Cloudflare/firewall
@swamp/cloudflare/firewallv2026.05.29.1
01README
Cloudflare firewall infrastructure models
02Release Notes
- Updated: rules
- Updated: lockdowns
- Updated: ua_rules
- Updated: overrides
- Updated: rate_limits
03Models
@swamp/cloudflare/firewall/lockdownsv2026.05.29.1lockdowns.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| zone_id | string | Cloudflare zone ID |
| configurations | array | A list of IP addresses or CIDR ranges that will be allowed to access the URLs specified in the Zone Lockdown rule. You can include any number of `ip` or `ip_range` configurations. |
| urls | array | The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. |
| description? | string | An informative summary of the rule. This value is sanitized and any tags will be removed. |
| paused? | boolean | When true, indicates that the rule is currently paused. |
| priority? | number | The priority of the rule to control the processing order. A lower number indicates higher priority. If not provided, any rules with a configured priority will be processed before rules without a priority. |
| apiToken? | string | Cloudflare API token; overrides the CLOUDFLARE_API_TOKEN environment variable. Wire with a vault.get(...) expression to source it from a vault. |
| apiKey? | string | Cloudflare API key for the legacy key+email auth path; overrides the CLOUDFLARE_API_KEY environment variable. Wire with a vault.get(...) expression. Requires email. |
| email? | string | Cloudflare account email for the legacy key+email auth path; overrides the CLOUDFLARE_EMAIL environment variable. Requires apiKey. |
fn create()
Create a Lockdowns
fn get(id: string)
Get a Lockdowns
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Lockdowns |
fn update()
Update Lockdowns attributes
fn delete(id: string)
Delete the Lockdowns
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Lockdowns |
fn sync()
Sync Lockdowns state from Cloudflare
Resources
state(infinite)— Lockdowns resource state
@swamp/cloudflare/firewall/overridesv2026.05.29.1overrides.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| zone_id | string | Cloudflare zone ID |
| name | string | Instance name for this resource (used as the unique identifier in the factory pattern) |
| id? | string | Defines an identifier. |
| rewrite_action? | object | Specifies that, when a WAF rule matches, its configured action will be replaced by the action configured in this object. |
| rules? | record | An object that allows you to override the action of specific WAF rules. Each key of this object must be the ID of a WAF rule, and each value must be a valid WAF action. Unless you are disabling a rule, ensure that you also enable the rule group that this WAF rule belongs to. When creating a new URI-based WAF override, you must provide a `groups` object or a `rules` object. |
| urls | array | The URLs to include in the current WAF override. You can use wildcards. Each entered URL will be escaped before use, which means you can only use simple wildcard patterns. |
| apiToken? | string | Cloudflare API token; overrides the CLOUDFLARE_API_TOKEN environment variable. Wire with a vault.get(...) expression to source it from a vault. |
| apiKey? | string | Cloudflare API key for the legacy key+email auth path; overrides the CLOUDFLARE_API_KEY environment variable. Wire with a vault.get(...) expression. Requires email. |
| email? | string | Cloudflare account email for the legacy key+email auth path; overrides the CLOUDFLARE_EMAIL environment variable. Requires apiKey. |
fn create()
Create a Overrides
fn get(id: string)
Get a Overrides
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Overrides |
fn update()
Update Overrides attributes
fn delete(id: string)
Delete the Overrides
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Overrides |
fn sync()
Sync Overrides state from Cloudflare
Resources
state(infinite)— Overrides resource state
@swamp/cloudflare/firewall/rate-limitsv2026.05.29.1rate_limits.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| zone_id | string | Cloudflare zone ID |
| name | string | Instance name for this resource (used as the unique identifier in the factory pattern) |
| action | object | |
| match | object | |
| period | number | The time in seconds (an integer value) to count matching traffic. If the count exceeds the configured threshold within this period, Cloudflare will perform the configured action. |
| threshold | number | The threshold that will trigger the configured mitigation action. Configure this value along with the `period` property to establish a threshold per period. |
| apiToken? | string | Cloudflare API token; overrides the CLOUDFLARE_API_TOKEN environment variable. Wire with a vault.get(...) expression to source it from a vault. |
| apiKey? | string | Cloudflare API key for the legacy key+email auth path; overrides the CLOUDFLARE_API_KEY environment variable. Wire with a vault.get(...) expression. Requires email. |
| email? | string | Cloudflare account email for the legacy key+email auth path; overrides the CLOUDFLARE_EMAIL environment variable. Requires apiKey. |
fn create()
Create a Rate Limits
fn get(id: string)
Get a Rate Limits
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Rate Limits |
fn update()
Update Rate Limits attributes
fn delete(id: string)
Delete the Rate Limits
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Rate Limits |
fn sync()
Sync Rate Limits state from Cloudflare
Resources
state(infinite)— Rate Limits resource state
@swamp/cloudflare/firewall/rulesv2026.05.29.1rules.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| account_id? | string | Cloudflare account ID (provide account_id or zone_id) |
| zone_id? | string | Cloudflare zone ID (provide account_id or zone_id) |
| name | string | Instance name for this resource (used as the unique identifier in the factory pattern) |
| allowed_modes? | array | The available actions that a rule can apply to a matched request. |
| configuration | object | |
| created_on? | string | The timestamp of when the rule was created. |
| id? | string | The unique identifier of the IP Access rule. |
| mode | enum | The action to apply to a matched request. |
| modified_on? | string | The timestamp of when the rule was last modified. |
| notes? | string | An informative summary of the rule, typically used as a reminder or explanation. |
| scope? | object | All zones owned by the user will have the rule applied. |
| apiToken? | string | Cloudflare API token; overrides the CLOUDFLARE_API_TOKEN environment variable. Wire with a vault.get(...) expression to source it from a vault. |
| apiKey? | string | Cloudflare API key for the legacy key+email auth path; overrides the CLOUDFLARE_API_KEY environment variable. Wire with a vault.get(...) expression. Requires email. |
| email? | string | Cloudflare account email for the legacy key+email auth path; overrides the CLOUDFLARE_EMAIL environment variable. Requires apiKey. |
fn create()
Create a Rules
fn get(id: string)
Get a Rules
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Rules |
fn update()
Update Rules attributes
fn delete(id: string)
Delete the Rules
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Rules |
fn sync()
Sync Rules state from Cloudflare
Resources
state(infinite)— Rules resource state
@swamp/cloudflare/firewall/ua-rulesv2026.05.29.1ua_rules.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| zone_id | string | Cloudflare zone ID |
| configuration | object | |
| description? | string | An informative summary of the rule. This value is sanitized and any tags will be removed. |
| id? | string | The unique identifier of the resource. |
| mode | enum | The action to apply to a matched request. |
| paused? | boolean | When true, indicates that the rule is currently paused. |
| apiToken? | string | Cloudflare API token; overrides the CLOUDFLARE_API_TOKEN environment variable. Wire with a vault.get(...) expression to source it from a vault. |
| apiKey? | string | Cloudflare API key for the legacy key+email auth path; overrides the CLOUDFLARE_API_KEY environment variable. Wire with a vault.get(...) expression. Requires email. |
| email? | string | Cloudflare account email for the legacy key+email auth path; overrides the CLOUDFLARE_EMAIL environment variable. Requires apiKey. |
fn create()
Create a Ua Rules
fn get(id: string)
Get a Ua Rules
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Ua Rules |
fn update()
Update Ua Rules attributes
fn delete(id: string)
Delete the Ua Rules
| Argument | Type | Description |
|---|---|---|
| id | string | The ID of the Ua Rules |
fn sync()
Sync Ua Rules state from Cloudflare
Resources
state(infinite)— Ua Rules resource state
04Previous Versions
2026.05.22.1May 22, 2026
- Added: rules
- Added: lockdowns
- Added: ua_rules
- Added: overrides
- Added: rate_limits
05Stats
A
100 / 100
Downloads
0
Archive size
20.1 KB
Verified by Swamp
- Has README or module doc2/2earned
- README has a code example1/1earned
- README is substantive1/1earned
- Most symbols documented1/1earned
- No slow types1/1earned
- Dependencies pass trust audit2/2earned
- Has description1/1earned
- Platform support declared (or universal)2/2earned
- License declared1/1earned
- Verified public repository2/2earned
06Platforms
07Labels