Terraform ruleset configuration fails

dave_barnum · May 10, 2023, 6:13pm

Trying the resource “cloudflare_ruleset” “zone_level_managed_waf” from https://developers.cloudflare.com/terraform/additional-configurations/waf-managed-rulesets/#deploy- and I get the following error

Error: failed to create ruleset "http_request_firewall_managed"
│
│   with cloudflare_ruleset.zone_level_managed_waf,
│   on waf_managed_ruleset.tf line 42, in resource "cloudflare_ruleset" "zone_level_managed_waf":
│   42: resource "cloudflare_ruleset" "zone_level_managed_waf" {
│
│ A similar configuration with rules already exists and overwriting will have
│ unintended consequences. If you are migrating from the Dashboard, you will
│ need to first remove the existing rules otherwise you can remove the
│ existing phase yourself using the API.

I don’t really have other rulesets in place. In the dashboard, I only have two managed rulesets. Cloudflare Managed Ruleset and Cloudflare OWASP Core Ruleset. These are both Global defaults. Do I need to delete these just to create a ruleset?

dave_barnum · May 10, 2023, 6:27pm

I did have to delete the global rulesets. I was afraid to do so, but this turns them back into ‘deployable’ options, so no harm. Then I was able to add them back with terraform.

daltro.maranhao · May 12, 2023, 7:45pm

Hi Dave. I’m facing the same issue. When i try to delete i got the answer: could not find ruleset efb7b8c949ac4650a09736fc376e9aee"

What is the curl command to delete?

curl -X GET “xxx/client/v4/accounts/xxxxxxxx/rulesets” -H “X-Auth-Email:xxxxxxx” -H “X-Auth-Key: xxxxx” -H “Content-Type: application/json” --ssl-no-revoke

I have only 2 global rulesets:
“result”: [
{
“id”: “xxxxxxx”,
“name”: “Cloudflare Managed Log4J Ruleset”,
“description”: “Created by the Cloudflare security team, this ruleset is designed to provide protection for free zones”,
“source”: “firewall_managed”,
“kind”: “managed”,
“version”: “51”,
“last_updated”: “2023-05-02T16:19:05.482963Z”,
“phase”: “http_request_firewall_managed”
},
{
“id”: “xxxx”,
“name”: “default”,
“description”: “”,
“kind”: “root”,
“version”: “5”,
“last_updated”: “2023-05-04T21:32:42.005342Z”,
“phase”: “http_request_redirect”
}

dave_barnum · May 16, 2023, 5:28pm

https://developers.cloudflare.com/ruleset-engine/rulesets-api/delete

Topic		Replies	Views
Is there any guide to migrate terraform resource from waf_rule to ruleset Rules	0	391	February 29, 2024
Terraform cloudflare_ruleset Getting Started	1	1470	November 22, 2022
WAF migration from WAF managed rules to the new WAF Managed Rulesets Security	1	1566	November 16, 2022
Cannot deploy new rules after migrating to the new WAF Security	10	958	June 2, 2023
Cloudflare OWASP Core Ruleset - Having an issue setting action and score threshold API	1	1608	March 22, 2023

Terraform ruleset configuration fails

Related topics