Update and deploy rulesets You can use the API to update basic properties of a ruleset (currently only the description) and the list of rules in the ruleset.
Use one of the following API endpoints:
You cannot update the name of the ruleset or its type. Do not include these fields in the data
field of your PUT
request.
Example - Set the rules of a ruleset Use this API method to set the rules of a ruleset. You must include all the rules you want to associate with the ruleset in every request.Request curl --request PUT \
https://api.cloudflare.com/client/v4/zones/ { zone_id } /rulesets/ { ruleset_id } \
--header "Authorization: Bearer <API_TOKEN>" \
--header "Content-Type: application/json" \
--data '{
"rules": [
{
"action": "execute",
"action_parameters": {
"id": "<MANAGED_RULESET_ID>"
},
"expression": "true"
}
]
}'
Response {
"result" : {
"id" : "<RULESET_ID>" ,
"name" : "Zone-level phase entry point" ,
"description" : "This ruleset executes a managed ruleset." ,
"kind" : "zone" ,
"version" : "4" ,
"rules" : [
{
"id" : "<RULE_ID>" ,
"version" : "2" ,
"action" : "execute" ,
"expression" : "true" ,
"action_parameters" : {
"id" : "<MANAGED_RULESET_ID>"
} ,
"last_updated" : "2023-03-17T15:42:37.917815Z"
}
] ,
"last_updated" : "2023-03-17T15:42:37.917815Z" ,
"phase" : "http_request_firewall_managed"
} ,
"success" : true ,
"errors" : [ ] ,
"messages" : [ ]
}
Example - Deploy a ruleset To deploy a ruleset, create a rule with "action": "execute"
that executes the ruleset, and add the ruleset ID to the action_parameters
field in the id
parameter.
The following example deploys a managed ruleset to the zone-level http_request_firewall_managed
phase of a zone ({zone_id}
).Request curl --request PUT \
https://api.cloudflare.com/client/v4/zones/ { zone_id } /rulesets/phases/http_request_firewall_managed/entrypoint \
--header "Authorization: Bearer <API_TOKEN>" \
--header "Content-Type: application/json" \
--data '{
"rules": [
{
"action": "execute",
"action_parameters": {
"id": "<MANAGED_RULESET_ID>"
},
"expression": "true",
"description": "Execute Cloudflare Managed Ruleset on my phase entry point"
}
]
}'
Response {
"result" : {
"id" : "<ZONE_PHASE_RULESET_ID>" ,
"name" : "Zone-level phase entry point" ,
"description" : "" ,
"kind" : "zone" ,
"version" : "4" ,
"rules" : [
{
"id" : "<RULE_ID_1>" ,
"version" : "1" ,
"action" : "execute" ,
"action_parameters" : {
"id" : "<MANAGED_RULESET_ID>" ,
"version" : "latest"
} ,
"expression" : "true" ,
"description" : "Execute Cloudflare Managed Ruleset on my phase entry point" ,
"last_updated" : "2023-03-21T11:02:08.769537Z" ,
"ref" : "<RULE_REF_1>" ,
"enabled" : true
}
] ,
"last_updated" : "2023-03-21T11:02:08.769537Z" ,
"phase" : "http_request_firewall_managed"
} ,
"success" : true ,
"errors" : [ ] ,
"messages" : [ ]
}
For more information on deploying rulesets, refer to Deploy rulesets .
Example - Update ruleset description You can use this API method to update the description of an existing ruleset or phase entry point.You cannot update the description or the rules in a managed ruleset. You can only define overrides to customize the ruleset behavior. Request curl --request PUT \
https://api.cloudflare.com/client/v4/zones/ { zone_id } /rulesets/ { ruleset_id } \
--header "Authorization: Bearer <API_TOKEN>" \
--header "Content-Type: application/json" \
--data '{
"description": "My updated phase entry point"
}'
The response includes the complete ruleset definition, including all the rules.Response {
"result" : {
"id" : "<RULESET_ID>" ,
"name" : "Zone entry point" ,
"description" : "My updated phase entry point" ,
"kind" : "zone" ,
"version" : "4" ,
"rules" : [
] ,
"last_updated" : "2023-03-30T10:49:11.006109Z" ,
"phase" : "http_request_firewall_managed"
} ,
"success" : true ,
"errors" : [ ] ,
"messages" : [ ]
}