Create DNS Firewall Cluster
Create a DNS Firewall cluster
Security
API Token
The preferred authorization scheme for interacting with the Cloudflare API. Create a token.
API Email + API Key
The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.
The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.
Accepted Permissions (at least one required)
Parameters
By default, Cloudflare attempts to cache responses for as long as indicated by the TTL received from upstream nameservers. This setting sets an upper bound on this duration. For caching purposes, higher TTLs will be decreased to the maximum value defined by this setting.
This setting does not affect the TTL value in the DNS response Cloudflare returns to clients. Cloudflare will always forward the TTL value received from upstream nameservers.
By default, Cloudflare attempts to cache responses for as long as indicated by the TTL received from upstream nameservers. This setting sets a lower bound on this duration. For caching purposes, lower TTLs will be increased to the minimum value defined by this setting.
This setting does not affect the TTL value in the DNS response Cloudflare returns to clients. Cloudflare will always forward the TTL value received from upstream nameservers.
Note that, even with this setting, there is no guarantee that a response will be cached for at least the specified duration. Cached responses may be removed earlier for capacity or other operational reasons.
This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
This setting does not affect the TTL value in the DNS response Cloudflare returns to clients. Cloudflare will always forward the TTL value received from upstream nameservers.
Create DNS Firewall Cluster
import os
from cloudflare import Cloudflare
client = Cloudflare(
api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted
)
dns_firewall = client.dns_firewall.create(
account_id="023e105f4ecef8ad9ca31a8372d0c353",
name="My Awesome DNS Firewall cluster",
upstream_ips=["192.0.2.1", "198.51.100.1", "2001:DB8:100::CF"],
)
print(dns_firewall.id){
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"success": true,
"result": {
"id": "023e105f4ecef8ad9ca31a8372d0c353",
"deprecate_any_requests": true,
"dns_firewall_ips": [
"203.0.113.1",
"203.0.113.254",
"2001:DB8:AB::CF",
"2001:DB8:CD::CF"
],
"ecs_fallback": false,
"maximum_cache_ttl": 900,
"minimum_cache_ttl": 60,
"modified_on": "2014-01-01T05:20:00.12345Z",
"name": "My Awesome DNS Firewall cluster",
"negative_cache_ttl": 900,
"ratelimit": 600,
"retries": 2,
"upstream_ips": [
"192.0.2.1",
"198.51.100.1",
"2001:DB8:100::CF"
],
"attack_mitigation": {
"enabled": true,
"only_when_upstream_unhealthy": false
}
}
}Returns Examples
{
"errors": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"messages": [
{
"code": 1000,
"message": "message",
"documentation_url": "documentation_url",
"source": {
"pointer": "pointer"
}
}
],
"success": true,
"result": {
"id": "023e105f4ecef8ad9ca31a8372d0c353",
"deprecate_any_requests": true,
"dns_firewall_ips": [
"203.0.113.1",
"203.0.113.254",
"2001:DB8:AB::CF",
"2001:DB8:CD::CF"
],
"ecs_fallback": false,
"maximum_cache_ttl": 900,
"minimum_cache_ttl": 60,
"modified_on": "2014-01-01T05:20:00.12345Z",
"name": "My Awesome DNS Firewall cluster",
"negative_cache_ttl": 900,
"ratelimit": 600,
"retries": 2,
"upstream_ips": [
"192.0.2.1",
"198.51.100.1",
"2001:DB8:100::CF"
],
"attack_mitigation": {
"enabled": true,
"only_when_upstream_unhealthy": false
}
}
}