Skip to content
Cloudflare API
Start here
API Reference
Firewall

Lockdowns

resource cloudflare_zone_lockdown

required Expand Collapse
zone_id: String

Defines an identifier.

urls: List[String]

The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

configurations: List[Attributes]

A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of ip or ip_range configurations.

target?: String

The configuration target. You must set the target to ip when specifying an IP address in the Zone Lockdown rule.

value?: String

The IP address to match. This address will be compared to the IP address of incoming requests.

optional Expand Collapse
description?: String

An informative summary of the rule. This value is sanitized and any tags will be removed.

priority?: Float64

The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority.

paused?: Bool

When true, indicates that the rule is currently paused.

computed Expand Collapse
id: String

The unique identifier of the Zone Lockdown rule.

created_on: Time

The timestamp of when the rule was created.

modified_on: Time

The timestamp of when the rule was last modified.

cloudflare_zone_lockdown

resource "cloudflare_zone_lockdown" "example_zone_lockdown" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  configurations = [{
    target = "ip"
    value = "198.51.100.4"
  }]
  urls = ["shop.example.com/*"]
  description = "Prevent multiple login failures to mitigate brute force attacks"
  paused = false
  priority = 5
}

data cloudflare_zone_lockdown

required Expand Collapse
zone_id: String

Defines an identifier.

optional Expand Collapse
lock_downs_id?: String

The unique identifier of the Zone Lockdown rule.

filter?: Attributes
created_on?: Time

The timestamp of when the rule was created.

description?: String

A string to search for in the description of existing rules.

ip?: String

A single IP address to search for in existing rules.

modified_on?: Time

The timestamp of when the rule was last modified.

priority?: Float64

The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority.

computed Expand Collapse
id: String

The unique identifier of the Zone Lockdown rule.

created_on: Time

The timestamp of when the rule was created.

description: String

An informative summary of the rule.

modified_on: Time

The timestamp of when the rule was last modified.

paused: Bool

When true, indicates that the rule is currently paused.

urls: List[String]

The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

configurations: List[Attributes]

A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of ip or ip_range configurations.

target: String

The configuration target. You must set the target to ip when specifying an IP address in the Zone Lockdown rule.

value: String

The IP address to match. This address will be compared to the IP address of incoming requests.

cloudflare_zone_lockdown

data "cloudflare_zone_lockdown" "example_zone_lockdown" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  lock_downs_id = "372e67954025e0ba6aaa6d586b9e0b59"
}

data cloudflare_zone_lockdowns

required Expand Collapse
zone_id: String

Defines an identifier.

optional Expand Collapse
created_on?: Time

The timestamp of when the rule was created.

description?: String

A string to search for in the description of existing rules.

ip?: String

A single IP address to search for in existing rules.

modified_on?: Time

The timestamp of when the rule was last modified.

priority?: Float64

The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse
result: List[Attributes]

The items returned by the data source

id: String

The unique identifier of the Zone Lockdown rule.

configurations: List[Attributes]

A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of ip or ip_range configurations.

target: String

The configuration target. You must set the target to ip when specifying an IP address in the Zone Lockdown rule.

value: String

The IP address to match. This address will be compared to the IP address of incoming requests.

created_on: Time

The timestamp of when the rule was created.

description: String

An informative summary of the rule.

modified_on: Time

The timestamp of when the rule was last modified.

paused: Bool

When true, indicates that the rule is currently paused.

urls: List[String]

The URLs to include in the rule definition. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns.

cloudflare_zone_lockdowns

data "cloudflare_zone_lockdowns" "example_zone_lockdowns" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  created_on = "2014-01-01T05:20:00.12345Z"
  description = "endpoints"
  description_search = "endpoints"
  ip = "1.2.3.4"
  ip_range_search = "1.2.3.0/16"
  ip_search = "1.2.3.4"
  modified_on = "2014-01-01T05:20:00.12345Z"
  priority = 5
  uri_search = "/some/path"
}