Update and deploy rulesets
You can use the API to update basic properties of a ruleset (currently only the description) and the list of rules in the ruleset.
Use one of the following API endpoints:
| Operation | Method + Endpoint |
|---|---|
| Update an account ruleset | PUT /accounts/{account_id}/rulesets/{ruleset_id} |
| Update a zone ruleset | PUT /zones/{zone_id}/rulesets/{ruleset_id} |
| Update an account entry point ruleset | PUT /accounts/{account_id}/rulesets/phases/{phase_name}/entrypoint |
| Update a zone entry point ruleset | PUT /zones/{zone_id}/rulesets/phases/{phase_name}/entrypoint |
Use this API method to set the rules of a ruleset. You must include all the rules you want to associate with the ruleset in every request.
curl --request PUT \https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id} \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{ "rules": [ { "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "expression": "true" } ]}'{ "result": { "id": "<RULESET_ID>", "name": "Zone-level phase entry point", "description": "This ruleset executes a managed ruleset.", "kind": "zone", "version": "4", "rules": [ { "id": "<RULE_ID>", "version": "2", "action": "execute", "expression": "true", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "last_updated": "2023-03-17T15:42:37.917815Z" } ], "last_updated": "2023-03-17T15:42:37.917815Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []}To deploy a ruleset, create a rule with "action": "execute" that executes the ruleset, and add the ruleset ID to the action_parameters field in the id parameter.
The following example deploys a managed ruleset to the zone-level http_request_firewall_managed phase of a zone ({zone_id}).
curl --request PUT \https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/phases/http_request_firewall_managed/entrypoint \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{ "rules": [ { "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>" }, "expression": "true", "description": "Execute Cloudflare Managed Ruleset on my phase entry point" } ]}'{ "result": { "id": "<ZONE_PHASE_RULESET_ID>", "name": "Zone-level phase entry point", "description": "", "kind": "zone", "version": "4", "rules": [ { "id": "<RULE_ID_1>", "version": "1", "action": "execute", "action_parameters": { "id": "<MANAGED_RULESET_ID>", "version": "latest" }, "expression": "true", "description": "Execute Cloudflare Managed Ruleset on my phase entry point", "last_updated": "2023-03-21T11:02:08.769537Z", "ref": "<RULE_REF_1>", "enabled": true } ], "last_updated": "2023-03-21T11:02:08.769537Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []}For more information on deploying rulesets, refer to Deploy rulesets.
You can use this API method to update the description of an existing ruleset or phase entry point.
The response will include the complete ruleset definition, including all the rules.
curl --request PUT \https://api.cloudflare.com/client/v4/zones/{zone_id}/rulesets/{ruleset_id} \--header "Authorization: Bearer <API_TOKEN>" \--header "Content-Type: application/json" \--data '{ "description": "My updated phase entry point"}'{ "result": { "id": "<RULESET_ID>", "name": "Zone entry point", "description": "My updated phase entry point", "kind": "zone", "version": "4", "rules": [ // (...) ], "last_updated": "2023-03-30T10:49:11.006109Z", "phase": "http_request_firewall_managed" }, "success": true, "errors": [], "messages": []}