API Reference

Firewall

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Access Rules

List IP Access rules

firewall.access_rules.list(AccessRuleListParams**kwargs) -> SyncV4PagePaginationArray[AccessRuleListResponse]

GET/{accounts_or_zones}/{account_or_zone_id}/firewall/access_rules/rules

Get an IP Access rule

firewall.access_rules.get(strrule_id, AccessRuleGetParams**kwargs) -> AccessRuleGetResponse

GET/{accounts_or_zones}/{account_or_zone_id}/firewall/access_rules/rules/{rule_id}

Create an IP Access rule

firewall.access_rules.create(AccessRuleCreateParams**kwargs) -> AccessRuleCreateResponse

POST/{accounts_or_zones}/{account_or_zone_id}/firewall/access_rules/rules

Update an IP Access rule

firewall.access_rules.edit(strrule_id, AccessRuleEditParams**kwargs) -> AccessRuleEditResponse

PATCH/{accounts_or_zones}/{account_or_zone_id}/firewall/access_rules/rules/{rule_id}

Delete an IP Access rule

firewall.access_rules.delete(strrule_id, AccessRuleDeleteParams**kwargs) -> AccessRuleDeleteResponse

DELETE/{accounts_or_zones}/{account_or_zone_id}/firewall/access_rules/rules/{rule_id}

ModelsExpand Collapse

class AccessRuleCIDRConfiguration: …

target: Optional[Literal["ip_range"]]

The configuration target. You must set the target to ip_range when specifying an IP address range in the rule.

value: Optional[str]

The IP address range to match. You can only use prefix lengths /16 and /24 for IPv4 ranges, and prefix lengths /32, /48, and /64 for IPv6 ranges.

class AccessRuleIPConfiguration: …

target: Optional[Literal["ip"]]

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: Optional[str]

The IP address to match. This address will be compared to the IP address of incoming requests.

class ASNConfiguration: …

target: Optional[Literal["asn"]]

The configuration target. You must set the target to asn when specifying an Autonomous System Number (ASN) in the rule.

value: Optional[str]

The AS number to match.

class CountryConfiguration: …

target: Optional[Literal["country"]]

The configuration target. You must set the target to country when specifying a country code in the rule.

value: Optional[str]

The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to IP Access rules: Parameters.

class IPV6Configuration: …

target: Optional[Literal["ip6"]]

The configuration target. You must set the target to ip6 when specifying an IPv6 address in the rule.

value: Optional[str]

The IPv6 address to match.

class AccessRuleListResponse: …

id: str

The unique identifier of the IP Access rule.

maxLength32

allowed_modes: List[Literal["block", "challenge", "whitelist", 2 more]]

The available actions that a rule can apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

configuration: Configuration

The rule configuration.

One of the following:

class AccessRuleIPConfiguration: …

target: Optional[Literal["ip"]]

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: Optional[str]

The IP address to match. This address will be compared to the IP address of incoming requests.

class IPV6Configuration: …

target: Optional[Literal["ip6"]]

The configuration target. You must set the target to ip6 when specifying an IPv6 address in the rule.

value: Optional[str]

The IPv6 address to match.

class AccessRuleCIDRConfiguration: …

target: Optional[Literal["ip_range"]]

The configuration target. You must set the target to ip_range when specifying an IP address range in the rule.

value: Optional[str]

The IP address range to match. You can only use prefix lengths /16 and /24 for IPv4 ranges, and prefix lengths /32, /48, and /64 for IPv6 ranges.

class ASNConfiguration: …

target: Optional[Literal["asn"]]

The configuration target. You must set the target to asn when specifying an Autonomous System Number (ASN) in the rule.

value: Optional[str]

The AS number to match.

class CountryConfiguration: …

target: Optional[Literal["country"]]

The configuration target. You must set the target to country when specifying a country code in the rule.

value: Optional[str]

The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to IP Access rules: Parameters.

mode: Literal["block", "challenge", "whitelist", 2 more]

The action to apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

created_on: Optional[datetime]

The timestamp of when the rule was created.

formatdate-time

modified_on: Optional[datetime]

The timestamp of when the rule was last modified.

formatdate-time

notes: Optional[str]

An informative summary of the rule, typically used as a reminder or explanation.

scope: Optional[Scope]

All zones owned by the user will have the rule applied.

id: Optional[str]

Defines an identifier.

maxLength32

email: Optional[str]

The contact email address of the user.

maxLength90

type: Optional[Literal["user", "organization"]]

Defines the scope of the rule.

One of the following:

"user"

"organization"

class AccessRuleGetResponse: …

id: str

The unique identifier of the IP Access rule.

maxLength32

allowed_modes: List[Literal["block", "challenge", "whitelist", 2 more]]

The available actions that a rule can apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

configuration: Configuration

The rule configuration.

One of the following:

class AccessRuleIPConfiguration: …

target: Optional[Literal["ip"]]

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: Optional[str]

The IP address to match. This address will be compared to the IP address of incoming requests.

class IPV6Configuration: …

target: Optional[Literal["ip6"]]

The configuration target. You must set the target to ip6 when specifying an IPv6 address in the rule.

value: Optional[str]

The IPv6 address to match.

class AccessRuleCIDRConfiguration: …

target: Optional[Literal["ip_range"]]

The configuration target. You must set the target to ip_range when specifying an IP address range in the rule.

value: Optional[str]

The IP address range to match. You can only use prefix lengths /16 and /24 for IPv4 ranges, and prefix lengths /32, /48, and /64 for IPv6 ranges.

class ASNConfiguration: …

target: Optional[Literal["asn"]]

The configuration target. You must set the target to asn when specifying an Autonomous System Number (ASN) in the rule.

value: Optional[str]

The AS number to match.

class CountryConfiguration: …

target: Optional[Literal["country"]]

The configuration target. You must set the target to country when specifying a country code in the rule.

value: Optional[str]

The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to IP Access rules: Parameters.

mode: Literal["block", "challenge", "whitelist", 2 more]

The action to apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

created_on: Optional[datetime]

The timestamp of when the rule was created.

formatdate-time

modified_on: Optional[datetime]

The timestamp of when the rule was last modified.

formatdate-time

notes: Optional[str]

An informative summary of the rule, typically used as a reminder or explanation.

scope: Optional[Scope]

All zones owned by the user will have the rule applied.

id: Optional[str]

Defines an identifier.

maxLength32

email: Optional[str]

The contact email address of the user.

maxLength90

type: Optional[Literal["user", "organization"]]

Defines the scope of the rule.

One of the following:

"user"

"organization"

class AccessRuleCreateResponse: …

id: str

The unique identifier of the IP Access rule.

maxLength32

allowed_modes: List[Literal["block", "challenge", "whitelist", 2 more]]

The available actions that a rule can apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

configuration: Configuration

The rule configuration.

One of the following:

class AccessRuleIPConfiguration: …

target: Optional[Literal["ip"]]

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: Optional[str]

The IP address to match. This address will be compared to the IP address of incoming requests.

class IPV6Configuration: …

target: Optional[Literal["ip6"]]

The configuration target. You must set the target to ip6 when specifying an IPv6 address in the rule.

value: Optional[str]

The IPv6 address to match.

class AccessRuleCIDRConfiguration: …

target: Optional[Literal["ip_range"]]

The configuration target. You must set the target to ip_range when specifying an IP address range in the rule.

value: Optional[str]

The IP address range to match. You can only use prefix lengths /16 and /24 for IPv4 ranges, and prefix lengths /32, /48, and /64 for IPv6 ranges.

class ASNConfiguration: …

target: Optional[Literal["asn"]]

The configuration target. You must set the target to asn when specifying an Autonomous System Number (ASN) in the rule.

value: Optional[str]

The AS number to match.

class CountryConfiguration: …

target: Optional[Literal["country"]]

The configuration target. You must set the target to country when specifying a country code in the rule.

value: Optional[str]

The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to IP Access rules: Parameters.

mode: Literal["block", "challenge", "whitelist", 2 more]

The action to apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

created_on: Optional[datetime]

The timestamp of when the rule was created.

formatdate-time

modified_on: Optional[datetime]

The timestamp of when the rule was last modified.

formatdate-time

notes: Optional[str]

An informative summary of the rule, typically used as a reminder or explanation.

scope: Optional[Scope]

All zones owned by the user will have the rule applied.

id: Optional[str]

Defines an identifier.

maxLength32

email: Optional[str]

The contact email address of the user.

maxLength90

type: Optional[Literal["user", "organization"]]

Defines the scope of the rule.

One of the following:

"user"

"organization"

class AccessRuleEditResponse: …

id: str

The unique identifier of the IP Access rule.

maxLength32

allowed_modes: List[Literal["block", "challenge", "whitelist", 2 more]]

The available actions that a rule can apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

configuration: Configuration

The rule configuration.

One of the following:

class AccessRuleIPConfiguration: …

target: Optional[Literal["ip"]]

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: Optional[str]

The IP address to match. This address will be compared to the IP address of incoming requests.

class IPV6Configuration: …

target: Optional[Literal["ip6"]]

The configuration target. You must set the target to ip6 when specifying an IPv6 address in the rule.

value: Optional[str]

The IPv6 address to match.

class AccessRuleCIDRConfiguration: …

target: Optional[Literal["ip_range"]]

The configuration target. You must set the target to ip_range when specifying an IP address range in the rule.

value: Optional[str]

The IP address range to match. You can only use prefix lengths /16 and /24 for IPv4 ranges, and prefix lengths /32, /48, and /64 for IPv6 ranges.

class ASNConfiguration: …

target: Optional[Literal["asn"]]

The configuration target. You must set the target to asn when specifying an Autonomous System Number (ASN) in the rule.

value: Optional[str]

The AS number to match.

class CountryConfiguration: …

target: Optional[Literal["country"]]

The configuration target. You must set the target to country when specifying a country code in the rule.

value: Optional[str]

The two-letter ISO-3166-1 alpha-2 code to match. For more information, refer to IP Access rules: Parameters.

mode: Literal["block", "challenge", "whitelist", 2 more]

The action to apply to a matched request.

One of the following:

"block"

"challenge"

"whitelist"

"js_challenge"

"managed_challenge"

created_on: Optional[datetime]

The timestamp of when the rule was created.

formatdate-time

modified_on: Optional[datetime]

The timestamp of when the rule was last modified.

formatdate-time

notes: Optional[str]

An informative summary of the rule, typically used as a reminder or explanation.

scope: Optional[Scope]

All zones owned by the user will have the rule applied.

id: Optional[str]

Defines an identifier.

maxLength32

email: Optional[str]

The contact email address of the user.

maxLength90

type: Optional[Literal["user", "organization"]]

Defines the scope of the rule.

One of the following:

"user"

"organization"

class AccessRuleDeleteResponse: …

id: str

Defines an identifier.

maxLength32