From 64806b7201b9091f8859d93385babed948856c14 Mon Sep 17 00:00:00 2001 From: Pedro Sousa <680496+pedrosousa@users.noreply.github.com> Date: Tue, 4 Feb 2025 15:44:45 +0000 Subject: [PATCH] [WAF, Terraform] Improve Terraform info and links from/to the WAF (#19681) Also adds some Terraform links to Rules features --- src/content/docs/rules/transform/index.mdx | 2 ++ .../managed-transforms/configure.mdx | 28 ++++++++++++++-- .../transform/managed-transforms/index.mdx | 4 +-- .../link-create-terraform.mdx | 7 ++++ .../link-create-terraform.mdx | 7 ++++ .../rules/transform/url-rewrite/index.mdx | 2 +- .../url-rewrite/link-create-terraform.mdx | 7 ++++ .../ddos-managed-rulesets.mdx | 15 +++++---- .../rate-limiting-rules.mdx | 22 ++++++------- .../transform-rules.mdx | 10 +++--- .../waf-custom-rules.mdx | 9 +++-- .../waf-managed-rulesets.mdx | 33 ++++++++++--------- .../waf/account/custom-rulesets/index.mdx | 2 ++ .../custom-rulesets/link-create-terraform.mdx | 7 ++++ .../link-create-exceptions.mdx | 2 +- .../link-create-terraform.mdx | 7 ++++ .../rate-limiting-rulesets/create-api.mdx | 2 +- .../account/rate-limiting-rulesets/index.mdx | 2 ++ .../link-create-terraform.mdx | 7 ++++ src/content/docs/waf/custom-rules/index.mdx | 2 ++ .../custom-rules/link-create-terraform.mdx | 7 ++++ .../waf/custom-rules/link-custom-rulesets.mdx | 2 +- .../docs/waf/custom-rules/skip/index.mdx | 2 +- .../docs/waf/custom-rules/use-cases/index.mdx | 2 +- .../docs/waf/managed-rules/deploy-api.mdx | 2 +- .../managed-rules/link-deploy-terraform.mdx | 7 ++++ .../waf/rate-limiting-rules/create-api.mdx | 2 +- .../docs/waf/rate-limiting-rules/index.mdx | 2 ++ .../link-create-terraform.mdx | 7 ++++ .../waf-managed-rules-migration.mdx | 2 +- 30 files changed, 156 insertions(+), 56 deletions(-) create mode 100644 src/content/docs/rules/transform/request-header-modification/link-create-terraform.mdx create mode 100644 src/content/docs/rules/transform/response-header-modification/link-create-terraform.mdx create mode 100644 src/content/docs/rules/transform/url-rewrite/link-create-terraform.mdx create mode 100644 src/content/docs/waf/account/custom-rulesets/link-create-terraform.mdx create mode 100644 src/content/docs/waf/account/managed-rulesets/link-create-terraform.mdx create mode 100644 src/content/docs/waf/account/rate-limiting-rulesets/link-create-terraform.mdx create mode 100644 src/content/docs/waf/custom-rules/link-create-terraform.mdx create mode 100644 src/content/docs/waf/managed-rules/link-deploy-terraform.mdx create mode 100644 src/content/docs/waf/rate-limiting-rules/link-create-terraform.mdx diff --git a/src/content/docs/rules/transform/index.mdx b/src/content/docs/rules/transform/index.mdx index 4c79246ab40b5d3..c71ca3805916d88 100644 --- a/src/content/docs/rules/transform/index.mdx +++ b/src/content/docs/rules/transform/index.mdx @@ -37,6 +37,8 @@ Alternatively, create a transform rule from scratch in the dashboard or via Clou - [HTTP response header modification rules](/rules/transform/response-header-modification/create-dashboard/) - [Managed Transforms](/rules/transform/managed-transforms/) +For Terraform examples, refer to [Transform Rules configuration using Terraform](/terraform/additional-configurations/transform-rules/). + Refer to [Rules language](/ruleset-engine/rules-language/) for more information on building expressions for Transform Rules. ## Availability diff --git a/src/content/docs/rules/transform/managed-transforms/configure.mdx b/src/content/docs/rules/transform/managed-transforms/configure.mdx index 90cafbe60ee94fd..8eca74d082747aa 100644 --- a/src/content/docs/rules/transform/managed-transforms/configure.mdx +++ b/src/content/docs/rules/transform/managed-transforms/configure.mdx @@ -7,9 +7,9 @@ head: [] description: Learn how to configure Managed Transforms. --- -import { Details, TabItem, Tabs } from "~/components"; +import { Details, TabItem, Tabs, Render } from "~/components"; - + 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and website. @@ -182,4 +182,28 @@ The response will include all the available Managed Transforms and their new sta + + + + +Use the `cloudflare_managed_headers` Terraform resource to configure Managed Transforms. For example: + +```tf +resource "cloudflare_managed_headers" "tf_example" { + zone_id = "" + + managed_request_headers { + id = "add_visitor_location_headers" + enabled = true + } + + managed_response_headers { + id = "remove_x-powered-by_header" + enabled = true + } +} +``` + +Make sure you include the Managed Transforms you are updating in the correct object (`managed_request_headers` or `managed_response_headers`). + diff --git a/src/content/docs/rules/transform/managed-transforms/index.mdx b/src/content/docs/rules/transform/managed-transforms/index.mdx index dc8b30777c51729..08402eaf2e52669 100644 --- a/src/content/docs/rules/transform/managed-transforms/index.mdx +++ b/src/content/docs/rules/transform/managed-transforms/index.mdx @@ -15,7 +15,7 @@ Managed Transforms allow you to perform common adjustments to HTTP request and r For a complete list, refer to [Available Managed Transforms](/rules/transform/managed-transforms/reference/). -When you enable a Managed Transform, Cloudflare internally deploys one or more Transform Rules to handle the common configuration you selected. These generated rules will not count against the maximum number of Transform Rules available in your Cloudflare plan. +When you enable a Managed Transform, Cloudflare internally deploys one or more Transform Rules to handle the common configuration you selected. These generated rules will not count against the [maximum number of Transform Rules](/rules/transform/#availability) available in your Cloudflare plan. Enabled Managed Transforms will apply to all inbound requests for the zone. @@ -25,4 +25,4 @@ The generated internal Transform Rules will not appear in the Transform Rules li ## Next steps -For dashboard and API instructions, refer to [Configure Managed Transforms](/rules/transform/managed-transforms/configure/). +For dashboard, API, and Terraform instructions, refer to [Configure Managed Transforms](/rules/transform/managed-transforms/configure/). diff --git a/src/content/docs/rules/transform/request-header-modification/link-create-terraform.mdx b/src/content/docs/rules/transform/request-header-modification/link-create-terraform.mdx new file mode 100644 index 000000000000000..b632b39d3a2f90d --- /dev/null +++ b/src/content/docs/rules/transform/request-header-modification/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create a rule using Terraform +external_link: /terraform/additional-configurations/transform-rules/#create-an-http-request-header-modification-rule +sidebar: + order: 4 +--- diff --git a/src/content/docs/rules/transform/response-header-modification/link-create-terraform.mdx b/src/content/docs/rules/transform/response-header-modification/link-create-terraform.mdx new file mode 100644 index 000000000000000..541f35f923a0ad9 --- /dev/null +++ b/src/content/docs/rules/transform/response-header-modification/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create a rule using Terraform +external_link: /terraform/additional-configurations/transform-rules/#create-an-http-response-header-modification-rule +sidebar: + order: 4 +--- diff --git a/src/content/docs/rules/transform/url-rewrite/index.mdx b/src/content/docs/rules/transform/url-rewrite/index.mdx index 4bba00ec4d74a7c..b719e1cf0453400 100644 --- a/src/content/docs/rules/transform/url-rewrite/index.mdx +++ b/src/content/docs/rules/transform/url-rewrite/index.mdx @@ -33,7 +33,7 @@ Rewrite URL rules can perform static or dynamic rewrites: - **Static rewrite**: Replaces a given part of a request URL (path or query string) with a static string. - **Dynamic rewrite**: Supports more advanced scenarios where you use a rewrite expression to define the resulting path or query string. -Create rewrite URL rules [in the dashboard](/rules/transform/url-rewrite/create-dashboard/) or [via API](/rules/transform/url-rewrite/create-api/). +Create rewrite URL rules [in the dashboard](/rules/transform/url-rewrite/create-dashboard/), [via Cloudflare API](/rules/transform/url-rewrite/create-api/), or [using Terraform](/terraform/additional-configurations/transform-rules/#create-a-rewrite-url-rule). ## Serve images from custom paths diff --git a/src/content/docs/rules/transform/url-rewrite/link-create-terraform.mdx b/src/content/docs/rules/transform/url-rewrite/link-create-terraform.mdx new file mode 100644 index 000000000000000..d1dd96c8e7f671c --- /dev/null +++ b/src/content/docs/rules/transform/url-rewrite/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create a rule using Terraform +external_link: /terraform/additional-configurations/transform-rules/#create-a-rewrite-url-rule +sidebar: + order: 4 +--- diff --git a/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx b/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx index e184dea80244a15..813fc7d37cbc013 100644 --- a/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx +++ b/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx @@ -1,16 +1,17 @@ --- -title: DDoS managed rulesets +title: DDoS managed rulesets configuration using Terraform pcx_content_type: how-to sidebar: order: 3 + label: DDoS managed rulesets head: - tag: title - content: Configure DDoS managed rulesets with Terraform + content: DDoS managed rulesets configuration using Terraform --- -import { Render } from "~/components"; +import { Render, RuleID } from "~/components"; -This page provides examples of configuring DDoS managed rulesets in your zone or account using Terraform. It covers the following configurations: +This page provides examples of configuring [DDoS managed rulesets](/ddos-protection/managed-rulesets/) in your zone or account using Terraform. It covers the following configurations: - [Example: Configure HTTP DDoS Attack Protection](#example-configure-http-ddos-attack-protection) - [Example: Configure Network-layer DDoS Attack Protection](#example-configure-network-layer-ddos-attack-protection) @@ -18,7 +19,7 @@ This page provides examples of configuring DDoS managed rulesets in your zone or DDoS managed rulesets are always enabled. Depending on your Cloudflare services, you may be able to adjust their behavior. -For more information on DDoS managed rulesets, refer to [Managed rulesets](/ddos-protection/managed-rulesets/) in the Cloudflare DDoS Protection documentation. For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation. +For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation. ## Before you start @@ -34,7 +35,7 @@ For more information on DDoS managed rulesets, refer to [Managed rulesets](/ddos ## Example: Configure HTTP DDoS Attack Protection -This example configures the [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) managed ruleset for a zone using Terraform, changing the sensitivity level of rule with ID fdfdac75430c4c47a959592f0aa5e68a to `low`. +This example configures the [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) managed ruleset for a zone using Terraform, changing the sensitivity level of rule with ID to `low`. @@ -70,7 +71,7 @@ For more information about HTTP DDoS Attack Protection, refer to [HTTP DDoS Atta ## Example: Configure Network-layer DDoS Attack Protection -This example configures the [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) managed ruleset for an account using Terraform, changing the sensitivity level of rule with ID 599dab0942ff4898ac1b7797e954e98b to `low` using an override. +This example configures the [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) managed ruleset for an account using Terraform, changing the sensitivity level of rule with ID to `low` using an override. :::caution[Important] diff --git a/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx b/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx index 2fbec939b875fd3..66301897cedf8dd 100644 --- a/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx +++ b/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx @@ -1,18 +1,17 @@ --- -title: Rate limiting rules +title: Rate limiting rules configuration using Terraform pcx_content_type: how-to sidebar: order: 4 + label: Rate limiting rules head: - tag: title - content: Configure rate limiting rules with Terraform + content: Rate limiting rules configuration using Terraform --- import { Details, Render } from "~/components"; -This page provides an example of creating a rate limiting rule in a zone using Terraform. - -For more information on rate limiting rules, refer to [Rate limiting rules](/waf/rate-limiting-rules/) in the Cloudflare WAF documentation. +This page provides examples of creating [rate limiting rules](/waf/rate-limiting-rules/) in a zone or account using Terraform. :::note @@ -31,7 +30,7 @@ For more information on configuring the previous version of rate limiting rules --- -## Create a rate limiting rule +## Create a rate limiting rule at the zone level This example creates a rate limiting rule in zone with ID `` blocking traffic that exceeds the configured rate: @@ -62,14 +61,15 @@ resource "cloudflare_ruleset" "zone_rl" {
-
+## Create a rate limiting rule at the account level -:::note[Before you start] +:::note[Notes] -- Account-level rate limiting configuration requires an Enterprise plan with a paid add-on. +- [Account-level rate limiting configuration](/waf/account/) requires an Enterprise plan with a paid add-on. - Custom rulesets deployed at the account level will only apply to incoming traffic of zones on an Enterprise plan. The expression of your `execute` rule must end with `and cf.zone.plan eq "ENT"`. - ::: + +::: This example defines a [custom ruleset](/ruleset-engine/custom-rulesets/) with a single rate limiting rule in account with ID `` that blocks traffic for the `/api/` path exceeding the configured rate. The second `cloudflare_ruleset` resource defines an `execute` rule that deploys the custom ruleset for traffic addressed at `example.com`. @@ -120,7 +120,7 @@ resource "cloudflare_ruleset" "account_rl_entrypoint" { } ``` -
+
## Create an advanced rate limiting rule diff --git a/src/content/docs/terraform/additional-configurations/transform-rules.mdx b/src/content/docs/terraform/additional-configurations/transform-rules.mdx index 8b78537b90ac9c0..b49d65debb5940c 100644 --- a/src/content/docs/terraform/additional-configurations/transform-rules.mdx +++ b/src/content/docs/terraform/additional-configurations/transform-rules.mdx @@ -1,21 +1,21 @@ --- -title: Transform Rules +title: Transform Rules configuration using Terraform pcx_content_type: how-to sidebar: order: 6 + label: Transform Rules head: - tag: title - content: Configure Transform Rules with Terraform + content: Transform Rules configuration using Terraform --- import { Render } from "~/components"; -This page provides examples of creating Transform Rules in a zone using Terraform. The examples cover the following scenarios: +This page provides examples of creating [Transform Rules](/rules/transform/) in a zone using Terraform. The examples cover the following scenarios: - [Create a Rewrite URL Rule](#create-a-rewrite-url-rule) - [Create an HTTP Request Header Modification Rule](#create-an-http-request-header-modification-rule) - -For more information on Transform Rules, refer to [Transform Rules](/rules/transform/). +- [Create an HTTP Response Header Modification Rule](#create-an-http-response-header-modification-rule) ## Before you start diff --git a/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx b/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx index b1569df2a434adb..17211389073d2ba 100644 --- a/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx +++ b/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx @@ -1,16 +1,17 @@ --- -title: WAF custom rules +title: WAF custom rules configuration using Terraform pcx_content_type: how-to sidebar: order: 5 + label: WAF custom rules head: - tag: title - content: Configure WAF custom rules with Terraform + content: WAF custom rules configuration using Terraform --- import { Render, GlossaryTooltip } from "~/components"; -This page provides examples of creating WAF custom rules in a zone or account using Terraform. The examples cover the following scenarios: +This page provides examples of creating [WAF custom rules](/waf/custom-rules/) in a zone or account using Terraform. The examples cover the following scenarios: - Zone-level configurations: - [Add a custom rule to a zone](#add-a-custom-rule-to-a-zone) @@ -20,8 +21,6 @@ This page provides examples of creating WAF custom rules in a zone or account us - [Create and deploy a custom ruleset](#create-and-deploy-a-custom-ruleset) - [Add a custom rule checking for exposed credentials](#add-a-custom-rule-checking-for-exposed-credentials) -For more information on custom rules, refer to [Custom rules](/waf/custom-rules/) in the Cloudflare WAF documentation. - ## Before you start ### Obtain the necessary account or zone IDs diff --git a/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx b/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx index 31e4aeb376e1e63..f6c65064fb56586 100644 --- a/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx +++ b/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx @@ -1,24 +1,26 @@ --- -title: WAF Managed Rules +title: WAF Managed Rules configuration using Terraform pcx_content_type: how-to sidebar: order: 2 + label: WAF Managed Rules head: - tag: title - content: Configure WAF Managed Rules with Terraform + content: WAF Managed Rules configuration using Terraform --- import { Details, Render, RuleID } from "~/components"; -This page provides examples of deploying and configuring WAF Managed Rules in your zone or account using Terraform. It covers the following configurations: +This page provides examples of deploying and configuring [WAF Managed Rules](/waf/managed-rules/) in your zone or account using Terraform. It covers the following configurations: -- [Deploy managed rulesets](#deploy-managed-rulesets) +- [Deploy managed rulesets at the zone level](#deploy-managed-rulesets-at-the-zone-level) +- [Deploy managed rulesets at the account level](#deploy-managed-rulesets-at-the-account-level) - [Configure skip rules](#configure-skip-rules) - [Configure payload logging](#configure-payload-logging) - [Configure overrides](#configure-overrides) - [Configure the OWASP paranoia level, score threshold, and action](#configure-the-owasp-paranoia-level-score-threshold-and-action) -For more information on WAF Managed Rules, refer to [WAF Managed Rules](/waf/managed-rules/) in the Cloudflare WAF documentation. For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation. +For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation. ## Before you start @@ -26,13 +28,15 @@ For more information on WAF Managed Rules, refer to [WAF Managed Rules](/waf/man +The IDs of WAF managed rulesets are also available in the [WAF Managed Rules](/waf/managed-rules/#managed-rulesets) page. + ### Import or delete existing rulesets --- -## Deploy managed rulesets +## Deploy managed rulesets at the zone level The following example deploys two managed rulesets to the zone with ID `` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets. @@ -71,14 +75,15 @@ resource "cloudflare_ruleset" "zone_level_managed_waf" { } ``` -
+## Deploy managed rulesets at the account level -:::note[Before you start] +:::note[Notes] -- Account-level WAF configuration requires an Enterprise plan with a paid add-on. +- [Account-level WAF configuration](/waf/account/) requires an Enterprise plan with a paid add-on. - Managed rulesets deployed at the account level will only apply to incoming traffic of zones on an Enterprise plan. The expression of your `execute` rule must end with `and cf.zone.plan eq "ENT"`. - ::: + +::: The following example deploys two managed rulesets to the account with ID `` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets for two hostnames belonging to Enterprise zones. @@ -116,8 +121,6 @@ resource "cloudflare_ruleset" "account_level_managed_waf" { } ``` -
- ## Configure skip rules The following example adds two [skip rules](/waf/managed-rules/waf-exceptions/) (or exceptions) for the Cloudflare Managed Ruleset: @@ -192,7 +195,7 @@ The following configuration includes the three overrides in the rule that execut -```tf null {9-24} +```tf null {11-26} # (...) # Execute Cloudflare Managed Ruleset @@ -233,7 +236,7 @@ Building upon the rule that deploys the Cloudflare Managed Ruleset, the followin -```tf null {9-11} +```tf null {11-13} # (...) # Execute Cloudflare Managed Ruleset @@ -274,7 +277,7 @@ The following example rule of a `cloudflare_ruleset` Terraform resource performs -```tf null {8-25} +```tf null {11-28} # (...) # Execute Cloudflare OWASP Core Ruleset diff --git a/src/content/docs/waf/account/custom-rulesets/index.mdx b/src/content/docs/waf/account/custom-rulesets/index.mdx index edc69d7a6afd2c0..8164aa8c603681f 100644 --- a/src/content/docs/waf/account/custom-rulesets/index.mdx +++ b/src/content/docs/waf/account/custom-rulesets/index.mdx @@ -17,3 +17,5 @@ Refer to the following pages for more information on working with custom ruleset - [Work with custom rulesets in the dashboard](/waf/account/custom-rulesets/create-dashboard/) - [Work with custom rulesets using the API](/waf/account/custom-rulesets/create-api/) + +For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/#create-and-deploy-a-custom-ruleset). diff --git a/src/content/docs/waf/account/custom-rulesets/link-create-terraform.mdx b/src/content/docs/waf/account/custom-rulesets/link-create-terraform.mdx new file mode 100644 index 000000000000000..788837bfb130832 --- /dev/null +++ b/src/content/docs/waf/account/custom-rulesets/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Use Terraform +external_link: /terraform/additional-configurations/waf-custom-rules/#create-and-deploy-a-custom-ruleset +sidebar: + order: 4 +--- diff --git a/src/content/docs/waf/account/managed-rulesets/link-create-exceptions.mdx b/src/content/docs/waf/account/managed-rulesets/link-create-exceptions.mdx index dae3d33e3f82734..b26d1e20ff2861f 100644 --- a/src/content/docs/waf/account/managed-rulesets/link-create-exceptions.mdx +++ b/src/content/docs/waf/account/managed-rulesets/link-create-exceptions.mdx @@ -3,5 +3,5 @@ pcx_content_type: navigation title: Create exceptions external_link: /waf/managed-rules/waf-exceptions/ sidebar: - order: 4 + order: 5 --- diff --git a/src/content/docs/waf/account/managed-rulesets/link-create-terraform.mdx b/src/content/docs/waf/account/managed-rulesets/link-create-terraform.mdx new file mode 100644 index 000000000000000..d77f845e69f3cc9 --- /dev/null +++ b/src/content/docs/waf/account/managed-rulesets/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Deploy using Terraform +external_link: /terraform/additional-configurations/waf-managed-rulesets/#deploy-managed-rulesets-at-the-account-level +sidebar: + order: 4 +--- diff --git a/src/content/docs/waf/account/rate-limiting-rulesets/create-api.mdx b/src/content/docs/waf/account/rate-limiting-rulesets/create-api.mdx index f7eecf3b8d601cf..3218366172a14bc 100644 --- a/src/content/docs/waf/account/rate-limiting-rulesets/create-api.mdx +++ b/src/content/docs/waf/account/rate-limiting-rulesets/create-api.mdx @@ -2,7 +2,7 @@ pcx_content_type: how-to title: Create a rate limiting ruleset via API sidebar: - order: 15 + order: 16 label: Create via API head: - tag: title diff --git a/src/content/docs/waf/account/rate-limiting-rulesets/index.mdx b/src/content/docs/waf/account/rate-limiting-rulesets/index.mdx index 1599271e1602ea1..6d6e73d82bfd37b 100644 --- a/src/content/docs/waf/account/rate-limiting-rulesets/index.mdx +++ b/src/content/docs/waf/account/rate-limiting-rulesets/index.mdx @@ -21,3 +21,5 @@ For instructions on creating and deploying a rate limiting ruleset, refer to the - [Create a rate limiting ruleset in the dashboard](/waf/account/rate-limiting-rulesets/create-dashboard/) - [Create a rate limiting ruleset using the API](/waf/account/rate-limiting-rulesets/create-api/) + +For Terraform examples, refer to [Rate limiting rules configuration using Terraform](/terraform/additional-configurations/rate-limiting-rules/). diff --git a/src/content/docs/waf/account/rate-limiting-rulesets/link-create-terraform.mdx b/src/content/docs/waf/account/rate-limiting-rulesets/link-create-terraform.mdx new file mode 100644 index 000000000000000..248e562f047291f --- /dev/null +++ b/src/content/docs/waf/account/rate-limiting-rulesets/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create using Terraform +external_link: /terraform/additional-configurations/rate-limiting-rules/#create-a-rate-limiting-rule +sidebar: + order: 17 +--- diff --git a/src/content/docs/waf/custom-rules/index.mdx b/src/content/docs/waf/custom-rules/index.mdx index 53fca3183eeaa2c..f5ab11776545eb8 100644 --- a/src/content/docs/waf/custom-rules/index.mdx +++ b/src/content/docs/waf/custom-rules/index.mdx @@ -25,3 +25,5 @@ To define sets of custom rules that apply to more than one zone, use [custom rul To create custom rules using the Cloudflare dashboard, refer to [Create custom rules in the dashboard](/waf/custom-rules/create-dashboard/). You can also create custom rules using the [Rulesets API](/ruleset-engine/rulesets-api/). Refer to [Create custom rules via API](/waf/custom-rules/create-api/) for more information. + +For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/). diff --git a/src/content/docs/waf/custom-rules/link-create-terraform.mdx b/src/content/docs/waf/custom-rules/link-create-terraform.mdx new file mode 100644 index 000000000000000..2041ac3fbf0d025 --- /dev/null +++ b/src/content/docs/waf/custom-rules/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create using Terraform +external_link: /terraform/additional-configurations/waf-custom-rules/ +sidebar: + order: 4 +--- diff --git a/src/content/docs/waf/custom-rules/link-custom-rulesets.mdx b/src/content/docs/waf/custom-rules/link-custom-rulesets.mdx index 8edb861ffa7e872..685b6eba4f12942 100644 --- a/src/content/docs/waf/custom-rules/link-custom-rulesets.mdx +++ b/src/content/docs/waf/custom-rules/link-custom-rulesets.mdx @@ -3,5 +3,5 @@ pcx_content_type: navigation title: Custom rulesets external_link: /waf/account/custom-rulesets/ sidebar: - order: 6 + order: 7 --- diff --git a/src/content/docs/waf/custom-rules/skip/index.mdx b/src/content/docs/waf/custom-rules/skip/index.mdx index 9e48371f56596ed..53d13ade78cd44a 100644 --- a/src/content/docs/waf/custom-rules/skip/index.mdx +++ b/src/content/docs/waf/custom-rules/skip/index.mdx @@ -2,7 +2,7 @@ title: Configure a rule with the Skip action pcx_content_type: how-to sidebar: - order: 4 + order: 5 head: - tag: title content: Configure a custom rule with the Skip action diff --git a/src/content/docs/waf/custom-rules/use-cases/index.mdx b/src/content/docs/waf/custom-rules/use-cases/index.mdx index 65c38ff7892cb3d..59fca2ac0e7633f 100644 --- a/src/content/docs/waf/custom-rules/use-cases/index.mdx +++ b/src/content/docs/waf/custom-rules/use-cases/index.mdx @@ -2,7 +2,7 @@ pcx_content_type: navigation title: Common use cases sidebar: - order: 5 + order: 6 group: hideIndex: true head: diff --git a/src/content/docs/waf/managed-rules/deploy-api.mdx b/src/content/docs/waf/managed-rules/deploy-api.mdx index 8a254f75f42f4ca..23f02cf53309f4a 100644 --- a/src/content/docs/waf/managed-rules/deploy-api.mdx +++ b/src/content/docs/waf/managed-rules/deploy-api.mdx @@ -2,7 +2,7 @@ pcx_content_type: configuration title: Deploy a WAF managed ruleset via API sidebar: - order: 3 + order: 2 label: Deploy via API head: - tag: title diff --git a/src/content/docs/waf/managed-rules/link-deploy-terraform.mdx b/src/content/docs/waf/managed-rules/link-deploy-terraform.mdx new file mode 100644 index 000000000000000..6e77bf39345bcbd --- /dev/null +++ b/src/content/docs/waf/managed-rules/link-deploy-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Deploy using Terraform +external_link: /terraform/additional-configurations/waf-managed-rulesets/ +sidebar: + order: 3 +--- diff --git a/src/content/docs/waf/rate-limiting-rules/create-api.mdx b/src/content/docs/waf/rate-limiting-rules/create-api.mdx index cd202bde758c8e2..739a0b0a27b08e3 100644 --- a/src/content/docs/waf/rate-limiting-rules/create-api.mdx +++ b/src/content/docs/waf/rate-limiting-rules/create-api.mdx @@ -2,7 +2,7 @@ pcx_content_type: how-to title: Create a rate limiting rule via API sidebar: - order: 16 + order: 15 label: Create via API head: - tag: title diff --git a/src/content/docs/waf/rate-limiting-rules/index.mdx b/src/content/docs/waf/rate-limiting-rules/index.mdx index 95457b4b7efb14e..88fa1651b4f0ce0 100644 --- a/src/content/docs/waf/rate-limiting-rules/index.mdx +++ b/src/content/docs/waf/rate-limiting-rules/index.mdx @@ -43,6 +43,8 @@ Refer to the following resources: - [Create a rate limiting rule in the dashboard for a zone](/waf/rate-limiting-rules/create-zone-dashboard/) - [Create a rate limiting rule via API for a zone](/waf/rate-limiting-rules/create-api/) +For Terraform examples, refer to [Rate limiting rules configuration using Terraform](/terraform/additional-configurations/rate-limiting-rules/). + --- ## Related resources diff --git a/src/content/docs/waf/rate-limiting-rules/link-create-terraform.mdx b/src/content/docs/waf/rate-limiting-rules/link-create-terraform.mdx new file mode 100644 index 000000000000000..b2ea51c8a8a0257 --- /dev/null +++ b/src/content/docs/waf/rate-limiting-rules/link-create-terraform.mdx @@ -0,0 +1,7 @@ +--- +pcx_content_type: navigation +title: Create using Terraform +external_link: /terraform/additional-configurations/rate-limiting-rules/ +sidebar: + order: 16 +--- diff --git a/src/content/docs/waf/reference/migration-guides/waf-managed-rules-migration.mdx b/src/content/docs/waf/reference/migration-guides/waf-managed-rules-migration.mdx index c8ae9eb4ca22ebf..3048c676166397e 100644 --- a/src/content/docs/waf/reference/migration-guides/waf-managed-rules-migration.mdx +++ b/src/content/docs/waf/reference/migration-guides/waf-managed-rules-migration.mdx @@ -416,7 +416,7 @@ For more information, refer to the following resources: ### Configuring the new WAF Managed Rules using Terraform -Instead of using the previous resources for managing WAF packages, rule groups, and rules, you must now use the [`cloudflare_ruleset`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/ruleset) Terraform resource to configure WAF Managed Rules. For configuration examples, refer to [Configure WAF Managed Rules](/terraform/additional-configurations/waf-managed-rulesets/). +Instead of using the previous resources for managing WAF packages, rule groups, and rules, you must now use the [`cloudflare_ruleset`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/ruleset) Terraform resource to configure WAF Managed Rules. For configuration examples, refer to [WAF Managed Rules configuration using Terraform](/terraform/additional-configurations/waf-managed-rulesets/). #### Replace your configuration using `cf-terraforming`