cloudflare · pedrosousa · Feb 4, 2025 · Feb 3, 2025 · Feb 4, 2025 · Feb 4, 2025
@@ -1,24 +1,25 @@
 ---
-title: DDoS managed rulesets
+title: DDoS managed rulesets configuration using Terraform
 pcx_content_type: how-to
 sidebar:
   order: 3
+  label: DDoS managed rulesets
 head:
   - tag: title
-    content: Configure DDoS managed rulesets with Terraform
+    content: DDoS managed rulesets configuration using Terraform
 ---
 
-import { Render } from "~/components";
+import { Render, RuleID } from "~/components";
 
-This page provides examples of configuring DDoS managed rulesets in your zone or account using Terraform. It covers the following configurations:
+This page provides examples of configuring [DDoS managed rulesets](/ddos-protection/managed-rulesets/) in your zone or account using Terraform. It covers the following configurations:
 
 - [Example: Configure HTTP DDoS Attack Protection](#example-configure-http-ddos-attack-protection)
 - [Example: Configure Network-layer DDoS Attack Protection](#example-configure-network-layer-ddos-attack-protection)
 - [Use case: Mitigate large HTTP DDoS attacks and monitor flagged traffic](#use-case-mitigate-large-http-ddos-attacks-and-monitor-flagged-traffic)
 
 DDoS managed rulesets are always enabled. Depending on your Cloudflare services, you may be able to adjust their behavior.
 
-For more information on DDoS managed rulesets, refer to [Managed rulesets](/ddos-protection/managed-rulesets/) in the Cloudflare DDoS Protection documentation. For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation.
+For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation.
 
 ## Before you start
 
@@ -34,7 +35,7 @@ For more information on DDoS managed rulesets, refer to [Managed rulesets](/ddos
 
 ## Example: Configure HTTP DDoS Attack Protection
 
-This example configures the [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) managed ruleset for a zone using Terraform, changing the sensitivity level of rule with ID fdfdac75430c4c47a959592f0aa5e68a to `low`.
+This example configures the [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) managed ruleset for a zone using Terraform, changing the sensitivity level of rule with ID <RuleID id="fdfdac75430c4c47a959592f0aa5e68a" /> to `low`.
 
 <Render file="v4-code-snippets" />
 
@@ -70,7 +71,7 @@ For more information about HTTP DDoS Attack Protection, refer to [HTTP DDoS Atta
 
 ## Example: Configure Network-layer DDoS Attack Protection
 
-This example configures the [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) managed ruleset for an account using Terraform, changing the sensitivity level of rule with ID 599dab0942ff4898ac1b7797e954e98b to `low` using an override.
+This example configures the [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) managed ruleset for an account using Terraform, changing the sensitivity level of rule with ID <RuleID id="599dab0942ff4898ac1b7797e954e98b" /> to `low` using an override.
 
 :::caution[Important]
 

@@ -1,18 +1,17 @@
 ---
-title: Rate limiting rules
+title: Rate limiting rules configuration using Terraform
 pcx_content_type: how-to
 sidebar:
   order: 4
+  label: Rate limiting rules
 head:
   - tag: title
-    content: Configure rate limiting rules with Terraform
+    content: Rate limiting rules configuration using Terraform
 ---
 
 import { Details, Render } from "~/components";
 
-This page provides an example of creating a rate limiting rule in a zone using Terraform.
-
-For more information on rate limiting rules, refer to [Rate limiting rules](/waf/rate-limiting-rules/) in the Cloudflare WAF documentation.
+This page provides examples of creating [rate limiting rules](/waf/rate-limiting-rules/) in a zone or account using Terraform.
 
 :::note
 
@@ -31,7 +30,7 @@ For more information on configuring the previous version of rate limiting rules
 
 ---
 
-## Create a rate limiting rule
+## Create a rate limiting rule at the zone level
 
 This example creates a rate limiting rule in zone with ID `<ZONE_ID>` blocking traffic that exceeds the configured rate:
 
@@ -62,14 +61,15 @@ resource "cloudflare_ruleset" "zone_rl" {
 
 <Render file="add-new-rule" params={{ one: "rate limiting rule" }} /> <br />
 
-<Details header="Account-level example configuration">
+## Create a rate limiting rule at the account level
 
-:::note[Before you start]
+:::note[Notes]
 
-- Account-level rate limiting configuration requires an Enterprise plan with a paid add-on.
+- [Account-level rate limiting configuration](/waf/account/) requires an Enterprise plan with a paid add-on.
 
 - Custom rulesets deployed at the account level will only apply to incoming traffic of zones on an Enterprise plan. The expression of your `execute` rule must end with `and cf.zone.plan eq "ENT"`.
-  :::
+
+:::
 
 This example defines a [custom ruleset](/ruleset-engine/custom-rulesets/) with a single rate limiting rule in account with ID `<ACCOUNT_ID>` that blocks traffic for the `/api/` path exceeding the configured rate. The second `cloudflare_ruleset` resource defines an `execute` rule that deploys the custom ruleset for traffic addressed at `example.com`.
 
@@ -120,7 +120,7 @@ resource "cloudflare_ruleset" "account_rl_entrypoint" {
 }
 ```
 
-</Details>
+<Render file="add-new-rule" params={{ one: "rate limiting rule" }} /> <br />
 
 ## Create an advanced rate limiting rule
 

@@ -1,22 +1,21 @@
 ---
-title: Transform Rules
+title: Transform Rules configuration using Terraform
 pcx_content_type: how-to
 sidebar:
   order: 6
+  label: Transform Rules
 head:
   - tag: title
-    content: Configure Transform Rules with Terraform
+    content: Transform Rules configuration using Terraform
 ---
 
 import { Render } from "~/components";
 
-This page provides examples of creating Transform Rules in a zone using Terraform. The examples cover the following scenarios:
+This page provides examples of creating [Transform Rules](/rules/transform/) in a zone using Terraform. The examples cover the following scenarios:
 
 - [Create a Rewrite URL Rule](#create-a-rewrite-url-rule)
 - [Create an HTTP Request Header Modification Rule](#create-an-http-request-header-modification-rule)
 
-For more information on Transform Rules, refer to [Transform Rules](/rules/transform/).
-
 ## Before you start
 
 ### Obtain the necessary account or zone IDs

@@ -1,16 +1,17 @@
 ---
-title: WAF custom rules
+title: WAF custom rules configuration using Terraform
 pcx_content_type: how-to
 sidebar:
   order: 5
+  label: WAF custom rules
 head:
   - tag: title
-    content: Configure WAF custom rules with Terraform
+    content: WAF custom rules configuration using Terraform
 ---
 
 import { Render, GlossaryTooltip } from "~/components";
 
-This page provides examples of creating WAF custom rules in a zone or account using Terraform. The examples cover the following scenarios:
+This page provides examples of creating [WAF custom rules](/waf/custom-rules/) in a zone or account using Terraform. The examples cover the following scenarios:
 
 - Zone-level configurations:
   - [Add a custom rule to a zone](#add-a-custom-rule-to-a-zone)
@@ -20,8 +21,6 @@ This page provides examples of creating WAF custom rules in a zone or account us
   - [Create and deploy a custom ruleset](#create-and-deploy-a-custom-ruleset)
   - [Add a custom rule checking for exposed credentials](#add-a-custom-rule-checking-for-exposed-credentials)
 
-For more information on custom rules, refer to [Custom rules](/waf/custom-rules/) in the Cloudflare WAF documentation.
-
 ## Before you start
 
 ### Obtain the necessary account or zone IDs

@@ -1,38 +1,42 @@
 ---
-title: WAF Managed Rules
+title: WAF Managed Rules configuration using Terraform
 pcx_content_type: how-to
 sidebar:
   order: 2
+  label: WAF Managed Rules
 head:
   - tag: title
-    content: Configure WAF Managed Rules with Terraform
+    content: WAF Managed Rules configuration using Terraform
 ---
 
 import { Details, Render, RuleID } from "~/components";
 
-This page provides examples of deploying and configuring WAF Managed Rules in your zone or account using Terraform. It covers the following configurations:
+This page provides examples of deploying and configuring [WAF Managed Rules](/waf/managed-rules/) in your zone or account using Terraform. It covers the following configurations:
 
-- [Deploy managed rulesets](#deploy-managed-rulesets)
+- [Deploy managed rulesets at the zone level](#deploy-managed-rulesets-at-the-zone-level)
+- [Deploy managed rulesets at the account level](#deploy-managed-rulesets-at-the-account-level)
 - [Configure skip rules](#configure-skip-rules)
 - [Configure payload logging](#configure-payload-logging)
 - [Configure overrides](#configure-overrides)
 - [Configure the OWASP paranoia level, score threshold, and action](#configure-the-owasp-paranoia-level-score-threshold-and-action)
 
-For more information on WAF Managed Rules, refer to [WAF Managed Rules](/waf/managed-rules/) in the Cloudflare WAF documentation. For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation.
+For more information on deploying and configuring rulesets using the Rulesets API, refer to [Work with managed rulesets](/ruleset-engine/managed-rulesets/) in the Ruleset Engine documentation.
 
 ## Before you start
 
 ### Obtain the necessary account, zone, and managed ruleset IDs
 
 <Render file="find-ids-managed-rulesets" />
 
+The IDs of WAF managed rulesets are also available in the [WAF Managed Rules](/waf/managed-rules/#managed-rulesets) page.
+
 ### Import or delete existing rulesets
 
 <Render file="import-delete-existing-rulesets" />
 
 ---
 
-## Deploy managed rulesets
+## Deploy managed rulesets at the zone level
 
 The following example deploys two managed rulesets to the zone with ID `<ZONE_ID>` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets.
 
@@ -71,14 +75,15 @@ resource "cloudflare_ruleset" "zone_level_managed_waf" {
 }
 ```
 
-<Details header="Account-level example configuration">
+## Deploy managed rulesets at the account level
 
-:::note[Before you start]
+:::note[Notes]
 
-- Account-level WAF configuration requires an Enterprise plan with a paid add-on.
+- [Account-level WAF configuration](/waf/account/) requires an Enterprise plan with a paid add-on.
 
 - Managed rulesets deployed at the account level will only apply to incoming traffic of zones on an Enterprise plan. The expression of your `execute` rule must end with `and cf.zone.plan eq "ENT"`.
-  :::
+
+:::
 
 The following example deploys two managed rulesets to the account with ID `<ACCOUNT_ID>` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets for two hostnames belonging to Enterprise zones.
 
@@ -116,8 +121,6 @@ resource "cloudflare_ruleset" "account_level_managed_waf" {
 }
 ```
 
-</Details>
-
 ## Configure skip rules
 
 The following example adds two [skip rules](/waf/managed-rules/waf-exceptions/) (or exceptions) for the Cloudflare Managed Ruleset:

@@ -17,3 +17,5 @@ Refer to the following pages for more information on working with custom ruleset
 
 - [Work with custom rulesets in the dashboard](/waf/account/custom-rulesets/create-dashboard/)
 - [Work with custom rulesets using the API](/waf/account/custom-rulesets/create-api/)
+
+For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/#create-and-deploy-a-custom-ruleset).
@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Use Terraform
+external_link: /terraform/additional-configurations/waf-custom-rules/#create-and-deploy-a-custom-ruleset
+sidebar:
+  order: 4
+---
@@ -3,5 +3,5 @@ pcx_content_type: navigation
 title: Create exceptions
 external_link: /waf/managed-rules/waf-exceptions/
 sidebar:
-  order: 4
+  order: 5
 ---
@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Deploy using Terraform
+external_link: /terraform/additional-configurations/waf-managed-rulesets/#deploy-managed-rulesets-at-the-account-level
+sidebar:
+  order: 4
+---
@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Create a rate limiting ruleset via API
 sidebar:
-  order: 15
+  order: 16
   label: Create via API
 head:
   - tag: title

@@ -21,3 +21,5 @@ For instructions on creating and deploying a rate limiting ruleset, refer to the
 
 - [Create a rate limiting ruleset in the dashboard](/waf/account/rate-limiting-rulesets/create-dashboard/)
 - [Create a rate limiting ruleset using the API](/waf/account/rate-limiting-rulesets/create-api/)
+
+For Terraform examples, refer to [Rate limiting rules configuration using Terraform](/terraform/additional-configurations/rate-limiting-rules/).
@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Create using Terraform
+external_link: /terraform/additional-configurations/rate-limiting-rules/#create-a-rate-limiting-rule
+sidebar:
+  order: 17
+---
@@ -25,3 +25,5 @@ To define sets of custom rules that apply to more than one zone, use [custom rul
 To create custom rules using the Cloudflare dashboard, refer to [Create custom rules in the dashboard](/waf/custom-rules/create-dashboard/).
 
 You can also create custom rules using the [Rulesets API](/ruleset-engine/rulesets-api/). Refer to [Create custom rules via API](/waf/custom-rules/create-api/) for more information.
+
+For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/).
@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Create using Terraform
+external_link: /terraform/additional-configurations/waf-custom-rules/
+sidebar:
+  order: 4
+---
@@ -3,5 +3,5 @@ pcx_content_type: navigation
 title: Custom rulesets
 external_link: /waf/account/custom-rulesets/
 sidebar:
-  order: 6
+  order: 7
 ---
@@ -2,7 +2,7 @@
 title: Configure a rule with the Skip action
 pcx_content_type: how-to
 sidebar:
-  order: 4
+  order: 5
 head:
   - tag: title
     content: Configure a custom rule with the Skip action

@@ -2,7 +2,7 @@
 pcx_content_type: navigation
 title: Common use cases
 sidebar:
-  order: 5
+  order: 6
   group:
     hideIndex: true
 head:

@@ -2,7 +2,7 @@
 pcx_content_type: configuration
 title: Deploy a WAF managed ruleset via API
 sidebar:
-  order: 3
+  order: 2
   label: Deploy via API
 head:
   - tag: title

@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Deploy using Terraform
+external_link: /terraform/additional-configurations/waf-managed-rulesets/
+sidebar:
+  order: 3
+---
@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Create a rate limiting rule via API
 sidebar:
-  order: 16
+  order: 15
   label: Create via API
 head:
   - tag: title

@@ -43,6 +43,8 @@ Refer to the following resources:
 - [Create a rate limiting rule in the dashboard for a zone](/waf/rate-limiting-rules/create-zone-dashboard/)
 - [Create a rate limiting rule via API for a zone](/waf/rate-limiting-rules/create-api/)
 
+For Terraform examples, refer to [Rate limiting rules configuration using Terraform](/terraform/additional-configurations/rate-limiting-rules/).
+
 ---
 
 ## Related resources

@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Create using Terraform
+external_link: /terraform/additional-configurations/rate-limiting-rules/
+sidebar:
+  order: 16
+---
@@ -416,7 +416,7 @@ For more information, refer to the following resources:
 
 ### Configuring the new WAF Managed Rules using Terraform
 
-Instead of using the previous resources for managing WAF packages, rule groups, and rules, you must now use the [`cloudflare_ruleset`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/ruleset) Terraform resource to configure WAF Managed Rules. For configuration examples, refer to [Configure WAF Managed Rules](/terraform/additional-configurations/waf-managed-rulesets/).
+Instead of using the previous resources for managing WAF packages, rule groups, and rules, you must now use the [`cloudflare_ruleset`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/ruleset) Terraform resource to configure WAF Managed Rules. For configuration examples, refer to [WAF Managed Rules configuration using Terraform](/terraform/additional-configurations/waf-managed-rulesets/).
 
 #### Replace your configuration using `cf-terraforming`
Original file line number	Diff line number	Diff line change
Expand Up		@@ -17,3 +17,5 @@ Refer to the following pages for more information on working with custom ruleset

		- [Work with custom rulesets in the dashboard](/waf/account/custom-rulesets/create-dashboard/)
		- [Work with custom rulesets using the API](/waf/account/custom-rulesets/create-api/)

		For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/#create-and-deploy-a-custom-ruleset).
Original file line number	Diff line number	Diff line change
Expand Up		@@ -21,3 +21,5 @@ For instructions on creating and deploying a rate limiting ruleset, refer to the

		- [Create a rate limiting ruleset in the dashboard](/waf/account/rate-limiting-rulesets/create-dashboard/)
		- [Create a rate limiting ruleset using the API](/waf/account/rate-limiting-rulesets/create-api/)

		For Terraform examples, refer to [Rate limiting rules configuration using Terraform](/terraform/additional-configurations/rate-limiting-rules/).
Original file line number	Diff line number	Diff line change
Expand Up		@@ -25,3 +25,5 @@ To define sets of custom rules that apply to more than one zone, use [custom rul
		To create custom rules using the Cloudflare dashboard, refer to [Create custom rules in the dashboard](/waf/custom-rules/create-dashboard/).

		You can also create custom rules using the [Rulesets API](/ruleset-engine/rulesets-api/). Refer to [Create custom rules via API](/waf/custom-rules/create-api/) for more information.

		For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/).