update skills

2026-03-21 18:11:27 -07:00 · 2026-03-17 16:53:22 -07:00
parent 0b0783ef8e
commit f9a530667e
389 changed files with 54512 additions and 1 deletions
--- a/.agents/skills/cloudflare-deploy/references/ddos/api.md
+++ b/.agents/skills/cloudflare-deploy/references/ddos/api.md
@@ -0,0 +1,164 @@
+# DDoS API
+
+## Endpoints
+
+### HTTP DDoS (L7)
+
+```typescript
+// Zone-level
+PUT /zones/{zoneId}/rulesets/phases/ddos_l7/entrypoint
+GET /zones/{zoneId}/rulesets/phases/ddos_l7/entrypoint
+
+// Account-level (Enterprise Advanced)
+PUT /accounts/{accountId}/rulesets/phases/ddos_l7/entrypoint
+GET /accounts/{accountId}/rulesets/phases/ddos_l7/entrypoint
+```
+
+### Network DDoS (L3/4)
+
+```typescript
+// Account-level only
+PUT /accounts/{accountId}/rulesets/phases/ddos_l4/entrypoint
+GET /accounts/{accountId}/rulesets/phases/ddos_l4/entrypoint
+```
+
+## TypeScript SDK
+
+**SDK Version**: Requires `cloudflare` >= 3.0.0 for ruleset phase methods.
+
+```typescript
+import Cloudflare from "cloudflare";
+
+const client = new Cloudflare({ apiToken: process.env.CLOUDFLARE_API_TOKEN });
+
+// STEP 1: Discover managed ruleset ID (required for overrides)
+const allRulesets = await client.rulesets.list({ zone_id: zoneId });
+const ddosRuleset = allRulesets.result.find(
+  (r) => r.kind === "managed" && r.phase === "ddos_l7"
+);
+if (!ddosRuleset) throw new Error("DDoS managed ruleset not found");
+const managedRulesetId = ddosRuleset.id;
+
+// STEP 2: Get current HTTP DDoS configuration
+const entrypointRuleset = await client.zones.rulesets.phases.entrypoint.get("ddos_l7", {
+  zone_id: zoneId,
+});
+
+// STEP 3: Update HTTP DDoS ruleset with overrides
+await client.zones.rulesets.phases.entrypoint.update("ddos_l7", {
+  zone_id: zoneId,
+  rules: [
+    {
+      action: "execute",
+      expression: "true",
+      action_parameters: {
+        id: managedRulesetId, // From discovery step
+        overrides: {
+          sensitivity_level: "medium",
+          action: "managed_challenge",
+        },
+      },
+    },
+  ],
+});
+
+// Network DDoS (account level, L3/4)
+const l4Rulesets = await client.rulesets.list({ account_id: accountId });
+const l4DdosRuleset = l4Rulesets.result.find(
+  (r) => r.kind === "managed" && r.phase === "ddos_l4"
+);
+const l4Ruleset = await client.accounts.rulesets.phases.entrypoint.get("ddos_l4", {
+  account_id: accountId,
+});
+```
+
+## Alert Configuration
+
+```typescript
+interface DDoSAlertConfig {
+  name: string;
+  enabled: boolean;
+  alert_type: "http_ddos_attack_alert" | "layer_3_4_ddos_attack_alert" 
+    | "advanced_http_ddos_attack_alert" | "advanced_layer_3_4_ddos_attack_alert";
+  filters?: {
+    zones?: string[];
+    hostnames?: string[];
+    requests_per_second?: number;
+    packets_per_second?: number;
+    megabits_per_second?: number;
+    ip_prefixes?: string[]; // CIDR
+    ip_addresses?: string[];
+    protocols?: string[];
+  };
+  mechanisms: {
+    email?: Array<{ id: string }>;
+    webhooks?: Array<{ id: string }>;
+    pagerduty?: Array<{ id: string }>;
+  };
+}
+
+// Create alert
+await fetch(
+  `https://api.cloudflare.com/client/v4/accounts/${accountId}/alerting/v3/policies`,
+  {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiToken}`,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify(alertConfig),
+  }
+);
+```
+
+## Typed Override Examples
+
+```typescript
+// Override by category
+interface CategoryOverride {
+  action: "execute";
+  expression: string;
+  action_parameters: {
+    id: string;
+    overrides: {
+      categories?: Array<{
+        category: "http-flood" | "http-anomaly" | "udp-flood" | "syn-flood";
+        sensitivity_level?: "default" | "medium" | "low" | "eoff";
+        action?: "block" | "managed_challenge" | "challenge" | "log";
+      }>;
+    };
+  };
+}
+
+// Override by rule ID
+interface RuleOverride {
+  action: "execute";
+  expression: string;
+  action_parameters: {
+    id: string;
+    overrides: {
+      rules?: Array<{
+        id: string;
+        action?: "block" | "managed_challenge" | "challenge" | "log";
+        sensitivity_level?: "default" | "medium" | "low" | "eoff";
+      }>;
+    };
+  };
+}
+
+// Example: Override specific adaptive rule
+const adaptiveOverride: RuleOverride = {
+  action: "execute",
+  expression: "true",
+  action_parameters: {
+    id: managedRulesetId,
+    overrides: {
+      rules: [
+        { id: "...adaptive-origins-rule-id...", sensitivity_level: "low" },
+      ],
+    },
+  },
+};
+```
+
+See [patterns.md](./patterns.md) for complete implementation patterns.