Update and deploy rulesets
You can use the API to update basic properties of a ruleset (currently only the description) and the list of rules in the ruleset.
Use one of the following API endpoints:
| Operation | Method + Endpoint |
|---|---|
| Update an account ruleset | PUT /accounts/<ACCOUNT_ID>/rulesets/<RULESET_ID> |
| Update a zone ruleset | PUT /zones/<ZONE_ID>/rulesets/<RULESET_ID> |
| Update an account entry point ruleset | PUT /accounts/<ACCOUNT_ID>/rulesets/phases/<PHASE_NAME>/entrypoint |
| Update a zone entry point ruleset | PUT /zones/<ZONE_ID>/rulesets/phases/<PHASE_NAME>/entrypoint |
Example - Set the rules of a ruleset
Use this API method to set the rules of a ruleset. You must include all the rules you want to associate with the ruleset in every request.
Request
curl -X PUT \"https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/rulesets/<RULESET_ID>" \-H "Authorization: Bearer <API_TOKEN>" \-d '{ "rules": [ { "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "expression": "true" } ]
}'Response
{ "result": { "id": "<RULESET_ID>", "name": "Zone-level phase entry point", "description": "This ruleset executes a managed ruleset.", "kind": "zone", "version": "4", "rules": [ { "id": "<RULE_ID>", "version": "2", "action": "execute", "expression": "true", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "last_updated": "2021-03-17T15:42:37.917815Z" } ], "last_updated": "2021-03-17T15:42:37.917815Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []
}
Example - Deploy a ruleset
To deploy a ruleset, create a rule with "action": "execute" that executes the ruleset, and add the ruleset ID to the action_parameters field in the id parameter.
The following example deploys a managed ruleset to the zone-level http_request_firewall_managed phase of a zone (<ZONE_ID>).
Request
curl -X PUT \"https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/rulesets/phases/http_request_firewall_managed/entrypoint" \-H "Authorization: Bearer <API_TOKEN>" \-d '{ "rules": [ { "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "expression": "true", "description": "Execute Cloudflare Managed Ruleset on my phase entry point" } ]
}'Response
{ "result": { "id": "<ZONE_PHASE_RULESET_ID>", "name": "Zone-level phase entry point", "description": "", "kind": "zone", "version": "4", "rules": [ { "id": "<RULE_ID_1>", "version": "1", "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>", "version": "latest" }, "expression": "true", "description": "Execute Cloudflare Managed Ruleset on my phase entry point", "last_updated": "2021-03-21T11:02:08.769537Z", "ref": "<RULE_REF_1>", "enabled": true } ], "last_updated": "2021-03-21T11:02:08.769537Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []
}
For more information on deploying rulesets, check Deploy rulesets.
Example - Update ruleset description
You can use this API method to update the description of an existing ruleset or phase entry point.
Request
curl -X PUT \"https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/rulesets/<RULESET_ID>" \-H "Authorization: Bearer <API_TOKEN>" \-d '{ "description": "My updated phase entry point"
}'The response includes the complete ruleset definition, including all the rules.
Response
{ "result": { "id": "<RULESET_ID>", "name": "Zone entry point", "description": "My updated phase entry point", "kind": "zone", "version": "4", "rules": [ // (...) ], "last_updated": "2021-03-30T10:49:11.006109Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []
}