryBasedOverrides:
        type: cloudflare:Ruleset
        name: zone_level_managed_waf_with_category_based_overrides
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: managed WAF with tag-based overrides
          description: managed WAF with tag-based overrides ruleset description
          kind: zone
          phase: http_request_firewall_managed
          rules:
            - action: execute
              actionParameters:
                id: efb7b8c949ac4650a09736fc376e9aee
                overrides:
                  categories:
                    - category: wordpress
                      action: block
                      enabled: true
                    - category: joomla
                      action: block
                      enabled: true
              expression: (http.host eq "example.host.com")
              description: overrides to only enable wordpress rules to block
              enabled: false
      # Rewrite the URI path component to a static path
      transformUriRulePath:
        type: cloudflare:Ruleset
        name: transform_uri_rule_path
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: transform rule for URI path
          description: change the URI path to a new static path
          kind: zone
          phase: http_request_transform
          rules:
            - action: rewrite
              actionParameters:
                uri:
                  path:
                    value: /my-new-route
              expression: (http.host eq "example.com" and http.request.uri.path eq "/old-path")
              description: example URI path transform rule
              enabled: true
      # Rewrite the URI query component to a static query
      transformUriRuleQuery:
        type: cloudflare:Ruleset
        name: transform_uri_rule_query
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: transform rule for URI query parameter
          description: change the URI query to a new static query
          kind: zone
          phase: http_request_transform
          rules:
            - action: rewrite
              actionParameters:
                uri:
                  query:
                    value: old=new_again
              expression: (http.host eq "example.host.com")
              description: URI transformation query example
              enabled: true
      # Rewrite HTTP headers to a modified values
      transformUriHttpHeaders:
        type: cloudflare:Ruleset
        name: transform_uri_http_headers
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: transform rule for HTTP headers
          description: modify HTTP headers before reaching origin
          kind: zone
          phase: http_request_late_transform
          rules:
            - action: rewrite
              actionParameters:
                headers:
                  - name: example-http-header-1
                    operation: set
                    value: my-http-header-value-1
                  - name: example-http-header-2
                    operation: set
                    expression: cf.zone.name
                  - name: example-http-header-3-to-remove
                    operation: remove
              expression: (http.host eq "example.host.com")
              description: example request header transform rule
              enabled: false
      # HTTP rate limit for an API route
      rateLimitingExample:
        type: cloudflare:Ruleset
        name: rate_limiting_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: restrict API requests count
          description: apply HTTP rate limiting for a route
          kind: zone
          phase: http_ratelimit
          rules:
            - action: block
              ratelimit:
                characteristics:
                  - cf.colo.id
                  - ip.src
                period: 60
                requestsPerPeriod: 100
                mitigationTimeout: 600
              expression: (http.request.uri.path matches "^/api/")
              description: rate limit for API
              enabled: true
      # Change origin for an API route
      httpOriginExample:
        type: cloudflare:Ruleset
        name: http_origin_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: Change to some origin
          description: Change origin for a route
          kind: zone
          phase: http_request_origin
          rules:
            - action: route
              actionParameters:
                hostHeader: some.host
                origin:
                  host: some.host
                  port: 80
              expression: (http.request.uri.path matches "^/api/")
              description: change origin to some.host
              enabled: true
      # Custom fields logging
      customFieldsLoggingExample:
        type: cloudflare:Ruleset
        name: custom_fields_logging_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: log custom fields
          description: add custom fields to logging
          kind: zone
          phase: http_log_custom_fields
          rules:
            - action: log_custom_field
              actionParameters:
                requestFields:
                  - content-type
                  - x-forwarded-for
                  - host
                responseFields:
                  - server
                  - content-type
                  - allow
                cookieFields:
                  - __ga
                  - accountNumber
                  - __cfruid
              expression: (http.host eq "example.host.com")
              description: log custom fields rule
              enabled: true
      # Custom cache keys + settings
      cacheSettingsExample:
        type: cloudflare:Ruleset
        name: cache_settings_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: set cache settings
          description: set cache settings for the request
          kind: zone
          phase: http_request_cache_settings
          rules:
            - action: set_cache_settings
              actionParameters:
                edgeTtl:
                  mode: override_origin
                  default: 60
                  statusCodeTtls:
                    - statusCode: 200
                      value: 50
                    - statusCodeRange:
                        from: 201
                        to: 300
                      value: 30
                browserTtl:
                  mode: respect_origin
                serveStale:
                  disableStaleWhileUpdating: true
                respectStrongEtags: true
                cacheKey:
                  ignoreQueryStringsOrder: false
                  cacheDeceptionArmor: true
                  customKey:
                    queryString:
                      excludes:
                        - '*'
                    header:
                      includes:
                        - habc
                        - hdef
                      checkPresences:
                        - habc_t
                        - hdef_t
                      excludeOrigin: true
                    cookie:
                      includes:
                        - cabc
                        - cdef
                      checkPresences:
                        - cabc_t
                        - cdef_t
                    user:
                      deviceType: true
                      geo: false
                    host:
                      resolved: true
                originErrorPagePassthru: false
              expression: (http.host eq "example.host.com")
              description: set cache settings rule
              enabled: true
      # Redirects based on a List resource
      redirectFromListExample:
        type: cloudflare:Ruleset
        name: redirect_from_list_example
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          name: redirects
          description: Redirect ruleset
          kind: root
          phase: http_request_redirect
          rules:
            - action: redirect
              actionParameters:
                fromList:
                  name: redirect_list
                  key: http.request.full_uri
              expression: http.request.full_uri in $redirect_list
              description: Apply redirects from redirect_list
              enabled: true
      # Dynamic Redirects from value resource
      redirectFromValueExample:
        type: cloudflare:Ruleset
        name: redirect_from_value_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: redirects
          description: Redirect ruleset
          kind: zone
          phase: http_request_dynamic_redirect
          rules:
            - action: redirect
              actionParameters:
                fromValue:
                  statusCode: 301
                  targetUrl:
                    value: some_host.com
                  preserveQueryString: true
              expression: (http.request.uri.path matches "^/api/")
              description: Apply redirect from value
              enabled: true
      # Serve some custom error response
      httpCustomErrorExample:
        type: cloudflare:Ruleset
        name: http_custom_error_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: Serve some error response
          description: Serve some error response
          kind: zone
          phase: http_custom_errors
          rules:
            - action: serve_error
              actionParameters:
                content: some error html
                contentType: text/html
                statusCode: '530'
              expression: (http.request.uri.path matches "^/api/")
              description: serve some error response
              enabled: true
      # Set Configuration Rules for an API route
      httpConfigRulesExample:
        type: cloudflare:Ruleset
        name: http_config_rules_example
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: set config rules
          description: set config rules for request
          kind: zone
          phase: http_config_settings
          rules:
            - action: set_config
              actionParameters:
                emailObfuscation: true
                bic: true
              expression: (http.request.uri.path matches "^/api/")
              description: set config rules for matching request
              enabled: true
      # Set compress algorithm for response.
      responseCompressBrotliHtml:
        type: cloudflare:Ruleset
        name: response_compress_brotli_html
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          name: Brotli response compression for HTML
          description: Response compression ruleset
          kind: zone
          phase: http_response_compression
          rules:
            - action: compress_response
              actionParameters:
                algorithms:
                  - name: brotli
                  - name: auto
              expression: http.response.content_type.media_type == "text/html"
              description: Prefer brotli compression for HTML
              enabled: true
    

    Create Ruleset Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Ruleset(name: string, args: RulesetArgs, opts?: CustomResourceOptions);
    @overload
    def Ruleset(resource_name: str,
                args: RulesetArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Ruleset(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                kind: Optional[str] = None,
                name: Optional[str] = None,
                phase: Optional[str] = None,
                account_id: Optional[str] = None,
                description: Optional[str] = None,
                rules: Optional[Sequence[RulesetRuleArgs]] = None,
                zone_id: Optional[str] = None)
    func NewRuleset(ctx *Context, name string, args RulesetArgs, opts ...ResourceOption) (*Ruleset, error)
    public Ruleset(string name, RulesetArgs args, CustomResourceOptions? opts = null)
    public Ruleset(String name, RulesetArgs args)
    public Ruleset(String name, RulesetArgs args, CustomResourceOptions options)
    
    type: cloudflare:Ruleset
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args RulesetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RulesetArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RulesetArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RulesetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RulesetArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var rulesetResource = new Cloudflare.Ruleset("rulesetResource", new()
    {
        Kind = "string",
        Name = "string",
        Phase = "string",
        AccountId = "string",
        Description = "string",
        Rules = new[]
        {
            new Cloudflare.Inputs.RulesetRuleArgs
            {
                Expression = "string",
                Action = "string",
                ActionParameters = new Cloudflare.Inputs.RulesetRuleActionParametersArgs
                {
                    AdditionalCacheablePorts = new[]
                    {
                        0,
                    },
                    Algorithms = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersAlgorithmArgs
                        {
                            Name = "string",
                        },
                    },
                    AutomaticHttpsRewrites = false,
                    Autominifies = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersAutominifyArgs
                        {
                            Css = false,
                            Html = false,
                            Js = false,
                        },
                    },
                    Bic = false,
                    BrowserTtl = new Cloudflare.Inputs.RulesetRuleActionParametersBrowserTtlArgs
                    {
                        Mode = "string",
                        Default = 0,
                    },
                    Cache = false,
                    CacheKey = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyArgs
                    {
                        CacheByDeviceType = false,
                        CacheDeceptionArmor = false,
                        CustomKey = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyArgs
                        {
                            Cookie = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs
                            {
                                CheckPresences = new[]
                                {
                                    "string",
                                },
                                Includes = new[]
                                {
                                    "string",
                                },
                            },
                            Header = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs
                            {
                                CheckPresences = new[]
                                {
                                    "string",
                                },
                                ExcludeOrigin = false,
                                Includes = new[]
                                {
                                    "string",
                                },
                            },
                            Host = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs
                            {
                                Resolved = false,
                            },
                            QueryString = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs
                            {
                                Excludes = new[]
                                {
                                    "string",
                                },
                                Includes = new[]
                                {
                                    "string",
                                },
                            },
                            User = new Cloudflare.Inputs.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs
                            {
                                DeviceType = false,
                                Geo = false,
                                Lang = false,
                            },
                        },
                        IgnoreQueryStringsOrder = false,
                    },
                    Content = "string",
                    ContentType = "string",
                    CookieFields = new[]
                    {
                        "string",
                    },
                    DisableApps = false,
                    DisableRailgun = false,
                    DisableRum = false,
                    DisableZaraz = false,
                    EdgeTtl = new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlArgs
                    {
                        Mode = "string",
                        Default = 0,
                        StatusCodeTtls = new[]
                        {
                            new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs
                            {
                                StatusCode = 0,
                                StatusCodeRanges = new[]
                                {
                                    new Cloudflare.Inputs.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs
                                    {
                                        From = 0,
                                        To = 0,
                                    },
                                },
                                Value = 0,
                            },
                        },
                    },
                    EmailObfuscation = false,
                    Fonts = false,
                    FromList = new Cloudflare.Inputs.RulesetRuleActionParametersFromListArgs
                    {
                        Key = "string",
                        Name = "string",
                    },
                    FromValue = new Cloudflare.Inputs.RulesetRuleActionParametersFromValueArgs
                    {
                        PreserveQueryString = false,
                        StatusCode = 0,
                        TargetUrl = new Cloudflare.Inputs.RulesetRuleActionParametersFromValueTargetUrlArgs
                        {
                            Expression = "string",
                            Value = "string",
                        },
                    },
                    Headers = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersHeaderArgs
                        {
                            Expression = "string",
                            Name = "string",
                            Operation = "string",
                            Value = "string",
                        },
                    },
                    HostHeader = "string",
                    HotlinkProtection = false,
                    Id = "string",
                    Increment = 0,
                    MatchedData = new Cloudflare.Inputs.RulesetRuleActionParametersMatchedDataArgs
                    {
                        PublicKey = "string",
                    },
                    Mirage = false,
                    OpportunisticEncryption = false,
                    Origin = new Cloudflare.Inputs.RulesetRuleActionParametersOriginArgs
                    {
                        Host = "string",
                        Port = 0,
                    },
                    OriginCacheControl = false,
                    OriginErrorPagePassthru = false,
                    Overrides = new Cloudflare.Inputs.RulesetRuleActionParametersOverridesArgs
                    {
                        Action = "string",
                        Categories = new[]
                        {
                            new Cloudflare.Inputs.RulesetRuleActionParametersOverridesCategoryArgs
                            {
                                Action = "string",
                                Category = "string",
                                Enabled = false,
                            },
                        },
                        Enabled = false,
                        Rules = new[]
                        {
                            new Cloudflare.Inputs.RulesetRuleActionParametersOverridesRuleArgs
                            {
                                Action = "string",
                                Enabled = false,
                                Id = "string",
                                ScoreThreshold = 0,
                                SensitivityLevel = "string",
                            },
                        },
                        SensitivityLevel = "string",
                    },
                    Phases = new[]
                    {
                        "string",
                    },
                    Polish = "string",
                    Products = new[]
                    {
                        "string",
                    },
                    ReadTimeout = 0,
                    RequestFields = new[]
                    {
                        "string",
                    },
                    RespectStrongEtags = false,
                    ResponseFields = new[]
                    {
                        "string",
                    },
                    Responses = new[]
                    {
                        new Cloudflare.Inputs.RulesetRuleActionParametersResponseArgs
                        {
                            Content = "string",
                            ContentType = "string",
                            StatusCode = 0,
                        },
                    },
                    RocketLoader = false,
                    Rules = 
                    {
                        { "string", "string" },
                    },
                    Ruleset = "string",
                    Rulesets = new[]
                    {
                        "string",
                    },
                    SecurityLevel = "string",
                    ServeStale = new Cloudflare.Inputs.RulesetRuleActionParametersServeStaleArgs
                    {
                        DisableStaleWhileUpdating = false,
                    },
                    ServerSideExcludes = false,
                    Sni = new Cloudflare.Inputs.RulesetRuleActionParametersSniArgs
                    {
                        Value = "string",
                    },
                    Ssl = "string",
                    StatusCode = 0,
                    Sxg = false,
                    Uri = new Cloudflare.Inputs.RulesetRuleActionParametersUriArgs
                    {
                        Origin = false,
                        Path = new Cloudflare.Inputs.RulesetRuleActionParametersUriPathArgs
                        {
                            Expression = "string",
                            Value = "string",
                        },
                        Query = new Cloudflare.Inputs.RulesetRuleActionParametersUriQueryArgs
                        {
                            Expression = "string",
                            Value = "string",
                        },
                    },
                    Version = "string",
                },
                Description = "string",
                Enabled = false,
                ExposedCredentialCheck = new Cloudflare.Inputs.RulesetRuleExposedCredentialCheckArgs
                {
                    PasswordExpression = "string",
                    UsernameExpression = "string",
                },
                Id = "string",
                LastUpdated = "string",
                Logging = new Cloudflare.Inputs.RulesetRuleLoggingArgs
                {
                    Enabled = false,
                },
                Ratelimit = new Cloudflare.Inputs.RulesetRuleRatelimitArgs
                {
                    Characteristics = new[]
                    {
                        "string",
                    },
                    CountingExpression = "string",
                    MitigationTimeout = 0,
                    Period = 0,
                    RequestsPerPeriod = 0,
                    RequestsToOrigin = false,
                    ScorePerPeriod = 0,
                    ScoreResponseHeaderName = "string",
                },
                Ref = "string",
                Version = "string",
            },
        },
        ZoneId = "string",
    });
    
    example, err := cloudflare.NewRuleset(ctx, "rulesetResource", &cloudflare.RulesetArgs{
    	Kind:        pulumi.String("string"),
    	Name:        pulumi.String("string"),
    	Phase:       pulumi.String("string"),
    	AccountId:   pulumi.String("string"),
    	Description: pulumi.String("string"),
    	Rules: cloudflare.RulesetRuleArray{
    		&cloudflare.RulesetRuleArgs{
    			Expression: pulumi.String("string"),
    			Action:     pulumi.String("string"),
    			ActionParameters: &cloudflare.RulesetRuleActionParametersArgs{
    				AdditionalCacheablePorts: pulumi.IntArray{
    					pulumi.Int(0),
    				},
    				Algorithms: cloudflare.RulesetRuleActionParametersAlgorithmArray{
    					&cloudflare.RulesetRuleActionParametersAlgorithmArgs{
    						Name: pulumi.String("string"),
    					},
    				},
    				AutomaticHttpsRewrites: pulumi.Bool(false),
    				Autominifies: cloudflare.RulesetRuleActionParametersAutominifyArray{
    					&cloudflare.RulesetRuleActionParametersAutominifyArgs{
    						Css:  pulumi.Bool(false),
    						Html: pulumi.Bool(false),
    						Js:   pulumi.Bool(false),
    					},
    				},
    				Bic: pulumi.Bool(false),
    				BrowserTtl: &cloudflare.RulesetRuleActionParametersBrowserTtlArgs{
    					Mode:    pulumi.String("string"),
    					Default: pulumi.Int(0),
    				},
    				Cache: pulumi.Bool(false),
    				CacheKey: &cloudflare.RulesetRuleActionParametersCacheKeyArgs{
    					CacheByDeviceType:   pulumi.Bool(false),
    					CacheDeceptionArmor: pulumi.Bool(false),
    					CustomKey: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyArgs{
    						Cookie: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs{
    							CheckPresences: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    							Includes: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    						},
    						Header: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs{
    							CheckPresences: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    							ExcludeOrigin: pulumi.Bool(false),
    							Includes: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    						},
    						Host: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs{
    							Resolved: pulumi.Bool(false),
    						},
    						QueryString: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs{
    							Excludes: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    							Includes: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    						},
    						User: &cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs{
    							DeviceType: pulumi.Bool(false),
    							Geo:        pulumi.Bool(false),
    							Lang:       pulumi.Bool(false),
    						},
    					},
    					IgnoreQueryStringsOrder: pulumi.Bool(false),
    				},
    				Content:     pulumi.String("string"),
    				ContentType: pulumi.String("string"),
    				CookieFields: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				DisableApps:    pulumi.Bool(false),
    				DisableRailgun: pulumi.Bool(false),
    				DisableRum:     pulumi.Bool(false),
    				DisableZaraz:   pulumi.Bool(false),
    				EdgeTtl: &cloudflare.RulesetRuleActionParametersEdgeTtlArgs{
    					Mode:    pulumi.String("string"),
    					Default: pulumi.Int(0),
    					StatusCodeTtls: cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArray{
    						&cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs{
    							StatusCode: pulumi.Int(0),
    							StatusCodeRanges: cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArray{
    								&cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs{
    									From: pulumi.Int(0),
    									To:   pulumi.Int(0),
    								},
    							},
    							Value: pulumi.Int(0),
    						},
    					},
    				},
    				EmailObfuscation: pulumi.Bool(false),
    				Fonts:            pulumi.Bool(false),
    				FromList: &cloudflare.RulesetRuleActionParametersFromListArgs{
    					Key:  pulumi.String("string"),
    					Name: pulumi.String("string"),
    				},
    				FromValue: &cloudflare.RulesetRuleActionParametersFromValueArgs{
    					PreserveQueryString: pulumi.Bool(false),
    					StatusCode:          pulumi.Int(0),
    					TargetUrl: &cloudflare.RulesetRuleActionParametersFromValueTargetUrlArgs{
    						Expression: pulumi.String("string"),
    						Value:      pulumi.String("string"),
    					},
    				},
    				Headers: cloudflare.RulesetRuleActionParametersHeaderArray{
    					&cloudflare.RulesetRuleActionParametersHeaderArgs{
    						Expression: pulumi.String("string"),
    						Name:       pulumi.String("string"),
    						Operation:  pulumi.String("string"),
    						Value:      pulumi.String("string"),
    					},
    				},
    				HostHeader:        pulumi.String("string"),
    				HotlinkProtection: pulumi.Bool(false),
    				Id:                pulumi.String("string"),
    				Increment:         pulumi.Int(0),
    				MatchedData: &cloudflare.RulesetRuleActionParametersMatchedDataArgs{
    					PublicKey: pulumi.String("string"),
    				},
    				Mirage:                  pulumi.Bool(false),
    				OpportunisticEncryption: pulumi.Bool(false),
    				Origin: &cloudflare.RulesetRuleActionParametersOriginArgs{
    					Host: pulumi.String("string"),
    					Port: pulumi.Int(0),
    				},
    				OriginCacheControl:      pulumi.Bool(false),
    				OriginErrorPagePassthru: pulumi.Bool(false),
    				Overrides: &cloudflare.RulesetRuleActionParametersOverridesArgs{
    					Action: pulumi.String("string"),
    					Categories: cloudflare.RulesetRuleActionParametersOverridesCategoryArray{
    						&cloudflare.RulesetRuleActionParametersOverridesCategoryArgs{
    							Action:   pulumi.String("string"),
    							Category: pulumi.String("string"),
    							Enabled:  pulumi.Bool(false),
    						},
    					},
    					Enabled: pulumi.Bool(false),
    					Rules: cloudflare.RulesetRuleActionParametersOverridesRuleArray{
    						&cloudflare.RulesetRuleActionParametersOverridesRuleArgs{
    							Action:           pulumi.String("string"),
    							Enabled:          pulumi.Bool(false),
    							Id:               pulumi.String("string"),
    							ScoreThreshold:   pulumi.Int(0),
    							SensitivityLevel: pulumi.String("string"),
    						},
    					},
    					SensitivityLevel: pulumi.String("string"),
    				},
    				Phases: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				Polish: pulumi.String("string"),
    				Products: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				ReadTimeout: pulumi.Int(0),
    				RequestFields: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				RespectStrongEtags: pulumi.Bool(false),
    				ResponseFields: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				Responses: cloudflare.RulesetRuleActionParametersResponseArray{
    					&cloudflare.RulesetRuleActionParametersResponseArgs{
    						Content:     pulumi.String("string"),
    						ContentType: pulumi.String("string"),
    						StatusCode:  pulumi.Int(0),
    					},
    				},
    				RocketLoader: pulumi.Bool(false),
    				Rules: pulumi.StringMap{
    					"string": pulumi.String("string"),
    				},
    				Ruleset: pulumi.String("string"),
    				Rulesets: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				SecurityLevel: pulumi.String("string"),
    				ServeStale: &cloudflare.RulesetRuleActionParametersServeStaleArgs{
    					DisableStaleWhileUpdating: pulumi.Bool(false),
    				},
    				ServerSideExcludes: pulumi.Bool(false),
    				Sni: &cloudflare.RulesetRuleActionParametersSniArgs{
    					Value: pulumi.String("string"),
    				},
    				Ssl:        pulumi.String("string"),
    				StatusCode: pulumi.Int(0),
    				Sxg:        pulumi.Bool(false),
    				Uri: &cloudflare.RulesetRuleActionParametersUriArgs{
    					Origin: pulumi.Bool(false),
    					Path: &cloudflare.RulesetRuleActionParametersUriPathArgs{
    						Expression: pulumi.String("string"),
    						Value:      pulumi.String("string"),
    					},
    					Query: &cloudflare.RulesetRuleActionParametersUriQueryArgs{
    						Expression: pulumi.String("string"),
    						Value:      pulumi.String("string"),
    					},
    				},
    				Version: pulumi.String("string"),
    			},
    			Description: pulumi.String("string"),
    			Enabled:     pulumi.Bool(false),
    			ExposedCredentialCheck: &cloudflare.RulesetRuleExposedCredentialCheckArgs{
    				PasswordExpression: pulumi.String("string"),
    				UsernameExpression: pulumi.String("string"),
    			},
    			Id:          pulumi.String("string"),
    			LastUpdated: pulumi.String("string"),
    			Logging: &cloudflare.RulesetRuleLoggingArgs{
    				Enabled: pulumi.Bool(false),
    			},
    			Ratelimit: &cloudflare.RulesetRuleRatelimitArgs{
    				Characteristics: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				CountingExpression:      pulumi.String("string"),
    				MitigationTimeout:       pulumi.Int(0),
    				Period:                  pulumi.Int(0),
    				RequestsPerPeriod:       pulumi.Int(0),
    				RequestsToOrigin:        pulumi.Bool(false),
    				ScorePerPeriod:          pulumi.Int(0),
    				ScoreResponseHeaderName: pulumi.String("string"),
    			},
    			Ref:     pulumi.String("string"),
    			Version: pulumi.String("string"),
    		},
    	},
    	ZoneId: pulumi.String("string"),
    })
    
    var rulesetResource = new Ruleset("rulesetResource", RulesetArgs.builder()
        .kind("string")
        .name("string")
        .phase("string")
        .accountId("string")
        .description("string")
        .rules(RulesetRuleArgs.builder()
            .expression("string")
            .action("string")
            .actionParameters(RulesetRuleActionParametersArgs.builder()
                .additionalCacheablePorts(0)
                .algorithms(RulesetRuleActionParametersAlgorithmArgs.builder()
                    .name("string")
                    .build())
                .automaticHttpsRewrites(false)
                .autominifies(RulesetRuleActionParametersAutominifyArgs.builder()
                    .css(false)
                    .html(false)
                    .js(false)
                    .build())
                .bic(false)
                .browserTtl(RulesetRuleActionParametersBrowserTtlArgs.builder()
                    .mode("string")
                    .default_(0)
                    .build())
                .cache(false)
                .cacheKey(RulesetRuleActionParametersCacheKeyArgs.builder()
                    .cacheByDeviceType(false)
                    .cacheDeceptionArmor(false)
                    .customKey(RulesetRuleActionParametersCacheKeyCustomKeyArgs.builder()
                        .cookie(RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs.builder()
                            .checkPresences("string")
                            .includes("string")
                            .build())
                        .header(RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs.builder()
                            .checkPresences("string")
                            .excludeOrigin(false)
                            .includes("string")
                            .build())
                        .host(RulesetRuleActionParametersCacheKeyCustomKeyHostArgs.builder()
                            .resolved(false)
                            .build())
                        .queryString(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs.builder()
                            .excludes("string")
                            .includes("string")
                            .build())
                        .user(RulesetRuleActionParametersCacheKeyCustomKeyUserArgs.builder()
                            .deviceType(false)
                            .geo(false)
                            .lang(false)
                            .build())
                        .build())
                    .ignoreQueryStringsOrder(false)
                    .build())
                .content("string")
                .contentType("string")
                .cookieFields("string")
                .disableApps(false)
                .disableRailgun(false)
                .disableRum(false)
                .disableZaraz(false)
                .edgeTtl(RulesetRuleActionParametersEdgeTtlArgs.builder()
                    .mode("string")
                    .default_(0)
                    .statusCodeTtls(RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
                        .statusCode(0)
                        .statusCodeRanges(RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs.builder()
                            .from(0)
                            .to(0)
                            .build())
                        .value(0)
                        .build())
                    .build())
                .emailObfuscation(false)
                .fonts(false)
                .fromList(RulesetRuleActionParametersFromListArgs.builder()
                    .key("string")
                    .name("string")
                    .build())
                .fromValue(RulesetRuleActionParametersFromValueArgs.builder()
                    .preserveQueryString(false)
                    .statusCode(0)
                    .targetUrl(RulesetRuleActionParametersFromValueTargetUrlArgs.builder()
                        .expression("string")
                        .value("string")
                        .build())
                    .build())
                .headers(RulesetRuleActionParametersHeaderArgs.builder()
                    .expression("string")
                    .name("string")
                    .operation("string")
                    .value("string")
                    .build())
                .hostHeader("string")
                .hotlinkProtection(false)
                .id("string")
                .increment(0)
                .matchedData(RulesetRuleActionParametersMatchedDataArgs.builder()
                    .publicKey("string")
                    .build())
                .mirage(false)
                .opportunisticEncryption(false)
                .origin(RulesetRuleActionParametersOriginArgs.builder()
                    .host("string")
                    .port(0)
                    .build())
                .originCacheControl(false)
                .originErrorPagePassthru(false)
                .overrides(RulesetRuleActionParametersOverridesArgs.builder()
                    .action("string")
                    .categories(RulesetRuleActionParametersOverridesCategoryArgs.builder()
                        .action("string")
                        .category("string")
                        .enabled(false)
                        .build())
                    .enabled(false)
                    .rules(RulesetRuleActionParametersOverridesRuleArgs.builder()
                        .action("string")
                        .enabled(false)
                        .id("string")
                        .scoreThreshold(0)
                        .sensitivityLevel("string")
                        .build())
                    .sensitivityLevel("string")
                    .build())
                .phases("string")
                .polish("string")
                .products("string")
                .readTimeout(0)
                .requestFields("string")
                .respectStrongEtags(false)
                .responseFields("string")
                .responses(RulesetRuleActionParametersResponseArgs.builder()
                    .content("string")
                    .contentType("string")
                    .statusCode(0)
                    .build())
                .rocketLoader(false)
                .rules(Map.of("string", "string"))
                .ruleset("string")
                .rulesets("string")
                .securityLevel("string")
                .serveStale(RulesetRuleActionParametersServeStaleArgs.builder()
                    .disableStaleWhileUpdating(false)
                    .build())
                .serverSideExcludes(false)
                .sni(RulesetRuleActionParametersSniArgs.builder()
                    .value("string")
                    .build())
                .ssl("string")
                .statusCode(0)
                .sxg(false)
                .uri(RulesetRuleActionParametersUriArgs.builder()
                    .origin(false)
                    .path(RulesetRuleActionParametersUriPathArgs.builder()
                        .expression("string")
                        .value("string")
                        .build())
                    .query(RulesetRuleActionParametersUriQueryArgs.builder()
                        .expression("string")
                        .value("string")
                        .build())
                    .build())
                .version("string")
                .build())
            .description("string")
            .enabled(false)
            .exposedCredentialCheck(RulesetRuleExposedCredentialCheckArgs.builder()
                .passwordExpression("string")
                .usernameExpression("string")
                .build())
            .id("string")
            .lastUpdated("string")
            .logging(RulesetRuleLoggingArgs.builder()
                .enabled(false)
                .build())
            .ratelimit(RulesetRuleRatelimitArgs.builder()
                .characteristics("string")
                .countingExpression("string")
                .mitigationTimeout(0)
                .period(0)
                .requestsPerPeriod(0)
                .requestsToOrigin(false)
                .scorePerPeriod(0)
                .scoreResponseHeaderName("string")
                .build())
            .ref("string")
            .version("string")
            .build())
        .zoneId("string")
        .build());
    
    ruleset_resource = cloudflare.Ruleset("rulesetResource",
        kind="string",
        name="string",
        phase="string",
        account_id="string",
        description="string",
        rules=[cloudflare.RulesetRuleArgs(
            expression="string",
            action="string",
            action_parameters=cloudflare.RulesetRuleActionParametersArgs(
                additional_cacheable_ports=[0],
                algorithms=[cloudflare.RulesetRuleActionParametersAlgorithmArgs(
                    name="string",
                )],
                automatic_https_rewrites=False,
                autominifies=[cloudflare.RulesetRuleActionParametersAutominifyArgs(
                    css=False,
                    html=False,
                    js=False,
                )],
                bic=False,
                browser_ttl=cloudflare.RulesetRuleActionParametersBrowserTtlArgs(
                    mode="string",
                    default=0,
                ),
                cache=False,
                cache_key=cloudflare.RulesetRuleActionParametersCacheKeyArgs(
                    cache_by_device_type=False,
                    cache_deception_armor=False,
                    custom_key=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyArgs(
                        cookie=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs(
                            check_presences=["string"],
                            includes=["string"],
                        ),
                        header=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs(
                            check_presences=["string"],
                            exclude_origin=False,
                            includes=["string"],
                        ),
                        host=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs(
                            resolved=False,
                        ),
                        query_string=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs(
                            excludes=["string"],
                            includes=["string"],
                        ),
                        user=cloudflare.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs(
                            device_type=False,
                            geo=False,
                            lang=False,
                        ),
                    ),
                    ignore_query_strings_order=False,
                ),
                content="string",
                content_type="string",
                cookie_fields=["string"],
                disable_apps=False,
                disable_railgun=False,
                disable_rum=False,
                disable_zaraz=False,
                edge_ttl=cloudflare.RulesetRuleActionParametersEdgeTtlArgs(
                    mode="string",
                    default=0,
                    status_code_ttls=[cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs(
                        status_code=0,
                        status_code_ranges=[cloudflare.RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs(
                            from_=0,
                            to=0,
                        )],
                        value=0,
                    )],
                ),
                email_obfuscation=False,
                fonts=False,
                from_list=cloudflare.RulesetRuleActionParametersFromListArgs(
                    key="string",
                    name="string",
                ),
                from_value=cloudflare.RulesetRuleActionParametersFromValueArgs(
                    preserve_query_string=False,
                    status_code=0,
                    target_url=cloudflare.RulesetRuleActionParametersFromValueTargetUrlArgs(
                        expression="string",
                        value="string",
                    ),
                ),
                headers=[cloudflare.RulesetRuleActionParametersHeaderArgs(
                    expression="string",
                    name="string",
                    operation="string",
                    value="string",
                )],
                host_header="string",
                hotlink_protection=False,
                id="string",
                increment=0,
                matched_data=cloudflare.RulesetRuleActionParametersMatchedDataArgs(
                    public_key="string",
                ),
                mirage=False,
                opportunistic_encryption=False,
                origin=cloudflare.RulesetRuleActionParametersOriginArgs(
                    host="string",
                    port=0,
                ),
                origin_cache_control=False,
                origin_error_page_passthru=False,
                overrides=cloudflare.RulesetRuleActionParametersOverridesArgs(
                    action="string",
                    categories=[cloudflare.RulesetRuleActionParametersOverridesCategoryArgs(
                        action="string",
                        category="string",
                        enabled=False,
                    )],
                    enabled=False,
                    rules=[cloudflare.RulesetRuleActionParametersOverridesRuleArgs(
                        action="string",
                        enabled=False,
                        id="string",
                        score_threshold=0,
                        sensitivity_level="string",
                    )],
                    sensitivity_level="string",
                ),
                phases=["string"],
                polish="string",
                products=["string"],
                read_timeout=0,
                request_fields=["string"],
                respect_strong_etags=False,
                response_fields=["string"],
                responses=[cloudflare.RulesetRuleActionParametersResponseArgs(
                    content="string",
                    content_type="string",
                    status_code=0,
                )],
                rocket_loader=False,
                rules={
                    "string": "string",
                },
                ruleset="string",
                rulesets=["string"],
                security_level="string",
                serve_stale=cloudflare.RulesetRuleActionParametersServeStaleArgs(
                    disable_stale_while_updating=False,
                ),
                server_side_excludes=False,
                sni=cloudflare.RulesetRuleActionParametersSniArgs(
                    value="string",
                ),
                ssl="string",
                status_code=0,
                sxg=False,
                uri=cloudflare.RulesetRuleActionParametersUriArgs(
                    origin=False,
                    path=cloudflare.RulesetRuleActionParametersUriPathArgs(
                        expression="string",
                        value="string",
                    ),
                    query=cloudflare.RulesetRuleActionParametersUriQueryArgs(
                        expression="string",
                        value="string",
                    ),
                ),
                version="string",
            ),
            description="string",
            enabled=False,
            exposed_credential_check=cloudflare.RulesetRuleExposedCredentialCheckArgs(
                password_expression="string",
                username_expression="string",
            ),
            id="string",
            last_updated="string",
            logging=cloudflare.RulesetRuleLoggingArgs(
                enabled=False,
            ),
            ratelimit=cloudflare.RulesetRuleRatelimitArgs(
                characteristics=["string"],
                counting_expression="string",
                mitigation_timeout=0,
                period=0,
                requests_per_period=0,
                requests_to_origin=False,
                score_per_period=0,
                score_response_header_name="string",
            ),
            ref="string",
            version="string",
        )],
        zone_id="string")
    
    const rulesetResource = new cloudflare.Ruleset("rulesetResource", {
        kind: "string",
        name: "string",
        phase: "string",
        accountId: "string",
        description: "string",
        rules: [{
            expression: "string",
            action: "string",
            actionParameters: {
                additionalCacheablePorts: [0],
                algorithms: [{
                    name: "string",
                }],
                automaticHttpsRewrites: false,
                autominifies: [{
                    css: false,
                    html: false,
                    js: false,
                }],
                bic: false,
                browserTtl: {
                    mode: "string",
                    "default": 0,
                },
                cache: false,
                cacheKey: {
                    cacheByDeviceType: false,
                    cacheDeceptionArmor: false,
                    customKey: {
                        cookie: {
                            checkPresences: ["string"],
                            includes: ["string"],
                        },
                        header: {
                            checkPresences: ["string"],
                            excludeOrigin: false,
                            includes: ["string"],
                        },
                        host: {
                            resolved: false,
                        },
                        queryString: {
                            excludes: ["string"],
                            includes: ["string"],
                        },
                        user: {
                            deviceType: false,
                            geo: false,
                            lang: false,
                        },
                    },
                    ignoreQueryStringsOrder: false,
                },
                content: "string",
                contentType: "string",
                cookieFields: ["string"],
                disableApps: false,
                disableRailgun: false,
                disableRum: false,
                disableZaraz: false,
                edgeTtl: {
                    mode: "string",
                    "default": 0,
                    statusCodeTtls: [{
                        statusCode: 0,
                        statusCodeRanges: [{
                            from: 0,
                            to: 0,
                        }],
                        value: 0,
                    }],
                },
                emailObfuscation: false,
                fonts: false,
                fromList: {
                    key: "string",
                    name: "string",
                },
                fromValue: {
                    preserveQueryString: false,
                    statusCode: 0,
                    targetUrl: {
                        expression: "string",
                        value: "string",
                    },
                },
                headers: [{
                    expression: "string",
                    name: "string",
                    operation: "string",
                    value: "string",
                }],
                hostHeader: "string",
                hotlinkProtection: false,
                id: "string",
                increment: 0,
                matchedData: {
                    publicKey: "string",
                },
                mirage: false,
                opportunisticEncryption: false,
                origin: {
                    host: "string",
                    port: 0,
                },
                originCacheControl: false,
                originErrorPagePassthru: false,
                overrides: {
                    action: "string",
                    categories: [{
                        action: "string",
                        category: "string",
                        enabled: false,
                    }],
                    enabled: false,
                    rules: [{
                        action: "string",
                        enabled: false,
                        id: "string",
                        scoreThreshold: 0,
                        sensitivityLevel: "string",
                    }],
                    sensitivityLevel: "string",
                },
                phases: ["string"],
                polish: "string",
                products: ["string"],
                readTimeout: 0,
                requestFields: ["string"],
                respectStrongEtags: false,
                responseFields: ["string"],
                responses: [{
                    content: "string",
                    contentType: "string",
                    statusCode: 0,
                }],
                rocketLoader: false,
                rules: {
                    string: "string",
                },
                ruleset: "string",
                rulesets: ["string"],
                securityLevel: "string",
                serveStale: {
                    disableStaleWhileUpdating: false,
                },
                serverSideExcludes: false,
                sni: {
                    value: "string",
                },
                ssl: "string",
                statusCode: 0,
                sxg: false,
                uri: {
                    origin: false,
                    path: {
                        expression: "string",
                        value: "string",
                    },
                    query: {
                        expression: "string",
                        value: "string",
                    },
                },
                version: "string",
            },
            description: "string",
            enabled: false,
            exposedCredentialCheck: {
                passwordExpression: "string",
                usernameExpression: "string",
            },
            id: "string",
            lastUpdated: "string",
            logging: {
                enabled: false,
            },
            ratelimit: {
                characteristics: ["string"],
                countingExpression: "string",
                mitigationTimeout: 0,
                period: 0,
                requestsPerPeriod: 0,
                requestsToOrigin: false,
                scorePerPeriod: 0,
                scoreResponseHeaderName: "string",
            },
            ref: "string",
            version: "string",
        }],
        zoneId: "string",
    });
    
    type: cloudflare:Ruleset
    properties:
        accountId: string
        description: string
        kind: string
        name: string
        phase: string
        rules:
            - action: string
              actionParameters:
                additionalCacheablePorts:
                    - 0
                algorithms:
                    - name: string
                automaticHttpsRewrites: false
                autominifies:
                    - css: false
                      html: false
                      js: false
                bic: false
                browserTtl:
                    default: 0
                    mode: string
                cache: false
                cacheKey:
                    cacheByDeviceType: false
                    cacheDeceptionArmor: false
                    customKey:
                        cookie:
                            checkPresences:
                                - string
                            includes:
                                - string
                        header:
                            checkPresences:
                                - string
                            excludeOrigin: false
                            includes:
                                - string
                        host:
                            resolved: false
                        queryString:
                            excludes:
                                - string
                            includes:
                                - string
                        user:
                            deviceType: false
                            geo: false
                            lang: false
                    ignoreQueryStringsOrder: false
                content: string
                contentType: string
                cookieFields:
                    - string
                disableApps: false
                disableRailgun: false
                disableRum: false
                disableZaraz: false
                edgeTtl:
                    default: 0
                    mode: string
                    statusCodeTtls:
                        - statusCode: 0
                          statusCodeRanges:
                            - from: 0
                              to: 0
                          value: 0
                emailObfuscation: false
                fonts: false
                fromList:
                    key: string
                    name: string
                fromValue:
                    preserveQueryString: false
                    statusCode: 0
                    targetUrl:
                        expression: string
                        value: string
                headers:
                    - expression: string
                      name: string
                      operation: string
                      value: string
                hostHeader: string
                hotlinkProtection: false
                id: string
                increment: 0
                matchedData:
                    publicKey: string
                mirage: false
                opportunisticEncryption: false
                origin:
                    host: string
                    port: 0
                originCacheControl: false
                originErrorPagePassthru: false
                overrides:
                    action: string
                    categories:
                        - action: string
                          category: string
                          enabled: false
                    enabled: false
                    rules:
                        - action: string
                          enabled: false
                          id: string
                          scoreThreshold: 0
                          sensitivityLevel: string
                    sensitivityLevel: string
                phases:
                    - string
                polish: string
                products:
                    - string
                readTimeout: 0
                requestFields:
                    - string
                respectStrongEtags: false
                responseFields:
                    - string
                responses:
                    - content: string
                      contentType: string
                      statusCode: 0
                rocketLoader: false
                rules:
                    string: string
                ruleset: string
                rulesets:
                    - string
                securityLevel: string
                serveStale:
                    disableStaleWhileUpdating: false
                serverSideExcludes: false
                sni:
                    value: string
                ssl: string
                statusCode: 0
                sxg: false
                uri:
                    origin: false
                    path:
                        expression: string
                        value: string
                    query:
                        expression: string
                        value: string
                version: string
              description: string
              enabled: false
              exposedCredentialCheck:
                passwordExpression: string
                usernameExpression: string
              expression: string
              id: string
              lastUpdated: string
              logging:
                enabled: false
              ratelimit:
                characteristics:
                    - string
                countingExpression: string
                mitigationTimeout: 0
                period: 0
                requestsPerPeriod: 0
                requestsToOrigin: false
                scorePerPeriod: 0
                scoreResponseHeaderName: string
              ref: string
              version: string
        zoneId: string
    

    Ruleset Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Ruleset resource accepts the following input properties:

    Kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    Name string
    Name of the ruleset.
    Phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    AccountId string
    The account identifier to target for the resource.
    Description string
    Brief summary of the ruleset and its intended use.
    Rules List<RulesetRule>
    List of rules to apply to the ruleset.
    ZoneId string
    The zone identifier to target for the resource.
    Kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    Name string
    Name of the ruleset.
    Phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    AccountId string
    The account identifier to target for the resource.
    Description string
    Brief summary of the ruleset and its intended use.
    Rules []RulesetRuleArgs
    List of rules to apply to the ruleset.
    ZoneId string
    The zone identifier to target for the resource.
    kind String
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name String
    Name of the ruleset.
    phase String
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    accountId String
    The account identifier to target for the resource.
    description String
    Brief summary of the ruleset and its intended use.
    rules List<RulesetRule>
    List of rules to apply to the ruleset.
    zoneId String
    The zone identifier to target for the resource.
    kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name string
    Name of the ruleset.
    phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    accountId string
    The account identifier to target for the resource.
    description string
    Brief summary of the ruleset and its intended use.
    rules RulesetRule[]
    List of rules to apply to the ruleset.
    zoneId string
    The zone identifier to target for the resource.
    kind str
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name str
    Name of the ruleset.
    phase str
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    account_id str
    The account identifier to target for the resource.
    description str
    Brief summary of the ruleset and its intended use.
    rules Sequence[RulesetRuleArgs]
    List of rules to apply to the ruleset.
    zone_id str
    The zone identifier to target for the resource.
    kind String
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name String
    Name of the ruleset.
    phase String
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    accountId String
    The account identifier to target for the resource.
    description String
    Brief summary of the ruleset and its intended use.
    rules List<Property Map>
    List of rules to apply to the ruleset.
    zoneId String
    The zone identifier to target for the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Ruleset resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Ruleset Resource

    Get an existing Ruleset resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RulesetState, opts?: CustomResourceOptions): Ruleset
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_id: Optional[str] = None,
            description: Optional[str] = None,
            kind: Optional[str] = None,
            name: Optional[str] = None,
            phase: Optional[str] = None,
            rules: Optional[Sequence[RulesetRuleArgs]] = None,
            zone_id: Optional[str] = None) -> Ruleset
    func GetRuleset(ctx *Context, name string, id IDInput, state *RulesetState, opts ...ResourceOption) (*Ruleset, error)
    public static Ruleset Get(string name, Input<string> id, RulesetState? state, CustomResourceOptions? opts = null)
    public static Ruleset get(String name, Output<String> id, RulesetState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountId string
    The account identifier to target for the resource.
    Description string
    Brief summary of the ruleset and its intended use.
    Kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    Name string
    Name of the ruleset.
    Phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    Rules List<RulesetRule>
    List of rules to apply to the ruleset.
    ZoneId string
    The zone identifier to target for the resource.
    AccountId string
    The account identifier to target for the resource.
    Description string
    Brief summary of the ruleset and its intended use.
    Kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    Name string
    Name of the ruleset.
    Phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    Rules []RulesetRuleArgs
    List of rules to apply to the ruleset.
    ZoneId string
    The zone identifier to target for the resource.
    accountId String
    The account identifier to target for the resource.
    description String
    Brief summary of the ruleset and its intended use.
    kind String
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name String
    Name of the ruleset.
    phase String
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    rules List<RulesetRule>
    List of rules to apply to the ruleset.
    zoneId String
    The zone identifier to target for the resource.
    accountId string
    The account identifier to target for the resource.
    description string
    Brief summary of the ruleset and its intended use.
    kind string
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name string
    Name of the ruleset.
    phase string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    rules RulesetRule[]
    List of rules to apply to the ruleset.
    zoneId string
    The zone identifier to target for the resource.
    account_id str
    The account identifier to target for the resource.
    description str
    Brief summary of the ruleset and its intended use.
    kind str
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name str
    Name of the ruleset.
    phase str
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    rules Sequence[RulesetRuleArgs]
    List of rules to apply to the ruleset.
    zone_id str
    The zone identifier to target for the resource.
    accountId String
    The account identifier to target for the resource.
    description String
    Brief summary of the ruleset and its intended use.
    kind String
    Type of Ruleset to create. Available values: custom, managed, root, zone.
    name String
    Name of the ruleset.
    phase String
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    rules List<Property Map>
    List of rules to apply to the ruleset.
    zoneId String
    The zone identifier to target for the resource.

    Supporting Types

    RulesetRule, RulesetRuleArgs

    Expression string
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Action string
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    ActionParameters RulesetRuleActionParameters
    List of parameters that configure the behavior of the ruleset rule action.
    Description string
    Brief summary of the ruleset rule and its intended use.
    Enabled bool
    Whether the rule is active.
    ExposedCredentialCheck RulesetRuleExposedCredentialCheck
    List of parameters that configure exposed credential checks.
    Id string
    Unique rule identifier.
    LastUpdated string
    The most recent update to this rule.
    Logging RulesetRuleLogging
    List parameters to configure how the rule generates logs. Only valid for skip action.
    Ratelimit RulesetRuleRatelimit
    List of parameters that configure HTTP rate limiting behaviour.
    Ref string
    Rule reference.
    Version string
    Version of the ruleset to deploy.
    Expression string
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Action string
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    ActionParameters RulesetRuleActionParameters
    List of parameters that configure the behavior of the ruleset rule action.
    Description string
    Brief summary of the ruleset rule and its intended use.
    Enabled bool
    Whether the rule is active.
    ExposedCredentialCheck RulesetRuleExposedCredentialCheck
    List of parameters that configure exposed credential checks.
    Id string
    Unique rule identifier.
    LastUpdated string
    The most recent update to this rule.
    Logging RulesetRuleLogging
    List parameters to configure how the rule generates logs. Only valid for skip action.
    Ratelimit RulesetRuleRatelimit
    List of parameters that configure HTTP rate limiting behaviour.
    Ref string
    Rule reference.
    Version string
    Version of the ruleset to deploy.
    expression String
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    action String
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    actionParameters RulesetRuleActionParameters
    List of parameters that configure the behavior of the ruleset rule action.
    description String
    Brief summary of the ruleset rule and its intended use.
    enabled Boolean
    Whether the rule is active.
    exposedCredentialCheck RulesetRuleExposedCredentialCheck
    List of parameters that configure exposed credential checks.
    id String
    Unique rule identifier.
    lastUpdated String
    The most recent update to this rule.
    logging RulesetRuleLogging
    List parameters to configure how the rule generates logs. Only valid for skip action.
    ratelimit RulesetRuleRatelimit
    List of parameters that configure HTTP rate limiting behaviour.
    ref String
    Rule reference.
    version String
    Version of the ruleset to deploy.
    expression string
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    action string
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    actionParameters RulesetRuleActionParameters
    List of parameters that configure the behavior of the ruleset rule action.
    description string
    Brief summary of the ruleset rule and its intended use.
    enabled boolean
    Whether the rule is active.
    exposedCredentialCheck RulesetRuleExposedCredentialCheck
    List of parameters that configure exposed credential checks.
    id string
    Unique rule identifier.
    lastUpdated string
    The most recent update to this rule.
    logging RulesetRuleLogging
    List parameters to configure how the rule generates logs. Only valid for skip action.
    ratelimit RulesetRuleRatelimit
    List of parameters that configure HTTP rate limiting behaviour.
    ref string
    Rule reference.
    version string
    Version of the ruleset to deploy.
    expression str
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    action str
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    action_parameters RulesetRuleActionParameters
    List of parameters that configure the behavior of the ruleset rule action.
    description str
    Brief summary of the ruleset rule and its intended use.
    enabled bool
    Whether the rule is active.
    exposed_credential_check RulesetRuleExposedCredentialCheck
    List of parameters that configure exposed credential checks.
    id str
    Unique rule identifier.
    last_updated str
    The most recent update to this rule.
    logging RulesetRuleLogging
    List parameters to configure how the rule generates logs. Only valid for skip action.
    ratelimit RulesetRuleRatelimit
    List of parameters that configure HTTP rate limiting behaviour.
    ref str
    Rule reference.
    version str
    Version of the ruleset to deploy.
    expression String
    Criteria for an HTTP request to trigger the ruleset rule action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    action String
    Action to perform in the ruleset rule. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    actionParameters Property Map
    List of parameters that configure the behavior of the ruleset rule action.
    description String
    Brief summary of the ruleset rule and its intended use.
    enabled Boolean
    Whether the rule is active.
    exposedCredentialCheck Property Map
    List of parameters that configure exposed credential checks.
    id String
    Unique rule identifier.
    lastUpdated String
    The most recent update to this rule.
    logging Property Map
    List parameters to configure how the rule generates logs. Only valid for skip action.
    ratelimit Property Map
    List of parameters that configure HTTP rate limiting behaviour.
    ref String
    Rule reference.
    version String
    Version of the ruleset to deploy.

    RulesetRuleActionParameters, RulesetRuleActionParametersArgs

    AdditionalCacheablePorts List<int>
    Specifies uncommon ports to allow cacheable assets to be served from.
    Algorithms List<RulesetRuleActionParametersAlgorithm>
    Compression algorithms to use in order of preference.
    AutomaticHttpsRewrites bool
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    Autominifies List<RulesetRuleActionParametersAutominify>
    Indicate which file extensions to minify automatically.
    Bic bool
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    BrowserTtl RulesetRuleActionParametersBrowserTtl
    List of browser TTL parameters to apply to the request.
    Cache bool
    Whether to cache if expression matches.
    CacheKey RulesetRuleActionParametersCacheKey
    List of cache key parameters to apply to the request.
    Content string
    Content of the custom error response.
    ContentType string
    Content-Type of the custom error response.
    CookieFields List<string>
    List of cookie values to include as part of custom fields logging.
    DisableApps bool
    Turn off all active Cloudflare Apps.
    DisableRailgun bool
    Turn off railgun feature of the Cloudflare Speed app.
    DisableRum bool
    Turn off RUM feature.
    DisableZaraz bool
    Turn off zaraz feature.
    EdgeTtl RulesetRuleActionParametersEdgeTtl
    List of edge TTL parameters to apply to the request.
    EmailObfuscation bool
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    Fonts bool
    Toggle fonts.
    FromList RulesetRuleActionParametersFromList
    Use a list to lookup information for the action.
    FromValue RulesetRuleActionParametersFromValue
    Use a value to lookup information for the action.
    Headers List<RulesetRuleActionParametersHeader>
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    HostHeader string
    Host Header that request origin receives.
    HotlinkProtection bool
    Turn on or off the hotlink protection feature.
    Id string
    Identifier of the action parameter to modify.
    Increment int
    MatchedData RulesetRuleActionParametersMatchedData
    List of properties to configure WAF payload logging.
    Mirage bool
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    OpportunisticEncryption bool
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    Origin RulesetRuleActionParametersOrigin
    List of properties to change request origin.
    OriginCacheControl bool
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    OriginErrorPagePassthru bool
    Pass-through error page for origin.
    Overrides RulesetRuleActionParametersOverrides
    List of override configurations to apply to the ruleset.
    Phases List<string>
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    Polish string
    Apply options from the Polish feature of the Cloudflare Speed app.
    Products List<string>
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    ReadTimeout int
    Specifies a maximum timeout for reading content from an origin server.
    RequestFields List<string>
    List of request headers to include as part of custom fields logging, in lowercase.
    RespectStrongEtags bool
    Respect strong ETags.
    ResponseFields List<string>
    List of response headers to include as part of custom fields logging, in lowercase.
    Responses List<RulesetRuleActionParametersResponse>
    List of parameters that configure the response given to end users.
    RocketLoader bool
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    Rules Dictionary<string, string>
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    Ruleset string
    Which ruleset ID to target.
    Rulesets List<string>
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    SecurityLevel string
    Control options for the Security Level feature from the Security app.
    ServeStale RulesetRuleActionParametersServeStale
    List of serve stale parameters to apply to the request.
    ServerSideExcludes bool
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    Sni RulesetRuleActionParametersSni
    List of properties to manange Server Name Indication.
    Ssl string
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    StatusCode int
    HTTP status code of the custom error response.
    Sxg bool
    Turn on or off the SXG feature.
    Uri RulesetRuleActionParametersUri
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    Version string
    Version of the ruleset to deploy.
    AdditionalCacheablePorts []int
    Specifies uncommon ports to allow cacheable assets to be served from.
    Algorithms []RulesetRuleActionParametersAlgorithm
    Compression algorithms to use in order of preference.
    AutomaticHttpsRewrites bool
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    Autominifies []RulesetRuleActionParametersAutominify
    Indicate which file extensions to minify automatically.
    Bic bool
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    BrowserTtl RulesetRuleActionParametersBrowserTtl
    List of browser TTL parameters to apply to the request.
    Cache bool
    Whether to cache if expression matches.
    CacheKey RulesetRuleActionParametersCacheKey
    List of cache key parameters to apply to the request.
    Content string
    Content of the custom error response.
    ContentType string
    Content-Type of the custom error response.
    CookieFields []string
    List of cookie values to include as part of custom fields logging.
    DisableApps bool
    Turn off all active Cloudflare Apps.
    DisableRailgun bool
    Turn off railgun feature of the Cloudflare Speed app.
    DisableRum bool
    Turn off RUM feature.
    DisableZaraz bool
    Turn off zaraz feature.
    EdgeTtl RulesetRuleActionParametersEdgeTtl
    List of edge TTL parameters to apply to the request.
    EmailObfuscation bool
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    Fonts bool
    Toggle fonts.
    FromList RulesetRuleActionParametersFromList
    Use a list to lookup information for the action.
    FromValue RulesetRuleActionParametersFromValue
    Use a value to lookup information for the action.
    Headers []RulesetRuleActionParametersHeader
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    HostHeader string
    Host Header that request origin receives.
    HotlinkProtection bool
    Turn on or off the hotlink protection feature.
    Id string
    Identifier of the action parameter to modify.
    Increment int
    MatchedData RulesetRuleActionParametersMatchedData
    List of properties to configure WAF payload logging.
    Mirage bool
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    OpportunisticEncryption bool
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    Origin RulesetRuleActionParametersOrigin
    List of properties to change request origin.
    OriginCacheControl bool
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    OriginErrorPagePassthru bool
    Pass-through error page for origin.
    Overrides RulesetRuleActionParametersOverrides
    List of override configurations to apply to the ruleset.
    Phases []string
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    Polish string
    Apply options from the Polish feature of the Cloudflare Speed app.
    Products []string
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    ReadTimeout int
    Specifies a maximum timeout for reading content from an origin server.
    RequestFields []string
    List of request headers to include as part of custom fields logging, in lowercase.
    RespectStrongEtags bool
    Respect strong ETags.
    ResponseFields []string
    List of response headers to include as part of custom fields logging, in lowercase.
    Responses []RulesetRuleActionParametersResponse
    List of parameters that configure the response given to end users.
    RocketLoader bool
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    Rules map[string]string
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    Ruleset string
    Which ruleset ID to target.
    Rulesets []string
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    SecurityLevel string
    Control options for the Security Level feature from the Security app.
    ServeStale RulesetRuleActionParametersServeStale
    List of serve stale parameters to apply to the request.
    ServerSideExcludes bool
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    Sni RulesetRuleActionParametersSni
    List of properties to manange Server Name Indication.
    Ssl string
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    StatusCode int
    HTTP status code of the custom error response.
    Sxg bool
    Turn on or off the SXG feature.
    Uri RulesetRuleActionParametersUri
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    Version string
    Version of the ruleset to deploy.
    additionalCacheablePorts List<Integer>
    Specifies uncommon ports to allow cacheable assets to be served from.
    algorithms List<RulesetRuleActionParametersAlgorithm>
    Compression algorithms to use in order of preference.
    automaticHttpsRewrites Boolean
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    autominifies List<RulesetRuleActionParametersAutominify>
    Indicate which file extensions to minify automatically.
    bic Boolean
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    browserTtl RulesetRuleActionParametersBrowserTtl
    List of browser TTL parameters to apply to the request.
    cache Boolean
    Whether to cache if expression matches.
    cacheKey RulesetRuleActionParametersCacheKey
    List of cache key parameters to apply to the request.
    content String
    Content of the custom error response.
    contentType String
    Content-Type of the custom error response.
    cookieFields List<String>
    List of cookie values to include as part of custom fields logging.
    disableApps Boolean
    Turn off all active Cloudflare Apps.
    disableRailgun Boolean
    Turn off railgun feature of the Cloudflare Speed app.
    disableRum Boolean
    Turn off RUM feature.
    disableZaraz Boolean
    Turn off zaraz feature.
    edgeTtl RulesetRuleActionParametersEdgeTtl
    List of edge TTL parameters to apply to the request.
    emailObfuscation Boolean
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    fonts Boolean
    Toggle fonts.
    fromList RulesetRuleActionParametersFromList
    Use a list to lookup information for the action.
    fromValue RulesetRuleActionParametersFromValue
    Use a value to lookup information for the action.
    headers List<RulesetRuleActionParametersHeader>
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    hostHeader String
    Host Header that request origin receives.
    hotlinkProtection Boolean
    Turn on or off the hotlink protection feature.
    id String
    Identifier of the action parameter to modify.
    increment Integer
    matchedData RulesetRuleActionParametersMatchedData
    List of properties to configure WAF payload logging.
    mirage Boolean
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    opportunisticEncryption Boolean
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    origin RulesetRuleActionParametersOrigin
    List of properties to change request origin.
    originCacheControl Boolean
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    originErrorPagePassthru Boolean
    Pass-through error page for origin.
    overrides RulesetRuleActionParametersOverrides
    List of override configurations to apply to the ruleset.
    phases List<String>
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    polish String
    Apply options from the Polish feature of the Cloudflare Speed app.
    products List<String>
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    readTimeout Integer
    Specifies a maximum timeout for reading content from an origin server.
    requestFields List<String>
    List of request headers to include as part of custom fields logging, in lowercase.
    respectStrongEtags Boolean
    Respect strong ETags.
    responseFields List<String>
    List of response headers to include as part of custom fields logging, in lowercase.
    responses List<RulesetRuleActionParametersResponse>
    List of parameters that configure the response given to end users.
    rocketLoader Boolean
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    rules Map<String,String>
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    ruleset String
    Which ruleset ID to target.
    rulesets List<String>
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    securityLevel String
    Control options for the Security Level feature from the Security app.
    serveStale RulesetRuleActionParametersServeStale
    List of serve stale parameters to apply to the request.
    serverSideExcludes Boolean
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    sni RulesetRuleActionParametersSni
    List of properties to manange Server Name Indication.
    ssl String
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    statusCode Integer
    HTTP status code of the custom error response.
    sxg Boolean
    Turn on or off the SXG feature.
    uri RulesetRuleActionParametersUri
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    version String
    Version of the ruleset to deploy.
    additionalCacheablePorts number[]
    Specifies uncommon ports to allow cacheable assets to be served from.
    algorithms RulesetRuleActionParametersAlgorithm[]
    Compression algorithms to use in order of preference.
    automaticHttpsRewrites boolean
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    autominifies RulesetRuleActionParametersAutominify[]
    Indicate which file extensions to minify automatically.
    bic boolean
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    browserTtl RulesetRuleActionParametersBrowserTtl
    List of browser TTL parameters to apply to the request.
    cache boolean
    Whether to cache if expression matches.
    cacheKey RulesetRuleActionParametersCacheKey
    List of cache key parameters to apply to the request.
    content string
    Content of the custom error response.
    contentType string
    Content-Type of the custom error response.
    cookieFields string[]
    List of cookie values to include as part of custom fields logging.
    disableApps boolean
    Turn off all active Cloudflare Apps.
    disableRailgun boolean
    Turn off railgun feature of the Cloudflare Speed app.
    disableRum boolean
    Turn off RUM feature.
    disableZaraz boolean
    Turn off zaraz feature.
    edgeTtl RulesetRuleActionParametersEdgeTtl
    List of edge TTL parameters to apply to the request.
    emailObfuscation boolean
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    fonts boolean
    Toggle fonts.
    fromList RulesetRuleActionParametersFromList
    Use a list to lookup information for the action.
    fromValue RulesetRuleActionParametersFromValue
    Use a value to lookup information for the action.
    headers RulesetRuleActionParametersHeader[]
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    hostHeader string
    Host Header that request origin receives.
    hotlinkProtection boolean
    Turn on or off the hotlink protection feature.
    id string
    Identifier of the action parameter to modify.
    increment number
    matchedData RulesetRuleActionParametersMatchedData
    List of properties to configure WAF payload logging.
    mirage boolean
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    opportunisticEncryption boolean
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    origin RulesetRuleActionParametersOrigin
    List of properties to change request origin.
    originCacheControl boolean
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    originErrorPagePassthru boolean
    Pass-through error page for origin.
    overrides RulesetRuleActionParametersOverrides
    List of override configurations to apply to the ruleset.
    phases string[]
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    polish string
    Apply options from the Polish feature of the Cloudflare Speed app.
    products string[]
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    readTimeout number
    Specifies a maximum timeout for reading content from an origin server.
    requestFields string[]
    List of request headers to include as part of custom fields logging, in lowercase.
    respectStrongEtags boolean
    Respect strong ETags.
    responseFields string[]
    List of response headers to include as part of custom fields logging, in lowercase.
    responses RulesetRuleActionParametersResponse[]
    List of parameters that configure the response given to end users.
    rocketLoader boolean
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    rules {[key: string]: string}
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    ruleset string
    Which ruleset ID to target.
    rulesets string[]
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    securityLevel string
    Control options for the Security Level feature from the Security app.
    serveStale RulesetRuleActionParametersServeStale
    List of serve stale parameters to apply to the request.
    serverSideExcludes boolean
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    sni RulesetRuleActionParametersSni
    List of properties to manange Server Name Indication.
    ssl string
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    statusCode number
    HTTP status code of the custom error response.
    sxg boolean
    Turn on or off the SXG feature.
    uri RulesetRuleActionParametersUri
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    version string
    Version of the ruleset to deploy.
    additional_cacheable_ports Sequence[int]
    Specifies uncommon ports to allow cacheable assets to be served from.
    algorithms Sequence[RulesetRuleActionParametersAlgorithm]
    Compression algorithms to use in order of preference.
    automatic_https_rewrites bool
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    autominifies Sequence[RulesetRuleActionParametersAutominify]
    Indicate which file extensions to minify automatically.
    bic bool
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    browser_ttl RulesetRuleActionParametersBrowserTtl
    List of browser TTL parameters to apply to the request.
    cache bool
    Whether to cache if expression matches.
    cache_key RulesetRuleActionParametersCacheKey
    List of cache key parameters to apply to the request.
    content str
    Content of the custom error response.
    content_type str
    Content-Type of the custom error response.
    cookie_fields Sequence[str]
    List of cookie values to include as part of custom fields logging.
    disable_apps bool
    Turn off all active Cloudflare Apps.
    disable_railgun bool
    Turn off railgun feature of the Cloudflare Speed app.
    disable_rum bool
    Turn off RUM feature.
    disable_zaraz bool
    Turn off zaraz feature.
    edge_ttl RulesetRuleActionParametersEdgeTtl
    List of edge TTL parameters to apply to the request.
    email_obfuscation bool
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    fonts bool
    Toggle fonts.
    from_list RulesetRuleActionParametersFromList
    Use a list to lookup information for the action.
    from_value RulesetRuleActionParametersFromValue
    Use a value to lookup information for the action.
    headers Sequence[RulesetRuleActionParametersHeader]
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    host_header str
    Host Header that request origin receives.
    hotlink_protection bool
    Turn on or off the hotlink protection feature.
    id str
    Identifier of the action parameter to modify.
    increment int
    matched_data RulesetRuleActionParametersMatchedData
    List of properties to configure WAF payload logging.
    mirage bool
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    opportunistic_encryption bool
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    origin RulesetRuleActionParametersOrigin
    List of properties to change request origin.
    origin_cache_control bool
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    origin_error_page_passthru bool
    Pass-through error page for origin.
    overrides RulesetRuleActionParametersOverrides
    List of override configurations to apply to the ruleset.
    phases Sequence[str]
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    polish str
    Apply options from the Polish feature of the Cloudflare Speed app.
    products Sequence[str]
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    read_timeout int
    Specifies a maximum timeout for reading content from an origin server.
    request_fields Sequence[str]
    List of request headers to include as part of custom fields logging, in lowercase.
    respect_strong_etags bool
    Respect strong ETags.
    response_fields Sequence[str]
    List of response headers to include as part of custom fields logging, in lowercase.
    responses Sequence[RulesetRuleActionParametersResponse]
    List of parameters that configure the response given to end users.
    rocket_loader bool
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    rules Mapping[str, str]
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    ruleset str
    Which ruleset ID to target.
    rulesets Sequence[str]
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    security_level str
    Control options for the Security Level feature from the Security app.
    serve_stale RulesetRuleActionParametersServeStale
    List of serve stale parameters to apply to the request.
    server_side_excludes bool
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    sni RulesetRuleActionParametersSni
    List of properties to manange Server Name Indication.
    ssl str
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    status_code int
    HTTP status code of the custom error response.
    sxg bool
    Turn on or off the SXG feature.
    uri RulesetRuleActionParametersUri
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    version str
    Version of the ruleset to deploy.
    additionalCacheablePorts List<Number>
    Specifies uncommon ports to allow cacheable assets to be served from.
    algorithms List<Property Map>
    Compression algorithms to use in order of preference.
    automaticHttpsRewrites Boolean
    Turn on or off Cloudflare Automatic HTTPS rewrites.
    autominifies List<Property Map>
    Indicate which file extensions to minify automatically.
    bic Boolean
    Inspect the visitor's browser for headers commonly associated with spammers and certain bots.
    browserTtl Property Map
    List of browser TTL parameters to apply to the request.
    cache Boolean
    Whether to cache if expression matches.
    cacheKey Property Map
    List of cache key parameters to apply to the request.
    content String
    Content of the custom error response.
    contentType String
    Content-Type of the custom error response.
    cookieFields List<String>
    List of cookie values to include as part of custom fields logging.
    disableApps Boolean
    Turn off all active Cloudflare Apps.
    disableRailgun Boolean
    Turn off railgun feature of the Cloudflare Speed app.
    disableRum Boolean
    Turn off RUM feature.
    disableZaraz Boolean
    Turn off zaraz feature.
    edgeTtl Property Map
    List of edge TTL parameters to apply to the request.
    emailObfuscation Boolean
    Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app.
    fonts Boolean
    Toggle fonts.
    fromList Property Map
    Use a list to lookup information for the action.
    fromValue Property Map
    Use a value to lookup information for the action.
    headers List<Property Map>
    List of HTTP header modifications to perform in the ruleset rule. Note: Headers are order dependent and must be provided sorted alphabetically ascending based on the name value.
    hostHeader String
    Host Header that request origin receives.
    hotlinkProtection Boolean
    Turn on or off the hotlink protection feature.
    id String
    Identifier of the action parameter to modify.
    increment Number
    matchedData Property Map
    List of properties to configure WAF payload logging.
    mirage Boolean
    Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
    opportunisticEncryption Boolean
    Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    origin Property Map
    List of properties to change request origin.
    originCacheControl Boolean
    Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
    originErrorPagePassthru Boolean
    Pass-through error page for origin.
    overrides Property Map
    List of override configurations to apply to the ruleset.
    phases List<String>
    Point in the request/response lifecycle where the ruleset will be created. Available values: ddos_l4, ddos_l7, http_config_settings, http_custom_errors, http_log_custom_fields, http_ratelimit, http_request_cache_settings, http_request_dynamic_redirect, http_request_firewall_custom, http_request_firewall_managed, http_request_late_transform, http_request_origin, http_request_redirect, http_request_sanitize, http_request_sbfm, http_request_transform, http_response_compression, http_response_firewall_managed, http_response_headers_transform, magic_transit.
    polish String
    Apply options from the Polish feature of the Cloudflare Speed app.
    products List<String>
    Products to target with the actions. Available values: bic, hot, ratelimit, securityLevel, uablock, waf, zonelockdown.
    readTimeout Number
    Specifies a maximum timeout for reading content from an origin server.
    requestFields List<String>
    List of request headers to include as part of custom fields logging, in lowercase.
    respectStrongEtags Boolean
    Respect strong ETags.
    responseFields List<String>
    List of response headers to include as part of custom fields logging, in lowercase.
    responses List<Property Map>
    List of parameters that configure the response given to end users.
    rocketLoader Boolean
    Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed app.
    rules Map<String>
    Map of managed WAF rule ID to comma-delimited string of ruleset rule IDs. Example: rules = { "efb7b8c949ac4650a09736fc376e9aee" = "5de7edfa648c4d6891dc3e7f84534ffa,e3a567afc347477d9702d9047e97d760" }.
    ruleset String
    Which ruleset ID to target.
    rulesets List<String>
    List of managed WAF rule IDs to target. Only valid when the "action" is set to skip.
    securityLevel String
    Control options for the Security Level feature from the Security app.
    serveStale Property Map
    List of serve stale parameters to apply to the request.
    serverSideExcludes Boolean
    Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app.
    sni Property Map
    List of properties to manange Server Name Indication.
    ssl String
    Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
    statusCode Number
    HTTP status code of the custom error response.
    sxg Boolean
    Turn on or off the SXG feature.
    uri Property Map
    List of URI properties to configure for the ruleset rule when performing URL rewrite transformations.
    version String
    Version of the ruleset to deploy.

    RulesetRuleActionParametersAlgorithm, RulesetRuleActionParametersAlgorithmArgs

    Name string
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none
    Name string
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none
    name String
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none
    name string
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none
    name str
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none
    name String
    Name of the compression algorithm to use. Available values: gzip, brotli, auto, default, none

    RulesetRuleActionParametersAutominify, RulesetRuleActionParametersAutominifyArgs

    Css bool
    CSS minification.
    Html bool
    HTML minification.
    Js bool
    JS minification.
    Css bool
    CSS minification.
    Html bool
    HTML minification.
    Js bool
    JS minification.
    css Boolean
    CSS minification.
    html Boolean
    HTML minification.
    js Boolean
    JS minification.
    css boolean
    CSS minification.
    html boolean
    HTML minification.
    js boolean
    JS minification.
    css bool
    CSS minification.
    html bool
    HTML minification.
    js bool
    JS minification.
    css Boolean
    CSS minification.
    html Boolean
    HTML minification.
    js Boolean
    JS minification.

    RulesetRuleActionParametersBrowserTtl, RulesetRuleActionParametersBrowserTtlArgs

    Mode string
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    Default int
    Default browser TTL. This value is required when override_origin is set
    Mode string
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    Default int
    Default browser TTL. This value is required when override_origin is set
    mode String
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    default_ Integer
    Default browser TTL. This value is required when override_origin is set
    mode string
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    default number
    Default browser TTL. This value is required when override_origin is set
    mode str
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    default int
    Default browser TTL. This value is required when override_origin is set
    mode String
    Mode of the browser TTL. Available values: override_origin, respect_origin, bypass
    default Number
    Default browser TTL. This value is required when override_origin is set

    RulesetRuleActionParametersCacheKey, RulesetRuleActionParametersCacheKeyArgs

    CacheByDeviceType bool
    Cache by device type.
    CacheDeceptionArmor bool
    Cache deception armor.
    CustomKey RulesetRuleActionParametersCacheKeyCustomKey
    Custom key parameters for the request.
    IgnoreQueryStringsOrder bool
    Ignore query strings order.
    CacheByDeviceType bool
    Cache by device type.
    CacheDeceptionArmor bool
    Cache deception armor.
    CustomKey RulesetRuleActionParametersCacheKeyCustomKey
    Custom key parameters for the request.
    IgnoreQueryStringsOrder bool
    Ignore query strings order.
    cacheByDeviceType Boolean
    Cache by device type.
    cacheDeceptionArmor Boolean
    Cache deception armor.
    customKey RulesetRuleActionParametersCacheKeyCustomKey
    Custom key parameters for the request.
    ignoreQueryStringsOrder Boolean
    Ignore query strings order.
    cacheByDeviceType boolean
    Cache by device type.
    cacheDeceptionArmor boolean
    Cache deception armor.
    customKey RulesetRuleActionParametersCacheKeyCustomKey
    Custom key parameters for the request.
    ignoreQueryStringsOrder boolean
    Ignore query strings order.
    cache_by_device_type bool
    Cache by device type.
    cache_deception_armor bool
    Cache deception armor.
    custom_key RulesetRuleActionParametersCacheKeyCustomKey
    Custom key parameters for the request.
    ignore_query_strings_order bool
    Ignore query strings order.
    cacheByDeviceType Boolean
    Cache by device type.
    cacheDeceptionArmor Boolean
    Cache deception armor.
    customKey Property Map
    Custom key parameters for the request.
    ignoreQueryStringsOrder Boolean
    Ignore query strings order.

    RulesetRuleActionParametersCacheKeyCustomKey, RulesetRuleActionParametersCacheKeyCustomKeyArgs

    Cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
    Cookie parameters for the custom key.
    Header RulesetRuleActionParametersCacheKeyCustomKeyHeader
    Header parameters for the custom key.
    Host RulesetRuleActionParametersCacheKeyCustomKeyHost
    Host parameters for the custom key.
    QueryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
    Query string parameters for the custom key.
    User RulesetRuleActionParametersCacheKeyCustomKeyUser
    User parameters for the custom key.
    Cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
    Cookie parameters for the custom key.
    Header RulesetRuleActionParametersCacheKeyCustomKeyHeader
    Header parameters for the custom key.
    Host RulesetRuleActionParametersCacheKeyCustomKeyHost
    Host parameters for the custom key.
    QueryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
    Query string parameters for the custom key.
    User RulesetRuleActionParametersCacheKeyCustomKeyUser
    User parameters for the custom key.
    cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
    Cookie parameters for the custom key.
    header RulesetRuleActionParametersCacheKeyCustomKeyHeader
    Header parameters for the custom key.
    host RulesetRuleActionParametersCacheKeyCustomKeyHost
    Host parameters for the custom key.
    queryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
    Query string parameters for the custom key.
    user RulesetRuleActionParametersCacheKeyCustomKeyUser
    User parameters for the custom key.
    cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
    Cookie parameters for the custom key.
    header RulesetRuleActionParametersCacheKeyCustomKeyHeader
    Header parameters for the custom key.
    host RulesetRuleActionParametersCacheKeyCustomKeyHost
    Host parameters for the custom key.
    queryString RulesetRuleActionParametersCacheKeyCustomKeyQueryString
    Query string parameters for the custom key.
    user RulesetRuleActionParametersCacheKeyCustomKeyUser
    User parameters for the custom key.
    cookie RulesetRuleActionParametersCacheKeyCustomKeyCookie
    Cookie parameters for the custom key.
    header RulesetRuleActionParametersCacheKeyCustomKeyHeader
    Header parameters for the custom key.
    host RulesetRuleActionParametersCacheKeyCustomKeyHost
    Host parameters for the custom key.
    query_string RulesetRuleActionParametersCacheKeyCustomKeyQueryString
    Query string parameters for the custom key.
    user RulesetRuleActionParametersCacheKeyCustomKeyUser
    User parameters for the custom key.
    cookie Property Map
    Cookie parameters for the custom key.
    header Property Map
    Header parameters for the custom key.
    host Property Map
    Host parameters for the custom key.
    queryString Property Map
    Query string parameters for the custom key.
    user Property Map
    User parameters for the custom key.

    RulesetRuleActionParametersCacheKeyCustomKeyCookie, RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs

    CheckPresences List<string>
    List of cookies to check for presence in the custom key.
    Includes List<string>
    List of cookies to include in the custom key.
    CheckPresences []string
    List of cookies to check for presence in the custom key.
    Includes []string
    List of cookies to include in the custom key.
    checkPresences List<String>
    List of cookies to check for presence in the custom key.
    includes List<String>
    List of cookies to include in the custom key.
    checkPresences string[]
    List of cookies to check for presence in the custom key.
    includes string[]
    List of cookies to include in the custom key.
    check_presences Sequence[str]
    List of cookies to check for presence in the custom key.
    includes Sequence[str]
    List of cookies to include in the custom key.
    checkPresences List<String>
    List of cookies to check for presence in the custom key.
    includes List<String>
    List of cookies to include in the custom key.

    RulesetRuleActionParametersCacheKeyCustomKeyHeader, RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs

    CheckPresences List<string>
    List of headers to check for presence in the custom key.
    ExcludeOrigin bool
    Exclude the origin header from the custom key.
    Includes List<string>
    List of headers to include in the custom key.
    CheckPresences []string
    List of headers to check for presence in the custom key.
    ExcludeOrigin bool
    Exclude the origin header from the custom key.
    Includes []string
    List of headers to include in the custom key.
    checkPresences List<String>
    List of headers to check for presence in the custom key.
    excludeOrigin Boolean
    Exclude the origin header from the custom key.
    includes List<String>
    List of headers to include in the custom key.
    checkPresences string[]
    List of headers to check for presence in the custom key.
    excludeOrigin boolean
    Exclude the origin header from the custom key.
    includes string[]
    List of headers to include in the custom key.
    check_presences Sequence[str]
    List of headers to check for presence in the custom key.
    exclude_origin bool
    Exclude the origin header from the custom key.
    includes Sequence[str]
    List of headers to include in the custom key.
    checkPresences List<String>
    List of headers to check for presence in the custom key.
    excludeOrigin Boolean
    Exclude the origin header from the custom key.
    includes List<String>
    List of headers to include in the custom key.

    RulesetRuleActionParametersCacheKeyCustomKeyHost, RulesetRuleActionParametersCacheKeyCustomKeyHostArgs

    Resolved bool
    Resolve hostname to IP address.
    Resolved bool
    Resolve hostname to IP address.
    resolved Boolean
    Resolve hostname to IP address.
    resolved boolean
    Resolve hostname to IP address.
    resolved bool
    Resolve hostname to IP address.
    resolved Boolean
    Resolve hostname to IP address.

    RulesetRuleActionParametersCacheKeyCustomKeyQueryString, RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs

    Excludes List<string>
    List of query string parameters to exclude from the custom key.
    Includes List<string>
    List of query string parameters to include in the custom key.
    Excludes []string
    List of query string parameters to exclude from the custom key.
    Includes []string
    List of query string parameters to include in the custom key.
    excludes List<String>
    List of query string parameters to exclude from the custom key.
    includes List<String>
    List of query string parameters to include in the custom key.
    excludes string[]
    List of query string parameters to exclude from the custom key.
    includes string[]
    List of query string parameters to include in the custom key.
    excludes Sequence[str]
    List of query string parameters to exclude from the custom key.
    includes Sequence[str]
    List of query string parameters to include in the custom key.
    excludes List<String>
    List of query string parameters to exclude from the custom key.
    includes List<String>
    List of query string parameters to include in the custom key.

    RulesetRuleActionParametersCacheKeyCustomKeyUser, RulesetRuleActionParametersCacheKeyCustomKeyUserArgs

    DeviceType bool
    Add device type to the custom key.
    Geo bool
    Add geo data to the custom key.
    Lang bool
    Add language data to the custom key.
    DeviceType bool
    Add device type to the custom key.
    Geo bool
    Add geo data to the custom key.
    Lang bool
    Add language data to the custom key.
    deviceType Boolean
    Add device type to the custom key.
    geo Boolean
    Add geo data to the custom key.
    lang Boolean
    Add language data to the custom key.
    deviceType boolean
    Add device type to the custom key.
    geo boolean
    Add geo data to the custom key.
    lang boolean
    Add language data to the custom key.
    device_type bool
    Add device type to the custom key.
    geo bool
    Add geo data to the custom key.
    lang bool
    Add language data to the custom key.
    deviceType Boolean
    Add device type to the custom key.
    geo Boolean
    Add geo data to the custom key.
    lang Boolean
    Add language data to the custom key.

    RulesetRuleActionParametersEdgeTtl, RulesetRuleActionParametersEdgeTtlArgs

    Mode string
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    Default int
    Default edge TTL.
    StatusCodeTtls List<RulesetRuleActionParametersEdgeTtlStatusCodeTtl>
    Edge TTL for the status codes.
    Mode string
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    Default int
    Default edge TTL.
    StatusCodeTtls []RulesetRuleActionParametersEdgeTtlStatusCodeTtl
    Edge TTL for the status codes.
    mode String
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    default_ Integer
    Default edge TTL.
    statusCodeTtls List<RulesetRuleActionParametersEdgeTtlStatusCodeTtl>
    Edge TTL for the status codes.
    mode string
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    default number
    Default edge TTL.
    statusCodeTtls RulesetRuleActionParametersEdgeTtlStatusCodeTtl[]
    Edge TTL for the status codes.
    mode str
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    default int
    Default edge TTL.
    status_code_ttls Sequence[RulesetRuleActionParametersEdgeTtlStatusCodeTtl]
    Edge TTL for the status codes.
    mode String
    Mode of the edge TTL. Available values: override_origin, respect_origin, bypass_by_default
    default Number
    Default edge TTL.
    statusCodeTtls List<Property Map>
    Edge TTL for the status codes.

    RulesetRuleActionParametersEdgeTtlStatusCodeTtl, RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs

    StatusCode int
    Status code for which the edge TTL is applied.
    StatusCodeRanges List<RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange>
    Status code range for which the edge TTL is applied.
    Value int
    Status code edge TTL value.
    StatusCode int
    Status code for which the edge TTL is applied.
    StatusCodeRanges []RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange
    Status code range for which the edge TTL is applied.
    Value int
    Status code edge TTL value.
    statusCode Integer
    Status code for which the edge TTL is applied.
    statusCodeRanges List<RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange>
    Status code range for which the edge TTL is applied.
    value Integer
    Status code edge TTL value.
    statusCode number
    Status code for which the edge TTL is applied.
    statusCodeRanges RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange[]
    Status code range for which the edge TTL is applied.
    value number
    Status code edge TTL value.
    status_code int
    Status code for which the edge TTL is applied.
    status_code_ranges Sequence[RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange]
    Status code range for which the edge TTL is applied.
    value int
    Status code edge TTL value.
    statusCode Number
    Status code for which the edge TTL is applied.
    statusCodeRanges List<Property Map>
    Status code range for which the edge TTL is applied.
    value Number
    Status code edge TTL value.

    RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange, RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs

    From int
    From status code.
    To int
    To status code.
    From int
    From status code.
    To int
    To status code.
    from Integer
    From status code.
    to Integer
    To status code.
    from number
    From status code.
    to number
    To status code.
    from_ int
    From status code.
    to int
    To status code.
    from Number
    From status code.
    to Number
    To status code.

    RulesetRuleActionParametersFromList, RulesetRuleActionParametersFromListArgs

    Key string
    Expression to use for the list lookup.
    Name string
    Name of the list.
    Key string
    Expression to use for the list lookup.
    Name string
    Name of the list.
    key String
    Expression to use for the list lookup.
    name String
    Name of the list.
    key string
    Expression to use for the list lookup.
    name string
    Name of the list.
    key str
    Expression to use for the list lookup.
    name str
    Name of the list.
    key String
    Expression to use for the list lookup.
    name String
    Name of the list.

    RulesetRuleActionParametersFromValue, RulesetRuleActionParametersFromValueArgs

    PreserveQueryString bool
    Preserve query string for redirect URL.
    StatusCode int
    Status code for redirect.
    TargetUrl RulesetRuleActionParametersFromValueTargetUrl
    Target URL for redirect.
    PreserveQueryString bool
    Preserve query string for redirect URL.
    StatusCode int
    Status code for redirect.
    TargetUrl RulesetRuleActionParametersFromValueTargetUrl
    Target URL for redirect.
    preserveQueryString Boolean
    Preserve query string for redirect URL.
    statusCode Integer
    Status code for redirect.
    targetUrl RulesetRuleActionParametersFromValueTargetUrl
    Target URL for redirect.
    preserveQueryString boolean
    Preserve query string for redirect URL.
    statusCode number
    Status code for redirect.
    targetUrl RulesetRuleActionParametersFromValueTargetUrl
    Target URL for redirect.
    preserve_query_string bool
    Preserve query string for redirect URL.
    status_code int
    Status code for redirect.
    target_url RulesetRuleActionParametersFromValueTargetUrl
    Target URL for redirect.
    preserveQueryString Boolean
    Preserve query string for redirect URL.
    statusCode Number
    Status code for redirect.
    targetUrl Property Map
    Target URL for redirect.

    RulesetRuleActionParametersFromValueTargetUrl, RulesetRuleActionParametersFromValueTargetUrlArgs

    Expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static value to provide as the HTTP request header value.
    Expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static value to provide as the HTTP request header value.
    expression String
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static value to provide as the HTTP request header value.
    expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value string
    Static value to provide as the HTTP request header value.
    expression str
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value str
    Static value to provide as the HTTP request header value.
    expression String
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static value to provide as the HTTP request header value.

    RulesetRuleActionParametersHeader, RulesetRuleActionParametersHeaderArgs

    Expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Name string
    Name of the HTTP request header to target.
    Operation string
    Action to perform on the HTTP request header. Available values: remove, set, add.
    Value string
    Static value to provide as the HTTP request header value.
    Expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Name string
    Name of the HTTP request header to target.
    Operation string
    Action to perform on the HTTP request header. Available values: remove, set, add.
    Value string
    Static value to provide as the HTTP request header value.
    expression String
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    name String
    Name of the HTTP request header to target.
    operation String
    Action to perform on the HTTP request header. Available values: remove, set, add.
    value String
    Static value to provide as the HTTP request header value.
    expression string
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    name string
    Name of the HTTP request header to target.
    operation string
    Action to perform on the HTTP request header. Available values: remove, set, add.
    value string
    Static value to provide as the HTTP request header value.
    expression str
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    name str
    Name of the HTTP request header to target.
    operation str
    Action to perform on the HTTP request header. Available values: remove, set, add.
    value str
    Static value to provide as the HTTP request header value.
    expression String
    Use a value dynamically determined by the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    name String
    Name of the HTTP request header to target.
    operation String
    Action to perform on the HTTP request header. Available values: remove, set, add.
    value String
    Static value to provide as the HTTP request header value.

    RulesetRuleActionParametersMatchedData, RulesetRuleActionParametersMatchedDataArgs

    PublicKey string
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
    PublicKey string
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
    publicKey String
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
    publicKey string
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
    public_key str
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.
    publicKey String
    Public key to use within WAF Ruleset payload logging to view the HTTP request parameters. You can generate a public key using the matched-data-cli command-line tool or in the Cloudflare dashboard.

    RulesetRuleActionParametersOrigin, RulesetRuleActionParametersOriginArgs

    Host string
    Origin Hostname where request is sent.
    Port int
    Origin Port where request is sent.
    Host string
    Origin Hostname where request is sent.
    Port int
    Origin Port where request is sent.
    host String
    Origin Hostname where request is sent.
    port Integer
    Origin Port where request is sent.
    host string
    Origin Hostname where request is sent.
    port number
    Origin Port where request is sent.
    host str
    Origin Hostname where request is sent.
    port int
    Origin Port where request is sent.
    host String
    Origin Hostname where request is sent.
    port Number
    Origin Port where request is sent.

    RulesetRuleActionParametersOverrides, RulesetRuleActionParametersOverridesArgs

    Action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Categories List<RulesetRuleActionParametersOverridesCategory>
    List of tag-based overrides.
    Enabled bool
    Defines if the current ruleset-level override enables or disables the ruleset.
    Rules List<RulesetRuleActionParametersOverridesRule>
    List of rule-based overrides.
    SensitivityLevel string
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
    Action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Categories []RulesetRuleActionParametersOverridesCategory
    List of tag-based overrides.
    Enabled bool
    Defines if the current ruleset-level override enables or disables the ruleset.
    Rules []RulesetRuleActionParametersOverridesRule
    List of rule-based overrides.
    SensitivityLevel string
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
    action String
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    categories List<RulesetRuleActionParametersOverridesCategory>
    List of tag-based overrides.
    enabled Boolean
    Defines if the current ruleset-level override enables or disables the ruleset.
    rules List<RulesetRuleActionParametersOverridesRule>
    List of rule-based overrides.
    sensitivityLevel String
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
    action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    categories RulesetRuleActionParametersOverridesCategory[]
    List of tag-based overrides.
    enabled boolean
    Defines if the current ruleset-level override enables or disables the ruleset.
    rules RulesetRuleActionParametersOverridesRule[]
    List of rule-based overrides.
    sensitivityLevel string
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
    action str
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    categories Sequence[RulesetRuleActionParametersOverridesCategory]
    List of tag-based overrides.
    enabled bool
    Defines if the current ruleset-level override enables or disables the ruleset.
    rules Sequence[RulesetRuleActionParametersOverridesRule]
    List of rule-based overrides.
    sensitivity_level str
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.
    action String
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    categories List<Property Map>
    List of tag-based overrides.
    enabled Boolean
    Defines if the current ruleset-level override enables or disables the ruleset.
    rules List<Property Map>
    List of rule-based overrides.
    sensitivityLevel String
    Sensitivity level to override for all ruleset rules. Available values: default, medium, low, eoff.

    RulesetRuleActionParametersOverridesCategory, RulesetRuleActionParametersOverridesCategoryArgs

    Action string
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Category string
    Tag name to apply the ruleset rule override to.
    Enabled bool
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
    Action string
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Category string
    Tag name to apply the ruleset rule override to.
    Enabled bool
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
    action String
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    category String
    Tag name to apply the ruleset rule override to.
    enabled Boolean
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
    action string
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    category string
    Tag name to apply the ruleset rule override to.
    enabled boolean
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
    action str
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    category str
    Tag name to apply the ruleset rule override to.
    enabled bool
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.
    action String
    Action to perform in the tag-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    category String
    Tag name to apply the ruleset rule override to.
    enabled Boolean
    Defines if the current tag-level override enables or disables the ruleset rules with the specified tag.

    RulesetRuleActionParametersOverridesRule, RulesetRuleActionParametersOverridesRuleArgs

    Action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Enabled bool
    Defines if the current rule-level override enables or disables the rule.
    Id string
    Rule ID to apply the override to.
    ScoreThreshold int
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    SensitivityLevel string
    Sensitivity level for a ruleset rule override.
    Action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    Enabled bool
    Defines if the current rule-level override enables or disables the rule.
    Id string
    Rule ID to apply the override to.
    ScoreThreshold int
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    SensitivityLevel string
    Sensitivity level for a ruleset rule override.
    action String
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    enabled Boolean
    Defines if the current rule-level override enables or disables the rule.
    id String
    Rule ID to apply the override to.
    scoreThreshold Integer
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    sensitivityLevel String
    Sensitivity level for a ruleset rule override.
    action string
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    enabled boolean
    Defines if the current rule-level override enables or disables the rule.
    id string
    Rule ID to apply the override to.
    scoreThreshold number
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    sensitivityLevel string
    Sensitivity level for a ruleset rule override.
    action str
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    enabled bool
    Defines if the current rule-level override enables or disables the rule.
    id str
    Rule ID to apply the override to.
    score_threshold int
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    sensitivity_level str
    Sensitivity level for a ruleset rule override.
    action String
    Action to perform in the rule-level override. Available values: block, challenge, compress_response, ddos_dynamic, ddos_mitigation, execute, force_connection_close, js_challenge, log, log_custom_field, managed_challenge, redirect, rewrite, route, score, serve_error, set_cache_settings, set_config, skip.
    enabled Boolean
    Defines if the current rule-level override enables or disables the rule.
    id String
    Rule ID to apply the override to.
    scoreThreshold Number
    Anomaly score threshold to apply in the ruleset rule override. Only applicable to modsecurity-based rulesets.
    sensitivityLevel String
    Sensitivity level for a ruleset rule override.

    RulesetRuleActionParametersResponse, RulesetRuleActionParametersResponseArgs

    Content string
    Body content to include in the response.
    ContentType string
    HTTP content type to send in the response.
    StatusCode int
    HTTP status code to send in the response.
    Content string
    Body content to include in the response.
    ContentType string
    HTTP content type to send in the response.
    StatusCode int
    HTTP status code to send in the response.
    content String
    Body content to include in the response.
    contentType String
    HTTP content type to send in the response.
    statusCode Integer
    HTTP status code to send in the response.
    content string
    Body content to include in the response.
    contentType string
    HTTP content type to send in the response.
    statusCode number
    HTTP status code to send in the response.
    content str
    Body content to include in the response.
    content_type str
    HTTP content type to send in the response.
    status_code int
    HTTP status code to send in the response.
    content String
    Body content to include in the response.
    contentType String
    HTTP content type to send in the response.
    statusCode Number
    HTTP status code to send in the response.

    RulesetRuleActionParametersServeStale, RulesetRuleActionParametersServeStaleArgs

    DisableStaleWhileUpdating bool
    Disable stale while updating.
    DisableStaleWhileUpdating bool
    Disable stale while updating.
    disableStaleWhileUpdating Boolean
    Disable stale while updating.
    disableStaleWhileUpdating boolean
    Disable stale while updating.
    disable_stale_while_updating bool
    Disable stale while updating.
    disableStaleWhileUpdating Boolean
    Disable stale while updating.

    RulesetRuleActionParametersSni, RulesetRuleActionParametersSniArgs

    Value string
    Value to define for SNI.
    Value string
    Value to define for SNI.
    value String
    Value to define for SNI.
    value string
    Value to define for SNI.
    value str
    Value to define for SNI.
    value String
    Value to define for SNI.

    RulesetRuleActionParametersUri, RulesetRuleActionParametersUriArgs

    Origin bool
    Path RulesetRuleActionParametersUriPath
    URI path configuration when performing a URL rewrite.
    Query RulesetRuleActionParametersUriQuery
    Query string configuration when performing a URL rewrite.
    Origin bool
    Path RulesetRuleActionParametersUriPath
    URI path configuration when performing a URL rewrite.
    Query RulesetRuleActionParametersUriQuery
    Query string configuration when performing a URL rewrite.
    origin Boolean
    path RulesetRuleActionParametersUriPath
    URI path configuration when performing a URL rewrite.
    query RulesetRuleActionParametersUriQuery
    Query string configuration when performing a URL rewrite.
    origin boolean
    path RulesetRuleActionParametersUriPath
    URI path configuration when performing a URL rewrite.
    query RulesetRuleActionParametersUriQuery
    Query string configuration when performing a URL rewrite.
    origin bool
    path RulesetRuleActionParametersUriPath
    URI path configuration when performing a URL rewrite.
    query RulesetRuleActionParametersUriQuery
    Query string configuration when performing a URL rewrite.
    origin Boolean
    path Property Map
    URI path configuration when performing a URL rewrite.
    query Property Map
    Query string configuration when performing a URL rewrite.

    RulesetRuleActionParametersUriPath, RulesetRuleActionParametersUriPathArgs

    Expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static string value of the updated URI path or query string component.
    Expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static string value of the updated URI path or query string component.
    expression String
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static string value of the updated URI path or query string component.
    expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value string
    Static string value of the updated URI path or query string component.
    expression str
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value str
    Static string value of the updated URI path or query string component.
    expression String
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static string value of the updated URI path or query string component.

    RulesetRuleActionParametersUriQuery, RulesetRuleActionParametersUriQueryArgs

    Expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static string value of the updated URI path or query string component.
    Expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    Value string
    Static string value of the updated URI path or query string component.
    expression String
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static string value of the updated URI path or query string component.
    expression string
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value string
    Static string value of the updated URI path or query string component.
    expression str
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value str
    Static string value of the updated URI path or query string component.
    expression String
    Expression that defines the updated (dynamic) value of the URI path or query string component. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    value String
    Static string value of the updated URI path or query string component.

    RulesetRuleExposedCredentialCheck, RulesetRuleExposedCredentialCheckArgs

    PasswordExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    UsernameExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
    PasswordExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    UsernameExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
    passwordExpression String
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    usernameExpression String
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
    passwordExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    usernameExpression string
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
    password_expression str
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    username_expression str
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.
    passwordExpression String
    Firewall Rules expression language based on Wireshark display filters for where to check for the "password" value. Refer to the Firewall Rules language.
    usernameExpression String
    Firewall Rules expression language based on Wireshark display filters for where to check for the "username" value. Refer to the Firewall Rules language.

    RulesetRuleLogging, RulesetRuleLoggingArgs

    Enabled bool
    Override the default logging behavior when a rule is matched.
    Enabled bool
    Override the default logging behavior when a rule is matched.
    enabled Boolean
    Override the default logging behavior when a rule is matched.
    enabled boolean
    Override the default logging behavior when a rule is matched.
    enabled bool
    Override the default logging behavior when a rule is matched.
    enabled Boolean
    Override the default logging behavior when a rule is matched.

    RulesetRuleRatelimit, RulesetRuleRatelimitArgs

    Characteristics List<string>
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    CountingExpression string
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    MitigationTimeout int
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    Period int
    The period of time to consider (in seconds) when evaluating the request rate.
    RequestsPerPeriod int
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    RequestsToOrigin bool
    Whether to include requests to origin within the Rate Limiting count.
    ScorePerPeriod int
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    ScoreResponseHeaderName string
    Name of HTTP header in the response, set by the origin server, with the score for the current request.
    Characteristics []string
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    CountingExpression string
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    MitigationTimeout int
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    Period int
    The period of time to consider (in seconds) when evaluating the request rate.
    RequestsPerPeriod int
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    RequestsToOrigin bool
    Whether to include requests to origin within the Rate Limiting count.
    ScorePerPeriod int
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    ScoreResponseHeaderName string
    Name of HTTP header in the response, set by the origin server, with the score for the current request.
    characteristics List<String>
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    countingExpression String
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    mitigationTimeout Integer
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    period Integer
    The period of time to consider (in seconds) when evaluating the request rate.
    requestsPerPeriod Integer
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    requestsToOrigin Boolean
    Whether to include requests to origin within the Rate Limiting count.
    scorePerPeriod Integer
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    scoreResponseHeaderName String
    Name of HTTP header in the response, set by the origin server, with the score for the current request.
    characteristics string[]
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    countingExpression string
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    mitigationTimeout number
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    period number
    The period of time to consider (in seconds) when evaluating the request rate.
    requestsPerPeriod number
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    requestsToOrigin boolean
    Whether to include requests to origin within the Rate Limiting count.
    scorePerPeriod number
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    scoreResponseHeaderName string
    Name of HTTP header in the response, set by the origin server, with the score for the current request.
    characteristics Sequence[str]
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    counting_expression str
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    mitigation_timeout int
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    period int
    The period of time to consider (in seconds) when evaluating the request rate.
    requests_per_period int
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    requests_to_origin bool
    Whether to include requests to origin within the Rate Limiting count.
    score_per_period int
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    score_response_header_name str
    Name of HTTP header in the response, set by the origin server, with the score for the current request.
    characteristics List<String>
    List of parameters that define how Cloudflare tracks the request rate for this rule.
    countingExpression String
    Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the Firewall Rules language documentation for all available fields, operators, and functions.
    mitigationTimeout Number
    Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
    period Number
    The period of time to consider (in seconds) when evaluating the request rate.
    requestsPerPeriod Number
    The number of requests over the period of time that will trigger the Rate Limiting rule.
    requestsToOrigin Boolean
    Whether to include requests to origin within the Rate Limiting count.
    scorePerPeriod Number
    The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
    scoreResponseHeaderName String
    Name of HTTP header in the response, set by the origin server, with the score for the current request.

    Import

    Import an account scoped Ruleset configuration.

    $ pulumi import cloudflare:index/ruleset:Ruleset example account/<account_id>/<ruleset_id>
    

    Import a zone scoped Ruleset configuration.

    $ pulumi import cloudflare:index/ruleset:Ruleset example zone/<zone_id>/<ruleset_id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cloudflare Terraform Provider.
    cloudflare logo
    Cloudflare v5.31.0 published on Wednesday, Jun 12, 2024 by Pulumi