API Reference

Firewall

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Access Rules

resource cloudflare_access_rule

required Expand Collapse

mode: String

The action to apply to a matched request.

configuration: Attributes

The rule configuration.

target?: String

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value?: String

The IP address to match. This address will be compared to the IP address of incoming requests.

optional Expand Collapse

account_id?: String

The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

zone_id?: String

The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

notes?: String

An informative summary of the rule, typically used as a reminder or explanation.

computed Expand Collapse

id: String

The unique identifier of the IP Access rule.

created_on: Time

The timestamp of when the rule was created.

modified_on: Time

The timestamp of when the rule was last modified.

allowed_modes: List[String]

The available actions that a rule can apply to a matched request.

scope: Attributes

All zones owned by the user will have the rule applied.

id: String

Defines an identifier.

email: String

The contact email address of the user.

type: String

Defines the scope of the rule.

cloudflare_access_rule

Terraform

HTTP

TypeScript

Python

Go

Terraform

resource "cloudflare_access_rule" "example_access_rule" {
  configuration = {
    target = "ip"
    value = "198.51.100.4"
  }
  mode = "challenge"
  zone_id = "zone_id"
  notes = "This rule is enabled because of an event that occurred on date X."
}

data cloudflare_access_rule

optional Expand Collapse

rule_id?: String

Unique identifier for a rule.

account_id?: String

The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

zone_id?: String

The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

filter?: Attributes

configuration?: Attributes

target?: String

Defines the target to search in existing rules.

value?: String

Defines the target value to search for in existing rules: an IP address, an IP address range, or a country code, depending on the provided configuration.target. Notes: You can search for a single IPv4 address, an IP address range with a subnet of '/16' or '/24', or a two-letter ISO-3166-1 alpha-2 country code.

direction?: String

Defines the direction used to sort returned rules.

match?: String

Defines the search requirements. When set to all, all the search requirements must match. When set to any, only one of the search requirements has to match.

mode?: String

The action to apply to a matched request.

notes?: String

Defines the string to search for in the notes of existing IP Access rules. Notes: For example, the string 'attack' would match IP Access rules with notes 'Attack 26/02' and 'Attack 27/02'. The search is case insensitive.

order?: String

Defines the field used to sort returned rules.

computed Expand Collapse

id: String

Unique identifier for a rule.

created_on: Time

The timestamp of when the rule was created.

mode: String

The action to apply to a matched request.

modified_on: Time

The timestamp of when the rule was last modified.

notes: String

An informative summary of the rule, typically used as a reminder or explanation.

allowed_modes: List[String]

The available actions that a rule can apply to a matched request.

configuration: Attributes

The rule configuration.

target: String

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: String

The IP address to match. This address will be compared to the IP address of incoming requests.

scope: Attributes

All zones owned by the user will have the rule applied.

id: String

Defines an identifier.

email: String

The contact email address of the user.

type: String

Defines the scope of the rule.

cloudflare_access_rule

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_access_rule" "example_access_rule" {
  rule_id = "023e105f4ecef8ad9ca31a8372d0c353"
  account_id = "account_id"
  zone_id = "zone_id"
}

data cloudflare_access_rules

optional Expand Collapse

account_id?: String

The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

zone_id?: String

The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

direction?: String

Defines the direction used to sort returned rules.

mode?: String

The action to apply to a matched request.

notes?: String

Defines the string to search for in the notes of existing IP Access rules. Notes: For example, the string 'attack' would match IP Access rules with notes 'Attack 26/02' and 'Attack 27/02'. The search is case insensitive.

order?: String

Defines the field used to sort returned rules.

configuration?: Attributes

target?: String

Defines the target to search in existing rules.

value?: String

Defines the target value to search for in existing rules: an IP address, an IP address range, or a country code, depending on the provided configuration.target. Notes: You can search for a single IPv4 address, an IP address range with a subnet of '/16' or '/24', or a two-letter ISO-3166-1 alpha-2 country code.

match?: String

Defines the search requirements. When set to all, all the search requirements must match. When set to any, only one of the search requirements has to match.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

The unique identifier of the IP Access rule.

allowed_modes: List[String]

The available actions that a rule can apply to a matched request.

configuration: Attributes

The rule configuration.

target: String

The configuration target. You must set the target to ip when specifying an IP address in the rule.

value: String

The IP address to match. This address will be compared to the IP address of incoming requests.

mode: String

The action to apply to a matched request.

created_on: Time

The timestamp of when the rule was created.

modified_on: Time

The timestamp of when the rule was last modified.

notes: String

An informative summary of the rule, typically used as a reminder or explanation.

scope: Attributes

All zones owned by the user will have the rule applied.

id: String

Defines an identifier.

email: String

The contact email address of the user.

type: String

Defines the scope of the rule.

cloudflare_access_rules

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_access_rules" "example_access_rules" {
  account_id = "account_id"
  zone_id = "zone_id"
  configuration = {
    target = "ip"
    value = "198.51.100.4"
  }
  direction = "desc"
  mode = "challenge"
  notes = "my note"
  order = "mode"
}