Document toolboxDocument toolbox

Cloudflare

Owned by Jonas Gonzalez
Last updated: Nov 29, 2024
7 min read
[ 1 Connecting with Cloudflare with Devo SOAR ] [ 2 Actions for Cloudflare ] [ 2.1 Create Firewall Access Rule ] [ 2.1.1 Input Field ] [ 2.1.2 Output ] [ 2.2 Edit Firewall Access Rule ] [ 2.2.1 Input Field ] [ 2.2.2 Output ] [ 2.3 List of All Firewall Rules - Advanced ] [ 2.3.1 Input Field ] [ 2.3.2 Output ] [ 2.4 Update Individual Firewall Rule - Advanced ] [ 2.4.1 Input Field ] [ 2.4.2 Output ] [ 3 Release Notes ]

Cloudflare provides content delivery network services, DDoS mitigation, Internet security, and distributed domain name server services.

🚧 Cloudflare Ver: 3.1.2

Existing Cloudflare Ver: 3.1.2 with ID: logichub.cloudflare has been deprecated.

👍 Cloudflare Ver: 1.0.5

Latest Cloudflare Ver: 1.0.5 with ID: logichub.cloudflare_v2 has been introduced.

Connecting with Cloudflare with Devo SOAR

  1. Navigate to Automations > Integrations.

  2. Search for Cloudflare.

  3. Click Details, then the + icon. Enter the required information in the following fields.

  4. Label: Enter a connection name.

  5. Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.

  6. Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).

  7. Remote Agent: Run this integration using the Devo SOAR Remote Agent.

  8. API Token: API token to connect to Cloudflare. Either provide only the API Token or EmailID and Authentication Key both..

  9. Email ID: Email ID to connect to Cloudflare. Either provide only the API Token or EmailID and Authentication Key both.

  10. Authentication Key: Authentication Key to connect to Cloudflare. Either provide only the API Token or EmailID and Authentication Key both.

  11. After you've entered all the details, click Connect.

Actions for Cloudflare

Create Firewall Access Rule

Action let's user to create a firewall access rule for any Cloudflare level.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Value

Jinja-template text containing value for rule.

 

Example: {{column_value}}.

Required

 

Level

Select a level for access rule (Default is User).

Optional

Account or Zone ID

Jinja-template text containing account or zone id, required when 'Level' is selected Account or Zone. Example: {{id_column_value}}.

Optional

Output

A JSON object containing multiple rows of result:

  • has_error: True/False

  • error: message/null

  • result:Access Rule Details

``` {json}{ "result": { "id": "e26f9b58abdb09c3b415a803ee0", "paused": false, "modified_on": "2021-03-23T23:48:01.354331939Z", "allowed_modes": [ "whitelist", "block", "challenge", "js_challenge" ], "mode": "challenge", "notes": "", "configuration": { "target": "ip", "value": "124.181.0.11" }, "scope": { "id": "eefc5aceb221de0539ac14cb246d13", "email": "1234@gmail.com", "type": "user" }, "created_on": "2021-03-23T23:48:01.354331939Z" }, "success": true, "errors": [], "messages": [], "error": null, "has_error": false }

## List Firewall Access Rule Action let's user to search for specific firewall access rules based upon criteria, or return all. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :----------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------ | :------- | | Level | Select a level for access rule (Default is User). | Optional | | Account or Zone ID | Jinja-templated text containing account or zone id, required when 'Level' is selected Account or Zone. Example: {{id_column_value}}. | Optional | | Match | Select a value for match to determine whether to match all search requirements or at least one (Default is all). | Optional | | Mode | Select a mode for rule (Default is All). | Optional | | Target | Select a target for rule (Default is All). | Optional | | Value | [Jinja-templated](doc:jinja-template) text containing value for rule. Example: {{column_value}}. | Required | | Notes | [Jinja-templated](doc:jinja-template) text containing note about the rule. Typically used as a reminder or explanation for the rule. Example: This is a note. | Required | ### Output A JSON object containing multiple rows of result:   _ has_error: True/False   _ error: message/null   \* result: List of Access Rules. ``` {json}{ "allowed_modes": [ "whitelist", "block", "challenge", "js_challenge" ], "configuration": { "target": "ip", "value": "1.1.1.1" }, "created_on": "2021-03-23T10:15:53.140773943Z", "error": null, "has_error": false, "id": "7a20296c64a24be41ea550f940290", "mode": "challenge", "modified_on": "2021-03-23T10:15:53.107415Z", "notes": "comment only _test_1 ", "paused": false, "scope": { "id": "4f2444479f5af6b063efa6ad1e6a2", "name": "t.com", "type": "zone" } }

Edit Firewall Access Rule

Action let's user to update mode or note for a firewall access rule.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Rule ID

Jinja-templated text containing rule id. Example: {{id_column_value}}.

 

Level

Select a level for access rule (Default is User).

 

Account or Zone ID

Jinja-templated text containing account or zone id, required when 'Level' is selected Account or Zone. Example: {{id_column_value}}.

 

Mode

Select a mode for rule (Default is All).

 

Notes

Jinja-templated text containing note about the rule. Typically used as a reminder or explanation for the rule. Example: This is a note.

 

Output

A JSON object containing multiple rows of result:
  _ has_error: True/False
  _ error: message/null
  * result: Access Rule Details.

``` {json}{ "result": { "id": "e26f9b58abd0b09c3b415a803ee0", "paused": false, "modified_on": "2021-03-23T23:48:01.317808Z", "allowed_modes": [ "whitelist", "block", "challenge", "js_challenge" ], "mode": "block", "notes": "Test", "configuration": { "target": "ip", "value": "1.11.1.11" }, "scope": { "id": "eefc5acee21de0539ac14cb246d13", "email": "1234@gmail.com", "type": "user" }, "created_on": "2021-03-23T23:48:01.354331939Z" }, "success": true, "errors": [], "messages": [], "error": null, "has_error": false }

## Delete Firewall Access Rule Action let's user to delete an existing firewall access rule. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :----------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------- | :------- | | Rule ID | [Jinja-templated](doc:jinja-template) text containing rule id. Example: {{id_column_value}}. | Required | | Level | Select a level for access rule (Default is User). | Optional | | Account or Zone ID | [Jinja-templated](doc:jinja-template) text containing account or zone id, required when 'Level' is selected Account or Zone. Example: {{id_column_value}}. | Optional |   ### Output A JSON object containing multiple rows of result:   _ has_error: True/False   _ error: message/null   \* result: Access Rule ID. ``` {json}{ "result": { "id": "abebb9a473a299be1e" }, "success": true, "errors": [], "messages": [], "error": null, "has_error": false }

List of All Firewall Rules - Advanced

Action let's user to get a list of all the firewall rules currently defined.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Zone Identifier

Jinja-templated text containing the value for zone identifier. Example: {{zone_identifier_column_value}}.

Required

Firewall Rule ID

Jinja-templated text containing the value for firewall rule id. Example: {{firewall_rule_id_column_value}}.

Optional

Description

Jinja-templated text containing the value for description. Example: {{description_column_value}}.

Optional

Action

Select a value for action (Default is all).

Optional

Paused

Select a value for paused (Default is all).

Optional

Output

A JSON object containing multiple rows of result:
  _ has_error: True/False
  _ error: message/null
  * result: List Of Firewall Rules

``` {json}{ "action": "block", "created_on": "2021-03-23T15:40:58Z", "description": "Test", "error": null, "filter": { "expression": "(ip.src eq 88.218.17.252)", "id": "f0d1ef3e45eb530d687b522b9d0", "paused": false }, "has_error": false, "id": "c5d6bb612c8cd14d0addac1ea4", "modified_on": "2021-04-01T10:08:42Z", "paused": true, "priority": 10, "ref": "Test" }

## Get Individual Firewall Rule - Advanced Action let's user to retrieve the properties of an individual firewall rule. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :--------------- | :-------------------------------------------------------------------------------------------------------------------------------- | :------- | | Zone Identifier | [Jinja-templated](doc:jinja-template) text containing the value for zone identifier. Example: {{zone_identifier_column_value}}. | Required | | Firewall Rule ID | [Jinja-templated](doc:jinja-template) text containing the value for firewall rule id. Example: {{firewall_rule_id_column_value}}. | Required |   ### Output A JSON object containing multiple rows of result:   _ has_error: True/False   _ error: message/null   \* result: Firewall Rule ``` {json}{ "result": { "id": "c5d6bb647bc84d0addac1ea4", "paused": true, "description": "Test", "action": "block", "ref": "Test", "priority": 10, "filter": { "id": "f0d1ef3e45fb530d687b522b9d0", "expression": "(ip.src eq 1.1.1.1)", "paused": false }, "created_on": "2021-03-23T15:40:58Z", "modified_on": "2021-04-01T10:08:42Z" }, "error": null, "has_error": false }

Update Individual Firewall Rule - Advanced

Action let's user to update an individual existing firewall rule.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Zone Identifier

Jinja-templated text containing the value for zone identifier. Example: {{zone_identifier_column_value}}.

Required

Firewall Rule ID

Jinja-templated text containing the value for firewall rule id. Example: {{firewall_rule_id_column_value}}.

Required

Action

Select a value for action.

Required

Filter-ID

Jinja-templated text containing the value for filter-id. Example: {{filter_id_column_value}}.

Optional

Filter-Expression

Jinja-templated text containing the value for filter-expression. Example: {{filter_expression_column_value}}.

Optional

Filter-Paused

Select a value for filter-paused (Default is all).

Optional

Filter-Description

Jinja-templated text containing the value for filter-description. Example:{{filter_description_column_value}}.

Optional

Filter-Ref

Jinja-templated text containing the value for filter-ref. Example: {{filter_ref_column_value}}.

Optional

Advanced Filter JSON

Jinja-templated text containing the value for advanced filter in JSON object with the following properties. Example: { "id": {{id_column_value}}, "expression": "{{expression_column_value}}", "paused": false, "description": "Restrict access", "ref": "FIL-100" }.

Optional

Products

Select a value for products.

Optional

Priority

Jinja-templated text containing the value for priority. Example: {{priority_column_value}}.

Optional

Paused

Jinja-templated text containing the value for paused. Example: {{paused_column_value}}.

Optional

Description

Jinja-templated text containing the value for description. Example: {{description_column_value}}.

Optional

Ref

Jinja-templated text containing the value for ref. Example: {{ref_column_value}}.

Optional

Output

A JSON object containing multiple rows of result:
  _ has_error: True/False
  _ error: message/null
  * result: Firewall Rule

{json}{ "result": { "id": "ba85e052b8684cfd6917", "paused": true, "description": "Test Description", "action": "block", "filter": { "id": "e260cc5533a704a5bbfba97", "expression": "(http.reqpath ~ \".*wp-\" or http.req ~ \".*xmlrjc.php\") and ip.addr ne 1.1.1.1", "paused": false, "description": "Restrict access from these browsers on this address range.", "ref": "test" }, "created_on": "2021-04-01T10:44:44Z", "modified_on": "2021-04-01T12:32:39Z", "index": 3 }, "error": null, "has_error": false }

Release Notes

  • v2.0.0 - Updated architecture to support IO via filesystem