API Reference

Alerting

Policies

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Update a Notification policy

alerting.policies.update(strpolicy_id, PolicyUpdateParams**kwargs) -> PolicyUpdateResponse

PUT/accounts/{account_id}/alerting/v3/policies/{policy_id}

Update a Notification policy.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Notifications WriteAccount Settings Write

ParametersExpand Collapse

account_id: str

The account id

maxLength32

policy_id: str

The unique identifier of a notification policy

maxLength32

alert_interval: Optional[str]

Optional specification of how often to re-alert from the same incident, not support on all alert types.

alert_type: Optional[Literal["abuse_report_alert", "access_custom_certificate_expiration_type", "advanced_ddos_attack_l4_alert", 65 more]]

Refers to which event will trigger a Notification dispatch. You can use the endpoint to get available alert types which then will give you a list of possible values.

One of the following:

"abuse_report_alert"

"access_custom_certificate_expiration_type"

"advanced_ddos_attack_l4_alert"

"advanced_ddos_attack_l7_alert"

"advanced_http_alert_error"

"bgp_hijack_notification"

"billing_usage_alert"

"block_notification_block_removed"

"block_notification_new_block"

"block_notification_review_rejected"

"bot_traffic_basic_alert"

"brand_protection_alert"

"brand_protection_digest"

"clickhouse_alert_fw_anomaly"

"clickhouse_alert_fw_ent_anomaly"

"cloudforce_one_request_notification"

"custom_analytics"

"custom_bot_detection_alert"

"custom_ssl_certificate_event_type"

"dedicated_ssl_certificate_event_type"

"device_connectivity_anomaly_alert"

"dos_attack_l4"

"dos_attack_l7"

"expiring_service_token_alert"

"failing_logpush_job_disabled_alert"

"fbm_auto_advertisement"

"fbm_dosd_attack"

"fbm_volumetric_attack"

"health_check_status_notification"

"hostname_aop_custom_certificate_expiration_type"

"http_alert_edge_error"

"http_alert_origin_error"

"image_notification"

"image_resizing_notification"

"incident_alert"

"load_balancing_health_alert"

"load_balancing_pool_enablement_alert"

"logo_match_alert"

"magic_tunnel_health_check_event"

"magic_wan_tunnel_health"

"maintenance_event_notification"

"mtls_certificate_store_certificate_expiration_type"

"pages_event_alert"

"radar_notification"

"real_origin_monitoring"

"scriptmonitor_alert_new_code_change_detections"

"scriptmonitor_alert_new_hosts"

"scriptmonitor_alert_new_malicious_hosts"

"scriptmonitor_alert_new_malicious_scripts"

"scriptmonitor_alert_new_malicious_url"

"scriptmonitor_alert_new_max_length_resource_url"

"scriptmonitor_alert_new_resources"

"secondary_dns_all_primaries_failing"

"secondary_dns_primaries_failing"

"secondary_dns_warning"

"secondary_dns_zone_successfully_updated"

"secondary_dns_zone_validation_warning"

"security_insights_alert"

"sentinel_alert"

"stream_live_notifications"

"synthetic_test_latency_alert"

"synthetic_test_low_availability_alert"

"traffic_anomalies_alert"

"tunnel_health_event"

"tunnel_update_event"

"universal_ssl_event_type"

"web_analytics_metrics_update"

"zone_aop_custom_certificate_expiration_type"

description: Optional[str]

Optional description for the Notification policy.

enabled: Optional[bool]

Whether or not the Notification policy is enabled.

filters: Optional[PolicyFilterParam]

Optional filters that allow you to be alerted only on a subset of events for that alert type based on some criteria. This is only available for select alert types. See alert type documentation for more details.

actions: Optional[List[str]]

Usage depends on specific alert type

affected_asns: Optional[List[str]]

Used for configuring radar_notification

affected_components: Optional[List[str]]

Used for configuring incident_alert

affected_locations: Optional[List[str]]

Used for configuring radar_notification

airport_code: Optional[List[str]]

Used for configuring maintenance_event_notification

alert_trigger_preferences: Optional[List[str]]

Usage depends on specific alert type

alert_trigger_preferences_value: Optional[List[str]]

Usage depends on specific alert type

enabled: Optional[List[str]]

Used for configuring load_balancing_pool_enablement_alert

environment: Optional[List[str]]

Used for configuring pages_event_alert

event: Optional[List[str]]

Used for configuring pages_event_alert

event_source: Optional[List[str]]

Used for configuring load_balancing_health_alert

event_type: Optional[List[str]]

Usage depends on specific alert type

group_by: Optional[List[str]]

Usage depends on specific alert type

health_check_id: Optional[List[str]]

Used for configuring health_check_status_notification

incident_impact: Optional[List[Literal["INCIDENT_IMPACT_NONE", "INCIDENT_IMPACT_MINOR", "INCIDENT_IMPACT_MAJOR", "INCIDENT_IMPACT_CRITICAL"]]]

Used for configuring incident_alert

One of the following:

"INCIDENT_IMPACT_NONE"

"INCIDENT_IMPACT_MINOR"

"INCIDENT_IMPACT_MAJOR"

"INCIDENT_IMPACT_CRITICAL"

input_id: Optional[List[str]]

Used for configuring stream_live_notifications

insight_class: Optional[List[str]]

Used for configuring security_insights_alert

limit: Optional[List[str]]

Used for configuring billing_usage_alert

logo_tag: Optional[List[str]]

Used for configuring logo_match_alert

megabits_per_second: Optional[List[str]]

Used for configuring advanced_ddos_attack_l4_alert

new_health: Optional[List[str]]

Used for configuring load_balancing_health_alert

new_status: Optional[List[str]]

Used for configuring tunnel_health_event

packets_per_second: Optional[List[str]]

Used for configuring advanced_ddos_attack_l4_alert

pool_id: Optional[List[str]]

Usage depends on specific alert type

pop_names: Optional[List[str]]

Usage depends on specific alert type

product: Optional[List[str]]

Used for configuring billing_usage_alert

project_id: Optional[List[str]]

Used for configuring pages_event_alert

protocol: Optional[List[str]]

Used for configuring advanced_ddos_attack_l4_alert

query_tag: Optional[List[str]]

Usage depends on specific alert type

requests_per_second: Optional[List[str]]

Used for configuring advanced_ddos_attack_l7_alert

selectors: Optional[List[str]]

Usage depends on specific alert type

services: Optional[List[str]]

Used for configuring clickhouse_alert_fw_ent_anomaly

slo: Optional[List[str]]

Usage depends on specific alert type

status: Optional[List[str]]

Used for configuring health_check_status_notification

target_hostname: Optional[List[str]]

Used for configuring advanced_ddos_attack_l7_alert

target_ip: Optional[List[str]]

Used for configuring advanced_ddos_attack_l4_alert

target_zone_name: Optional[List[str]]

Used for configuring advanced_ddos_attack_l7_alert

traffic_exclusions: Optional[List[Literal["security_events"]]]

Used for configuring traffic_anomalies_alert

tunnel_id: Optional[List[str]]

Used for configuring tunnel_health_event

tunnel_name: Optional[List[str]]

Usage depends on specific alert type

type: Optional[List[str]]

Usage depends on specific alert type

where: Optional[List[str]]

Usage depends on specific alert type

zones: Optional[List[str]]

Usage depends on specific alert type

mechanisms: Optional[MechanismParam]

List of IDs that will be used when dispatching a notification. IDs for email type will be the email address.

email: Optional[List[Email]]

id: Optional[str]

The email address

pagerduty: Optional[List[Pagerduty]]

id: Optional[str]

UUID

maxLength32

webhooks: Optional[List[Webhook]]

id: Optional[str]

UUID

maxLength32

name: Optional[str]

Name of the policy.

ReturnsExpand Collapse

class PolicyUpdateResponse: …

id: Optional[str]

UUID

maxLength32

Update a Notification policy

Python

HTTP

TypeScript

Python

Go

Terraform

import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_token=os.environ.get("CLOUDFLARE_API_TOKEN"),  # This is the default and can be omitted
)
policy = client.alerting.policies.update(
    policy_id="0da2b59ef118439d8097bdfb215203c9",
    account_id="023e105f4ecef8ad9ca31a8372d0c353",
)
print(policy.id)

200 example

{
  "errors": [
    {
      "message": "message",
      "code": 1000
    }
  ],
  "messages": [
    {
      "message": "message",
      "code": 1000
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90afafe4643bbbc4a0ed4fc8415"
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "message": "message",
      "code": 1000
    }
  ],
  "messages": [
    {
      "message": "message",
      "code": 1000
    }
  ],
  "success": true,
  "result": {
    "id": "f174e90afafe4643bbbc4a0ed4fc8415"
  }
}