This Terraform module manages Cloudflare Rulesets.
| Name | Version |
|---|---|
| cloudflare | 5.6.0 |
| random | 3.7.2 |
| Name | Version |
|---|---|
| terraform | ~> 1.8 |
| cloudflare | 5.6.0 |
| random | 3.7.2 |
The following input variables are required:
Description: The Cloudflare API token.
Type: string
Description: Cloudflare domain to apply rules for.
Type: string
Description: Name of the ruleset.
Type: string
Description: Type of Ruleset to create.
Type: string
Description: Point in the request/response lifecycle where the ruleset will be created.
Type: string
The following input variables are optional (have default values):
Description: Brief summary of the ruleset and its intended use.
Type: string
Default: null
Description: List of Cloudflare rule objects.
Type:
list(object({
description = optional(string)
enabled = optional(bool, true)
ref = optional(string)
expression = string
action = string
action_parameters = optional(object({
# phase: http_config_settings, action: set_config
polish = optional(string)
# phase: http_log_custom_fields, action: log_custom_field
cookie_fields = optional(list(object({
name = string
})), null)
request_fields = optional(list(object({
name = string
})), null)
response_fields = optional(list(object({
name = string
})), null)
# phase: http_request_cache_settings
cache = optional(bool)
edge_ttl = optional(object({
default = number
mode = string
status_code_ttl = optional(list(object({
value = number
status_code = optional(number)
status_code_range = optional(object({
from = optional(number)
to = optional(number)
}), null)
})), null)
}), null)
# phase: http_request_dynamic_redirect, action: redirect
from_value = optional(object({
preserve_query_string = optional(bool)
status_code = number
target_url = object({
value = optional(string)
expression = optional(string)
})
}), null)
# phase: http_request_firewall_custom, action: block, challenge, js_challenge, log, managed_challenge, skip
phases = optional(list(string))
products = optional(list(string))
ruleset = optional(string)
# phase: http_request_firewall_managed, action: block, challenge, js_challenge, log, managed_challenge, skip
id = optional(string)
overrides = optional(object({
action = optional(string)
categories = optional(list(object({
action = optional(string)
category = string
enabled = bool
})), null)
enabled = optional(bool)
rules = optional(list(object({
id = string
action = string
enabled = bool
score_threshold = optional(number)
})), null)
}), null)
# phase: http_request_origin, action: route
host_header = optional(string)
origin = optional(object({
host = optional(string)
port = optional(number)
}), null)
# phase: http_request_transform
uri = optional(object({
path = optional(object({
expression = optional(string)
value = string
}), null)
query = optional(object({
expression = optional(string)
value = string
}), null)
}), null)
}), null)
# phase: http_ratelimit, action: block, challenge, js_challenge, log, managed_challenge
ratelimit = optional(object({
characteristics = optional(list(string))
counting_expression = optional(string)
mitigation_timeout = optional(number)
period = optional(number)
requests_per_period = optional(number)
requests_to_origin = optional(bool)
score_per_period = optional(number)
score_response_header_name = optional(string)
}), null)
logging = optional(object({
enabled = bool
}), null)
}))Default: []
| Name | Description |
|---|---|
| domain | Current zone information. |
| rules | Created Cloudflare rules for the current zone. |
Copyright (c) 2024 Flaconi GmbH