Updating WAF rules

I have 58 accounts with 5 WAF rules, and I want to completely redo all of them.

Is it easiest / best to delete the ruleset, then create a new ruleset and 5 new rules?

Apparently that doesn’t work :frowning: From the docs:

You cannot delete a ruleset that is still referenced in other rules. For example, you cannot delete a custom ruleset that is being deployed in a rule with `execute` action.

To delete the ruleset, update or delete any rules that reference the ruleset and try again.

So I guess I have to delete all of the rules one at a time, then re-insert the updated ones. Which would be fine, except I can’t figure out how to get the rule ID! The docs give no info on this:

It looks like I can list all of the rules with this:

But there’s no information on how to get the “package_id”.


So I guess today’s question is, how do I get the package ID?

Is there an easier way to delete all of the WAF rules so that I can re-insert new ones?

Do you mean the old WAF or the new WAF ruleset?

I can create a new ruleset or rule, no problem. The issue I’m having is in deleting the old.

I’m really not concerned with HOW it’s done, I just need to update 5 rules across 58 sites; eg, 290 rules :open_mouth: I started to do it manually through the dashboard, but after 2 days I only have 8 sites done! And my real concern is that in the future I’ll want to update them all again.

I WISH that there was an option to create rules for the entire account, instead of having to do them all individually.

You can list all the rules sets for a zone then list all the rules in a ruleset and then delete each rule. Personally, for multiple accounts, I would look at something like Terraform. It won’t help delete the existing rules but a lot easier to rules across accounts.