kgess-mirror/terraform-provider-cloudflare
1
0
Fork 0
mirror of https://github.com/cloudflare/terraform-provider-cloudflare.git synced 2026-01-11 19:56:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: various codegen changes

Browse source
This commit is contained in:
stainless-app[bot] 2025-02-13 01:17:37 +00:00
parent 1dbf5b4616
commit d91aee1ef6
591 changed files with 13076 additions and 1835 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/ci.yml vendored
View file

@ -10,10 +10,7 @@ on:
jobs:
lint:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -27,10 +24,9 @@ jobs:
- name: Run lints
run: ./scripts/lint
test:
name: test
runs-on: ubuntu-latest
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -43,4 +39,4 @@ jobs:
run: ./scripts/bootstrap
- name: Run tests
run: ./scripts/test
run: ./scripts/test

16
.github/workflows/release.yml → .github/workflows/publish-release.yml vendored
View file

@ -1,4 +1,12 @@
name: Release
---
name: Publish Release
permissions:
contents: write
concurrency:
group: publish
on:
push:
tags:
@ -10,8 +18,8 @@ jobs:
- name: Cleanup unused directories and tools
run: |
df -h /
sudo apt-get remove -y '^aspnetcore-.*' '^dotnet-.*' '^llvm-.*' 'php.*' '^mongodb-.*' '^mysql-.*' azure-cli google-chrome-stable firefox powershell mono-devel google-cloud-sdk google-cloud-cli microsoft-edge-stable snapd --fix-missing
sudo apt-get autoremove -y
sudo apt-get remove -y '^aspnetcore-.*' '^dotnet-.*' '^llvm-.*' 'php.*' '^mongodb-.*' '^mysql-.*' azure-cli google-chrome-stable firefox powershell mono-devel google-cloud-sdk google-cloud-cli microsoft-edge-stable snapd --fix-missing
sudo apt-get autoremove -y
sudo apt-get clean
sudo docker image prune --all --force
sudo rm -rf \
@ -27,7 +35,7 @@ jobs:
/usr/local/share/chromium \
/usr/local/share/powershell \
/usr/share/dotnet \
/usr/share/swift
/usr/share/swift
ghcup nuke
df -h /
- name: Checkout

22
.github/workflows/release-doctor.yml vendored Normal file
View file

@ -0,0 +1,22 @@
name: Release Doctor
on:
pull_request:
branches:
- main
workflow_dispatch:
jobs:
release_doctor:
name: release doctor
runs-on: ubuntu-latest
if: github.repository == 'cloudflare/terraform-provider-cloudflare' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch' || startsWith(github.head_ref, 'release-please') || github.head_ref == 'next')
steps:
- uses: actions/checkout@v4
- name: Check release environment
run: |
bash ./scripts/check-release-environment
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

18
.goreleaser.yml
View file

@ -12,18 +12,24 @@ builds:
ldflags:
- "-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}"
goos:
- freebsd
- windows
- linux
- darwin
- freebsd
- linux
- windows
goarch:
- amd64
- "386"
- amd64
- arm
- arm64
ignore:
- goos: darwin
goarch: "386"
- goarch: "386"
goos: darwin
- goarch: arm
goos: windows
- goarch: arm64
goos: freebsd
- goarch: arm64
goos: windows
binary: "{{ .ProjectName }}_v{{ .Version }}"
archives:
- formats: [ 'zip' ]

3
.grit/patterns/cloudflare_terraform_v5_attribute_renames_configuration.grit
View file

@ -127,6 +127,9 @@ pattern cloudflare_terraform_v5_attribute_renames_configuration() {
// cloudflare_tiered_cache
`cache_type = $v` as $attribute => `value = $v` where { $attribute <: within `resource "cloudflare_tiered_cache" $_ { $_ }` },
// cloudflare_dns_record
`hostname = $v` as $hostname => . where { $attribute <: within `resource "cloudflare_dns_record" $_ { $_ }` },
// cloudflare_web_analytics_site
`ruleset_id = $v` as $attribute => `ruleset = {
id = $v

2
.grit/patterns/cloudflare_terraform_v5_attribute_renames_state.grit
View file

@ -224,7 +224,7 @@ pattern cloudflare_terraform_v5_attribute_renames_state() {
$instances <: contains `"jump_start": $v` => .
}
},
// cloudflare_record
`{ "mode": "managed", "type": "$resource_type", $..., "instances":[$instances] }` where {
and {

6
.grit/patterns/cloudflare_terraform_v5_resource_renames_configuration.grit
View file

@ -27,7 +27,6 @@ pattern cloudflare_terraform_v5_resource_renames_configuration() {
`"cloudflare_dlp_custom_profile"` => `"cloudflare_zero_trust_dlp_custom_profile"`,
`"cloudflare_dlp_predefined_profile"` => `"cloudflare_zero_trust_dlp_predefined_profile"`,
`"cloudflare_dlp_profile"` => `"cloudflare_zero_trust_dlp_profile"`,
`"cloudflare_fallback_domain"` => `"cloudflare_zero_trust_local_domain_fallback"`,
`"cloudflare_gateway_app_types"` => `"cloudflare_zero_trust_gateway_app_types"`,
`"cloudflare_gre_tunnel"` => `"cloudflare_magic_wan_gre_tunnel"`,
`"cloudflare_ipsec_tunnel"` => `"cloudflare_magic_wan_ipsec_tunnel"`,
@ -42,14 +41,13 @@ pattern cloudflare_terraform_v5_resource_renames_configuration() {
`"cloudflare_teams_rule"` => `"cloudflare_zero_trust_gateway_policy"`,
`"cloudflare_tunnel"` => `"cloudflare_zero_trust_tunnel_cloudflared"`,
`"cloudflare_tunnel_config"` => `"cloudflare_zero_trust_tunnel_cloudflared_config"`,
`"cloudflare_tunnel_route"` => `"cloudflare_zero_trust_tunnel_route"`,
`"cloudflare_tunnel_virtual_network"` => `"cloudflare_zero_trust_tunnel_virtual_network"`,
`"cloudflare_tunnel_route"` => `"cloudflare_zero_trust_tunnel_cloudflared_route"`,
`"cloudflare_tunnel_virtual_network"` => `"cloudflare_zero_trust_tunnel_cloudflared_virtual_network"`,
`"cloudflare_worker_cron_trigger"` => `"cloudflare_workers_cron_trigger"`,
`"cloudflare_worker_domain"` => `"cloudflare_workers_custom_domain"`,
`"cloudflare_worker_script"` => `"cloudflare_workers_script"`,
`"cloudflare_worker_secret"` => `"cloudflare_workers_secret"`,
`"cloudflare_workers_for_platforms_namespace"` => `"cloudflare_workers_for_platforms_dispatch_namespace"`,
`"cloudflare_zone_dnssec"` => `"cloudflare_dns_zone_dnssec"`,
`"cloudflare_managed_headers"` => `"cloudflare_managed_transforms"`,
} as $old_name where {
$old_name <: within `resource $_ { $_ }`

13
.grit/patterns/cloudflare_terraform_v5_resource_renames_state.grit
View file

@ -29,7 +29,6 @@ pattern cloudflare_terraform_v5_resource_renames_state() {
`"cloudflare_dlp_profile"` => `"cloudflare_zero_trust_dlp_profile"`,
`"cloudflare_dlp_custom_profile"` => `"cloudflare_zero_trust_dlp_custom_profile"`,
`"cloudflare_dlp_predefined_profile"` => `"cloudflare_zero_trust_dlp_predefined_profile"`,
`"cloudflare_fallback_domain"` => `"cloudflare_zero_trust_local_domain_fallback"`,
`"cloudflare_risk_behavior"` => `"cloudflare_zero_trust_risk_behavior"`,
`"cloudflare_split_tunnel"` => `"cloudflare_zero_trust_split_tunnels"`,
`"cloudflare_teams_account"` => `"cloudflare_zero_trust_gateway_settings"`,
@ -39,8 +38,8 @@ pattern cloudflare_terraform_v5_resource_renames_state() {
`"cloudflare_teams_rule"` => `"cloudflare_zero_trust_gateway_policy"`,
`"cloudflare_tunnel"` => `"cloudflare_zero_trust_tunnel_cloudflared"`,
`"cloudflare_tunnel_config"` => `"cloudflare_zero_trust_tunnel_cloudflared_config"`,
`"cloudflare_tunnel_route"` => `"cloudflare_zero_trust_tunnel_route"`,
`"cloudflare_tunnel_virtual_network"` => `"cloudflare_zero_trust_tunnel_virtual_network"`,
`"cloudflare_tunnel_route"` => `"cloudflare_zero_trust_tunnel_cloudflared_route"`,
`"cloudflare_tunnel_virtual_network"` => `"cloudflare_zero_trust_tunnel_cloudflared_virtual_network"`,
// handle dependencies
`"cloudflare_access_application.$dep"` => `"cloudflare_zero_trust_access_application.$dep"`,
@ -60,17 +59,14 @@ pattern cloudflare_terraform_v5_resource_renames_state() {
`"cloudflare_device_policy_certificates.$dep"` => `"cloudflare_zero_trust_device_certificates.$dep"`,
`"cloudflare_device_posture_integration.$dep"` => `"cloudflare_zero_trust_device_posture_integration.$dep"`,
`"cloudflare_device_posture_rule.$dep"` => `"cloudflare_zero_trust_device_posture_rule.$dep"`,
`"cloudflare_device_settings_policy.$dep"` => `"cloudflare_zero_trust_device_profiles.$dep"`,
`"cloudflare_dlp_custom_profile.$dep"` => `"cloudflare_zero_trust_dlp_custom_profile.$dep"`,
`"cloudflare_dlp_predefined_profile.$dep"` => `"cloudflare_zero_trust_dlp_predefined_profile.$dep"`,
`"cloudflare_dlp_profile.$dep"` => `"cloudflare_zero_trust_dlp_profile.$dep"`,
`"cloudflare_fallback_domain.$dep"` => `"cloudflare_zero_trust_local_domain_fallback.$dep"`,
`"cloudflare_gateway_app_types.$dep"` => `"cloudflare_zero_trust_gateway_app_types.$dep"`,
`"cloudflare_gre_tunnel.$dep"` => `"cloudflare_magic_wan_gre_tunnel.$dep"`,
`"cloudflare_ipsec_tunnel.$dep"` => `"cloudflare_magic_wan_ipsec_tunnel.$dep"`,
`"cloudflare_record.$dep"` => `"cloudflare_dns_record.$dep"`,
`"cloudflare_risk_behavior.$dep"` => `"cloudflare_zero_trust_risk_behavior.$dep"`,
`"cloudflare_split_tunnel.$dep"` => `"cloudflare_zero_trust_split_tunnels.$dep"`,
`"cloudflare_static_route.$dep"` => `"cloudflare_magic_wan_static_route.$dep"`,
`"cloudflare_teams_account.$dep"` => `"cloudflare_zero_trust_gateway_settings.$dep"`,
`"cloudflare_teams_list.$dep"` => `"cloudflare_zero_trust_list.$dep"`,
@ -79,14 +75,13 @@ pattern cloudflare_terraform_v5_resource_renames_state() {
`"cloudflare_teams_rule.$dep"` => `"cloudflare_zero_trust_gateway_policy.$dep"`,
`"cloudflare_tunnel.$dep"` => `"cloudflare_zero_trust_tunnel_cloudflared.$dep"`,
`"cloudflare_tunnel_config.$dep"` => `"cloudflare_zero_trust_tunnel_cloudflared_config.$dep"`,
`"cloudflare_tunnel_route.$dep"` => `"cloudflare_zero_trust_tunnel_route.$dep"`,
`"cloudflare_tunnel_virtual_network.$dep"` => `"cloudflare_zero_trust_tunnel_virtual_network.$dep"`,
`"cloudflare_tunnel_route.$dep"` => `"cloudflare_zero_trust_tunnel_cloudflared_route.$dep"`,
`"cloudflare_tunnel_virtual_network.$dep"` => `"cloudflare_zero_trust_tunnel_cloudflared_virtual_network.$dep"`,
`"cloudflare_worker_cron_trigger.$dep"` => `"cloudflare_workers_cron_trigger.$dep"`,
`"cloudflare_worker_domain.$dep"` => `"cloudflare_workers_custom_domain.$dep"`,
`"cloudflare_worker_script.$dep"` => `"cloudflare_workers_script.$dep"`,
`"cloudflare_worker_secret.$dep"` => `"cloudflare_workers_secret.$dep"`,
`"cloudflare_workers_for_platforms_namespace.$dep"` => `"cloudflare_workers_for_platforms_dispatch_namespace.$dep"`,
`"cloudflare_zone_dnssec.$dep"` => `"cloudflare_dns_zone_dnssec.$dep"`,
`"cloudflare_managed_headers.$dep"` => `"cloudflare_managed_transforms.$dep"`,
}
}

3
.release-please-manifest.json Normal file
View file

@ -0,0 +1,3 @@
{
".": "5.0.0"
}

4
.stats.yml
View file

@ -1,2 +1,2 @@
configured_endpoints: 1508
openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-bc8740036f5c85815dd08ce4d1787a79b09e8133dc24fcdf8c594aad2c5cc69d.yml
configured_endpoints: 1525
openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-fc562128cab85cd116a8c4e1fe17a0f09a5019da2d1bbe162c476aa999932c4e.yml

62
CONTRIBUTING.md Normal file
View file

@ -0,0 +1,62 @@
## Setting up the environment
To set up the repository, run:
```sh
$ ./scripts/bootstrap
$ ./scripts/build
```
This will install all the required dependencies and build the Provider binary into the root directory.
You can also [install go 1.22+ manually](https://go.dev/doc/install).
## Running the Provider locally
You can build the provider locally and have your `.tf` files refer to the local build instead of the one in the Hashicorp registry.
First, build the provider binary:
```sh
$ ./scripts/build
```
Then edit (or create) your `~/.terraformrc` to look something like this:
```hcl
provider_installation {
dev_overrides {
"cloudflare/cloudflare" = "/local/path/to/this/repo"
}
direct {}
}
```
## Running tests
To execute the schema and unit tests, run:
```sh
$ ./scripts/test
```
Note that this does not run [acceptance tests](https://developer.hashicorp.com/terraform/plugin/framework/acctests) by default, because
those tests interact with real resources in the cloud and could incur fees.
To enable the running of acceptance tests, use the `TF_ACC` environment variable:
```sh
$ TF_ACC=1 ./scripts/test
```
## Formatting
This library uses the standard gofmt code formatter:
```sh
$ ./scripts/format
```
## Running Tests
To run schema tests,

21
README.md
View file

@ -13,20 +13,35 @@ for non-Terraform or service specific information.
<!-- x-release-please-start-version -->
```
```hcl
# Declare the provider and version
terraform {
required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 5"
version = "~> 5.0.0"
}
}
}
# Initialize the provider
provider "cloudflare" {
api_token = "Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY" # or set CLOUDFLARE_API_TOKEN env variable
}
# Configure a resource
resource "cloudflare_zone" "example_zone" {
account = {
id = "023e105f4ecef8ad9ca31a8372d0c353"
}
name = "example.com"
type = "full"
}
```
<!-- x-release-please-end -->
And initialize your project by running `terraform init`.
Initialize your project by running `terraform init` in the directory.
## Migrating to Terraform from using the Dashboard

4
docs/data-sources/api_shield.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield" "example_api_shield" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
properties = ["auth_id_characteristics"]
}
```
@ -23,7 +23,7 @@ data "cloudflare_api_shield" "example_api_shield" {
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional

6
docs/data-sources/api_shield_discovery_operations.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_discovery_operations" "example_api_shield_discovery_operations" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
diff = true
direction = "asc"
endpoint = "/api/v1"
@ -30,7 +30,7 @@ data "cloudflare_api_shield_discovery_operations" "example_api_shield_discovery_
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -61,7 +61,7 @@ Read-Only:
- `endpoint` (String) The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.
- `features` (Attributes) (see [below for nested schema](#nestedatt--result--features))
- `host` (String) RFC3986-compliant host.
- `id` (String) UUID
- `id` (String)
- `last_updated` (String)
- `method` (String) The HTTP method used to access the endpoint.
- `origin` (List of String) API discovery engine(s) that discovered this operation

6
docs/data-sources/api_shield_operation.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_operation" "example_api_shield_operation" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
operation_id = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415"
feature = ["thresholds"]
}
@ -24,7 +24,7 @@ data "cloudflare_api_shield_operation" "example_api_shield_operation" {
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -162,7 +162,7 @@ Read-Only:
Read-Only:
- `created_at` (String)
- `id` (String) UUID
- `id` (String)
- `is_learned` (Boolean) True if schema is Cloudflare-provided.
- `name` (String) Schema file name.

4
docs/data-sources/api_shield_operation_schema_validation_settings.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_operation_schema_validation_settings" "example_api_shield_operation_schema_validation_settings" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
operation_id = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415"
}
```
@ -24,7 +24,7 @@ data "cloudflare_api_shield_operation_schema_validation_settings" "example_api_s
### Required
- `operation_id` (String) UUID
- `zone_id` (String) Identifier
- `zone_id` (String)
### Read-Only

8
docs/data-sources/api_shield_operations.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_operations" "example_api_shield_operations" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
direction = "asc"
endpoint = "/api/v1"
feature = ["thresholds"]
@ -28,7 +28,7 @@ data "cloudflare_api_shield_operations" "example_api_shield_operations" {
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -54,7 +54,7 @@ Read-Only:
- `host` (String) RFC3986-compliant host.
- `last_updated` (String)
- `method` (String) The HTTP method used to access the endpoint.
- `operation_id` (String) UUID
- `operation_id` (String)
<a id="nestedatt--result--features"></a>
### Nested Schema for `result.features`
@ -164,7 +164,7 @@ Read-Only:
Read-Only:
- `created_at` (String)
- `id` (String) UUID
- `id` (String)
- `is_learned` (Boolean) True if schema is Cloudflare-provided.
- `name` (String) Schema file name.

4
docs/data-sources/api_shield_schema.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_schema" "example_api_shield_schema" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
schema_id = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415"
omit_source = true
}
@ -24,7 +24,7 @@ data "cloudflare_api_shield_schema" "example_api_shield_schema" {
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional

4
docs/data-sources/api_shield_schema_validation_settings.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_schema_validation_settings" "example_api_shield_schema_validation_settings" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
}
```
@ -22,7 +22,7 @@ data "cloudflare_api_shield_schema_validation_settings" "example_api_shield_sche
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Read-Only

6
docs/data-sources/api_shield_schemas.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
data "cloudflare_api_shield_schemas" "example_api_shield_schemas" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
validation_enabled = true
}
```
@ -23,7 +23,7 @@ data "cloudflare_api_shield_schemas" "example_api_shield_schemas" {
### Required
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -43,7 +43,7 @@ Read-Only:
- `created_at` (String)
- `kind` (String) Kind of schema
- `name` (String) Name of the schema
- `schema_id` (String) UUID
- `schema_id` (String)
- `source` (String) Source of the schema
- `validation_enabled` (Boolean) Flag whether schema is enabled for validation.

27
docs/data-sources/api_token_permissions_groups.md Normal file
View file

@ -0,0 +1,27 @@
---
page_title: "cloudflare_api_token_permissions_groups Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_api_token_permissions_groups (Data Source)
## Example Usage
```terraform
data "cloudflare_api_token_permissions_groups" "example_api_token_permissions_groups" {
account_id = "eb78d65290b24279ba6f44721b3ea3c4"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account identifier tag.

31
docs/data-sources/botnet_feed_config_asn.md Normal file
View file

@ -0,0 +1,31 @@
---
page_title: "cloudflare_botnet_feed_config_asn Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_botnet_feed_config_asn (Data Source)
## Example Usage
```terraform
data "cloudflare_botnet_feed_config_asn" "example_botnet_feed_config_asn" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Identifier
### Read-Only
- `asn` (Number)

8
docs/data-sources/cloudforce_one_request_asset.md
View file

@ -28,4 +28,12 @@ data "cloudflare_cloudforce_one_request_asset" "example_cloudforce_one_request_a
- `asset_identifer` (String) UUID
- `request_identifier` (String) UUID
### Read-Only
- `created` (String) Asset creation time
- `description` (String) Asset description
- `file_type` (String) Asset file type
- `id` (Number) Asset ID
- `name` (String) Asset name

9
docs/data-sources/cloudforce_one_request_message.md
View file

@ -26,4 +26,13 @@ data "cloudflare_cloudforce_one_request_message" "example_cloudforce_one_request
- `account_identifier` (String) Identifier
- `request_identifier` (String) UUID
### Read-Only
- `author` (String) Author of message
- `content` (String) Content of message
- `created` (String) Message creation time
- `id` (Number) Message ID
- `is_follow_on_request` (Boolean) Whether the message is a follow-on request
- `updated` (String) Message last updated time

27
docs/data-sources/custom_ssl.md
View file

@ -34,7 +34,7 @@ data "cloudflare_custom_ssl" "example_custom_ssl" {
- `hosts` (List of String)
- `id` (String) Identifier
- `issuer` (String) The certificate authority that issued the certificate.
- `keyless_server` (Attributes) (see [below for nested schema](#nestedatt--keyless_server))
- `keyless_server` (String)
- `modified_on` (String) When the certificate was last modified.
- `policy` (String) Specify the policy that determines the region where your private key will be held locally. HTTPS connections to any excluded data center will still be fully encrypted, but will incur some latency while Keyless SSL is used to complete the handshake with the nearest allowed data center. Any combination of countries, specified by their two letter country code (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will be rejected.
- `priority` (Number) The order/priority in which the certificate will be used in a request. The higher priority will break ties across overlapping 'legacy_custom' certificates, but 'legacy_custom' certificates will always supercede 'sni_custom' certificates.
@ -60,28 +60,3 @@ Read-Only:
- `label` (String)
<a id="nestedatt--keyless_server"></a>
### Nested Schema for `keyless_server`
Read-Only:
- `created_on` (String) When the Keyless SSL was created.
- `enabled` (Boolean) Whether or not the Keyless SSL is on or off.
- `host` (String) The keyless SSL name.
- `id` (String) Keyless certificate identifier tag.
- `modified_on` (String) When the Keyless SSL was last modified.
- `name` (String) The keyless SSL name.
- `permissions` (List of String) Available permissions for the Keyless SSL for the current user requesting the item.
- `port` (Number) The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.
- `status` (String) Status of the Keyless SSL.
- `tunnel` (Attributes) Configuration for using Keyless SSL through a Cloudflare Tunnel (see [below for nested schema](#nestedatt--keyless_server--tunnel))
<a id="nestedatt--keyless_server--tunnel"></a>
### Nested Schema for `keyless_server.tunnel`
Read-Only:
- `private_ip` (String) Private IP of the Key Server Host
- `vnet_id` (String) Cloudflare Tunnel Virtual Network ID

27
docs/data-sources/custom_ssls.md
View file

@ -46,7 +46,7 @@ Read-Only:
- `hosts` (List of String)
- `id` (String) Identifier
- `issuer` (String) The certificate authority that issued the certificate.
- `keyless_server` (Attributes) (see [below for nested schema](#nestedatt--result--keyless_server))
- `keyless_server` (String)
- `modified_on` (String) When the certificate was last modified.
- `policy` (String) Specify the policy that determines the region where your private key will be held locally. HTTPS connections to any excluded data center will still be fully encrypted, but will incur some latency while Keyless SSL is used to complete the handshake with the nearest allowed data center. Any combination of countries, specified by their two letter country code (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements) can be chosen, such as 'country: IN', as well as 'region: EU' which refers to the EU region. If there are too few data centers satisfying the policy, it will be rejected.
- `priority` (Number) The order/priority in which the certificate will be used in a request. The higher priority will break ties across overlapping 'legacy_custom' certificates, but 'legacy_custom' certificates will always supercede 'sni_custom' certificates.
@ -63,28 +63,3 @@ Read-Only:
- `label` (String)
<a id="nestedatt--result--keyless_server"></a>
### Nested Schema for `result.keyless_server`
Read-Only:
- `created_on` (String) When the Keyless SSL was created.
- `enabled` (Boolean) Whether or not the Keyless SSL is on or off.
- `host` (String) The keyless SSL name.
- `id` (String) Keyless certificate identifier tag.
- `modified_on` (String) When the Keyless SSL was last modified.
- `name` (String) The keyless SSL name.
- `permissions` (List of String) Available permissions for the Keyless SSL for the current user requesting the item.
- `port` (Number) The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.
- `status` (String) Status of the Keyless SSL.
- `tunnel` (Attributes) Configuration for using Keyless SSL through a Cloudflare Tunnel (see [below for nested schema](#nestedatt--result--keyless_server--tunnel))
<a id="nestedatt--result--keyless_server--tunnel"></a>
### Nested Schema for `result.keyless_server.tunnel`
Read-Only:
- `private_ip` (String) Private IP of the Key Server Host
- `vnet_id` (String) Cloudflare Tunnel Virtual Network ID

8
docs/data-sources/d1_database.md
View file

@ -27,17 +27,17 @@ data "cloudflare_d1_database" "example_d1_database" {
### Optional
- `database_id` (String)
- `database_id` (String) D1 database identifier (UUID).
- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
### Read-Only
- `created_at` (String) Specifies the timestamp the resource was created as an ISO8601 string.
- `file_size` (Number) The D1 database's size, in bytes.
- `id` (String) The ID of this resource.
- `name` (String)
- `id` (String) D1 database identifier (UUID).
- `name` (String) D1 database name.
- `num_tables` (Number)
- `uuid` (String)
- `uuid` (String) D1 database identifier (UUID).
- `version` (String)
<a id="nestedatt--filter"></a>

4
docs/data-sources/d1_databases.md
View file

@ -40,8 +40,8 @@ data "cloudflare_d1_databases" "example_d1_databases" {
Read-Only:
- `created_at` (String) Specifies the timestamp the resource was created as an ISO8601 string.
- `name` (String)
- `uuid` (String)
- `name` (String) D1 database name.
- `uuid` (String) D1 database identifier (UUID).
- `version` (String)

77
docs/data-sources/dns_settings.md Normal file
View file

@ -0,0 +1,77 @@
---
page_title: "cloudflare_dns_settings Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_dns_settings (Data Source)
## Example Usage
```terraform
data "cloudflare_dns_settings" "example_dns_settings" {
account_id = "account_id"
zone_id = "zone_id"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `account_id` (String) The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
- `zone_id` (String) The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
### Read-Only
- `zone_defaults` (Attributes) (see [below for nested schema](#nestedatt--zone_defaults))
<a id="nestedatt--zone_defaults"></a>
### Nested Schema for `zone_defaults`
Read-Only:
- `flatten_all_cnames` (Boolean) Whether to flatten all CNAME records in the zone. Note that, due to DNS limitations, a CNAME record at the zone apex will always be flattened.
- `foundation_dns` (Boolean) Whether to enable Foundation DNS Advanced Nameservers on the zone.
- `internal_dns` (Attributes) Settings for this internal zone. (see [below for nested schema](#nestedatt--zone_defaults--internal_dns))
- `multi_provider` (Boolean) Whether to enable multi-provider DNS, which causes Cloudflare to activate the zone even when non-Cloudflare NS records exist, and to respect NS records at the zone apex during outbound zone transfers.
- `nameservers` (Attributes) Settings determining the nameservers through which the zone should be available. (see [below for nested schema](#nestedatt--zone_defaults--nameservers))
- `ns_ttl` (Number) The time to live (TTL) of the zone's nameserver (NS) records.
- `secondary_overrides` (Boolean) Allows a Secondary DNS zone to use (proxied) override records and CNAME flattening at the zone apex.
- `soa` (Attributes) Components of the zone's SOA record. (see [below for nested schema](#nestedatt--zone_defaults--soa))
- `zone_mode` (String) Whether the zone mode is a regular or CDN/DNS only zone.
<a id="nestedatt--zone_defaults--internal_dns"></a>
### Nested Schema for `zone_defaults.internal_dns`
Read-Only:
- `reference_zone_id` (String) The ID of the zone to fallback to.
<a id="nestedatt--zone_defaults--nameservers"></a>
### Nested Schema for `zone_defaults.nameservers`
Read-Only:
- `type` (String) Nameserver type
<a id="nestedatt--zone_defaults--soa"></a>
### Nested Schema for `zone_defaults.soa`
Read-Only:
- `expire` (Number) Time in seconds of being unable to query the primary server after which secondary servers should stop serving the zone.
- `min_ttl` (Number) The time to live (TTL) for negative caching of records within the zone.
- `mname` (String) The primary nameserver, which may be used for outbound zone transfers.
- `refresh` (Number) Time in seconds after which secondary servers should re-check the SOA record to see if the zone has been updated.
- `retry` (Number) Time in seconds after which secondary servers should retry queries after the primary server was unresponsive.
- `rname` (String) The email address of the zone administrator, with the first label representing the local part of the email address.
- `ttl` (Number) The time to live (TTL) of the SOA record itself.

63
docs/data-sources/dns_settings_internal_view.md Normal file
View file

@ -0,0 +1,63 @@
---
page_title: "cloudflare_dns_settings_internal_view Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_dns_settings_internal_view (Data Source)
## Example Usage
```terraform
data "cloudflare_dns_settings_internal_view" "example_dns_settings_internal_view" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
view_id = "023e105f4ecef8ad9ca31a8372d0c353"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Identifier
### Optional
- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
- `view_id` (String) Identifier
### Read-Only
- `created_time` (String) When the view was created.
- `id` (String) Identifier
- `modified_time` (String) When the view was last modified.
- `name` (String) The name of the view.
- `zones` (List of String) The list of zones linked to this view.
<a id="nestedatt--filter"></a>
### Nested Schema for `filter`
Optional:
- `direction` (String) Direction to order DNS views in.
- `match` (String) Whether to match all search requirements or at least one (any). If set to `all`, acts like a logical AND between filters. If set to `any`, acts like a logical OR instead.
- `name` (Attributes) (see [below for nested schema](#nestedatt--filter--name))
- `order` (String) Field to order DNS views by.
- `zone_id` (String) A zone ID that exists in the zones list for the view.
- `zone_name` (String) A zone name that exists in the zones list for the view.
<a id="nestedatt--filter--name"></a>
### Nested Schema for `filter.name`
Optional:
- `contains` (String) Substring of the DNS view name.
- `endswith` (String) Suffix of the DNS view name.
- `exact` (String) Exact value of the DNS view name.
- `startswith` (String) Prefix of the DNS view name.

72
docs/data-sources/dns_settings_internal_views.md Normal file
View file

@ -0,0 +1,72 @@
---
page_title: "cloudflare_dns_settings_internal_views Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_dns_settings_internal_views (Data Source)
## Example Usage
```terraform
data "cloudflare_dns_settings_internal_views" "example_dns_settings_internal_views" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
name = {
contains = "view"
endswith = "ew"
exact = "my view"
startswith = "my"
}
order = "name"
zone_id = "ae29bea30e2e427ba9cd8d78b628177b"
zone_name = "www.example.com"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Identifier
### Optional
- `direction` (String) Direction to order DNS views in.
- `match` (String) Whether to match all search requirements or at least one (any). If set to `all`, acts like a logical AND between filters. If set to `any`, acts like a logical OR instead.
- `max_items` (Number) Max items to fetch, default: 1000
- `name` (Attributes) (see [below for nested schema](#nestedatt--name))
- `order` (String) Field to order DNS views by.
- `zone_id` (String) A zone ID that exists in the zones list for the view.
- `zone_name` (String) A zone name that exists in the zones list for the view.
### Read-Only
- `result` (Attributes List) The items returned by the data source (see [below for nested schema](#nestedatt--result))
<a id="nestedatt--name"></a>
### Nested Schema for `name`
Optional:
- `contains` (String) Substring of the DNS view name.
- `endswith` (String) Suffix of the DNS view name.
- `exact` (String) Exact value of the DNS view name.
- `startswith` (String) Prefix of the DNS view name.
<a id="nestedatt--result"></a>
### Nested Schema for `result`
Read-Only:
- `created_time` (String) When the view was created.
- `id` (String) Identifier
- `modified_time` (String) When the view was last modified.
- `name` (String) The name of the view.
- `zones` (List of String) The list of zones linked to this view.

42
docs/data-sources/email_routing_rule.md
View file

@ -23,47 +23,7 @@ data "cloudflare_email_routing_rule" "example_email_routing_rule" {
### Required
- `rule_identifier` (String) Routing rule identifier.
- `zone_id` (String) Identifier
### Optional
- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
- `rule_identifier` (String) Routing rule identifier.
### Read-Only
- `actions` (Attributes List) List actions patterns. (see [below for nested schema](#nestedatt--actions))
- `enabled` (Boolean) Routing rule status.
- `id` (String) Routing rule identifier.
- `matchers` (Attributes List) Matching patterns to forward to your actions. (see [below for nested schema](#nestedatt--matchers))
- `name` (String) Routing rule name.
- `priority` (Number) Priority of the routing rule.
- `tag` (String) Routing rule tag. (Deprecated, replaced by routing rule identifier)
<a id="nestedatt--filter"></a>
### Nested Schema for `filter`
Optional:
- `enabled` (Boolean) Filter by enabled routing rules.
<a id="nestedatt--actions"></a>
### Nested Schema for `actions`
Read-Only:
- `type` (String) Type of supported action.
- `value` (List of String)
<a id="nestedatt--matchers"></a>
### Nested Schema for `matchers`
Read-Only:
- `field` (String) Field for type matcher.
- `type` (String) Type of matcher.
- `value` (String) Value for matcher.

11
docs/data-sources/email_routing_settings.md
View file

@ -24,15 +24,4 @@ data "cloudflare_email_routing_settings" "example_email_routing_settings" {
- `zone_id` (String) Identifier
### Read-Only
- `created` (String) The date and time the settings have been created.
- `enabled` (Boolean) State of the zone settings for Email Routing.
- `id` (String) Email Routing settings identifier.
- `modified` (String) The date and time the settings have been modified.
- `name` (String) Domain of your zone.
- `skip_wizard` (Boolean) Flag to check if the user skipped the configuration wizard.
- `status` (String) Show the state of your account, and the type or configuration error.
- `tag` (String) Email Routing settings tag. (Deprecated, replaced by Email Routing settings identifier)

17
docs/data-sources/filter.md
View file

@ -23,9 +23,13 @@ data "cloudflare_filter" "example_filter" {
### Required
- `filter_id` (String) The unique identifier of the filter.
- `zone_id` (String) Identifier
### Optional
- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
- `filter_id` (String) The unique identifier of the filter.
### Read-Only
- `description` (String) An informative summary of the filter.
@ -34,4 +38,15 @@ data "cloudflare_filter" "example_filter" {
- `paused` (Boolean) When true, indicates that the filter is currently paused.
- `ref` (String) A short reference tag. Allows you to select related filters.
<a id="nestedatt--filter"></a>
### Nested Schema for `filter`
Optional:
- `description` (String) A case-insensitive string to find in the description.
- `expression` (String) A case-insensitive string to find in the expression.
- `id` (String) The unique identifier of the filter.
- `paused` (Boolean) When true, indicates that the filter is currently paused.
- `ref` (String) The filter ref (a short reference tag) to search for. Must be an exact match.

17
docs/data-sources/firewall_rule.md
View file

@ -24,33 +24,20 @@ data "cloudflare_firewall_rule" "example_firewall_rule" {
### Required
- `rule_id` (String) The unique identifier of the firewall rule.
- `zone_id` (String) Identifier
### Optional
- `id` (String) The unique identifier of the firewall rule.
- `rule_id` (String) The unique identifier of the firewall rule.
### Read-Only
- `action` (String) The action to apply to a matched request. The `log` action is only available on an Enterprise plan.
- `description` (String) An informative summary of the firewall rule.
- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
- `id` (String) The unique identifier of the firewall rule.
- `paused` (Boolean) When true, indicates that the firewall rule is currently paused.
- `priority` (Number) The priority of the rule. Optional value used to define the processing order. A lower number indicates a higher priority. If not provided, rules with a defined priority will be processed before rules without a priority.
- `products` (List of String)
- `ref` (String) A short reference tag. Allows you to select related firewall rules.
<a id="nestedatt--filter"></a>
### Nested Schema for `filter`
Read-Only:
- `deleted` (Boolean) When true, indicates that the firewall rule was deleted.
- `description` (String) An informative summary of the filter.
- `expression` (String) The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/).
- `id` (String) The unique identifier of the filter.
- `paused` (Boolean) When true, indicates that the filter is currently paused.
- `ref` (String) A short reference tag. Allows you to select related filters.

8
docs/data-sources/hostname_tls_setting.md
View file

@ -26,4 +26,12 @@ data "cloudflare_hostname_tls_setting" "example_hostname_tls_setting" {
- `setting_id` (String) The TLS Setting name.
- `zone_id` (String) Identifier
### Read-Only
- `created_at` (String) This is the time the tls setting was originally created for this hostname.
- `hostname` (String) The hostname for which the tls settings are set.
- `status` (String) Deployment status for the given tls setting.
- `updated_at` (String) This is the time the tls setting was updated.
- `value` (Number) The tls setting value.

12
docs/data-sources/hyperdrive_config.md
View file

@ -28,23 +28,13 @@ data "cloudflare_hyperdrive_config" "example_hyperdrive_config" {
### Read-Only
- `caching` (Attributes) (see [below for nested schema](#nestedatt--caching))
- `caching` (String)
- `created_on` (String) When the Hyperdrive configuration was created.
- `id` (String) Identifier
- `modified_on` (String) When the Hyperdrive configuration was last modified.
- `name` (String)
- `origin` (Attributes) (see [below for nested schema](#nestedatt--origin))
<a id="nestedatt--caching"></a>
### Nested Schema for `caching`
Read-Only:
- `disabled` (Boolean) When set to true, disables the caching of SQL responses. (Default: false)
- `max_age` (Number) When present, specifies max duration for which items should persist in the cache. Not returned if set to default. (Default: 60)
- `stale_while_revalidate` (Number) When present, indicates the number of seconds cache may serve the response after it becomes stale. Not returned if set to default. (Default: 15)
<a id="nestedatt--origin"></a>
### Nested Schema for `origin`

12
docs/data-sources/hyperdrive_configs.md
View file

@ -37,23 +37,13 @@ data "cloudflare_hyperdrive_configs" "example_hyperdrive_configs" {
Read-Only:
- `caching` (Attributes) (see [below for nested schema](#nestedatt--result--caching))
- `caching` (String)
- `created_on` (String) When the Hyperdrive configuration was created.
- `id` (String) Identifier
- `modified_on` (String) When the Hyperdrive configuration was last modified.
- `name` (String)
- `origin` (Attributes) (see [below for nested schema](#nestedatt--result--origin))
<a id="nestedatt--result--caching"></a>
### Nested Schema for `result.caching`
Read-Only:
- `disabled` (Boolean) When set to true, disables the caching of SQL responses. (Default: false)
- `max_age` (Number) When present, specifies max duration for which items should persist in the cache. Not returned if set to default. (Default: 60)
- `stale_while_revalidate` (Number) When present, indicates the number of seconds cache may serve the response after it becomes stale. Not returned if set to default. (Default: 15)
<a id="nestedatt--result--origin"></a>
### Nested Schema for `result.origin`

34
docs/data-sources/ip_ranges.md Normal file
View file

@ -0,0 +1,34 @@
---
page_title: "cloudflare_ip_ranges Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_ip_ranges (Data Source)
## Example Usage
```terraform
data "cloudflare_ip_ranges" "example_ip_ranges" {
networks = "networks"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `networks` (String) Specified as `jdcloud` to list IPs used by JD Cloud data centers.
### Read-Only
- `etag` (String) A digest of the IP data. Useful for determining if the data has changed.
- `ipv4_cidrs` (List of String) List of Cloudflare IPv4 CIDR addresses.
- `ipv6_cidrs` (List of String) List of Cloudflare IPv6 CIDR addresses.
- `jdcloud_cidrs` (List of String) List IPv4 and IPv6 CIDRs, only populated if `?networks=jdcloud` is used.

36
docs/data-sources/logpush_dataset_job.md
View file

@ -31,4 +31,40 @@ data "cloudflare_logpush_dataset_job" "example_logpush_dataset_job" {
- `account_id` (String) The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
- `zone_id` (String) The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
### Read-Only
- `dataset` (String) Name of the dataset. A list of supported datasets can be found on the [Developer Docs](https://developers.cloudflare.com/logs/reference/log-fields/).
- `destination_conf` (String) Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included.
- `enabled` (Boolean) Flag that indicates if the job is enabled.
- `error_message` (String) If not null, the job is currently failing. Failures are usually repetitive (example: no permissions to write to destination bucket). Only the last failure is recorded. On successful execution of a job the error_message and last_error are set to null.
- `frequency` (String) This field is deprecated. Please use `max_upload_*` parameters instead. The frequency at which Cloudflare sends batches of logs to your destination. Setting frequency to high sends your logs in larger quantities of smaller files. Setting frequency to low sends logs in smaller quantities of larger files.
- `id` (Number) Unique id of the job.
- `kind` (String) The kind parameter (optional) is used to differentiate between Logpush and Edge Log Delivery jobs. Currently, Edge Log Delivery is only supported for the `http_requests` dataset.
- `last_complete` (String) Records the last time for which logs have been successfully pushed. If the last successful push was for logs range 2018-07-23T10:00:00Z to 2018-07-23T10:01:00Z then the value of this field will be 2018-07-23T10:01:00Z. If the job has never run or has just been enabled and hasn't run yet then the field will be empty.
- `last_error` (String) Records the last time the job failed. If not null, the job is currently failing. If null, the job has either never failed or has run successfully at least once since last failure. See also the error_message field.
- `logpull_options` (String) This field is deprecated. Use `output_options` instead. Configuration string. It specifies things like requested fields and timestamp formats. If migrating from the logpull api, copy the url (full url or just the query string) of your call here, and logpush will keep on making this call for you, setting start and end times appropriately.
- `max_upload_bytes` (Number) The maximum uncompressed file size of a batch of logs. This setting value must be between `5 MB` and `1 GB`, or `0` to disable it. Note that you cannot set a minimum file size; this means that log files may be much smaller than this batch size. This parameter is not available for jobs with `edge` as its kind.
- `max_upload_interval_seconds` (Number) The maximum interval in seconds for log batches. This setting must be between 30 and 300 seconds (5 minutes), or `0` to disable it. Note that you cannot specify a minimum interval for log batches; this means that log files may be sent in shorter intervals than this. This parameter is only used for jobs with `edge` as its kind.
- `max_upload_records` (Number) The maximum number of log lines per batch. This setting must be between 1000 and 1,000,000 lines, or `0` to disable it. Note that you cannot specify a minimum number of log lines per batch; this means that log files may contain many fewer lines than this. This parameter is not available for jobs with `edge` as its kind.
- `name` (String) Optional human readable job name. Not unique. Cloudflare suggests that you set this to a meaningful string, like the domain name, to make it easier to identify your job.
- `output_options` (Attributes) The structured replacement for `logpull_options`. When including this field, the `logpull_option` field will be ignored. (see [below for nested schema](#nestedatt--output_options))
<a id="nestedatt--output_options"></a>
### Nested Schema for `output_options`
Read-Only:
- `batch_prefix` (String) String to be prepended before each batch.
- `batch_suffix` (String) String to be appended after each batch.
- `cve_2021_4428` (Boolean) If set to true, will cause all occurrences of `${` in the generated files to be replaced with `x{`.
- `field_delimiter` (String) String to join fields. This field be ignored when `record_template` is set.
- `field_names` (List of String) List of field names to be included in the Logpush output. For the moment, there is no option to add all fields at once, so you must specify all the fields names you are interested in.
- `output_type` (String) Specifies the output type, such as `ndjson` or `csv`. This sets default values for the rest of the settings, depending on the chosen output type. Some formatting rules, like string quoting, are different between output types.
- `record_delimiter` (String) String to be inserted in-between the records as separator.
- `record_prefix` (String) String to be prepended before each record.
- `record_suffix` (String) String to be appended after each record.
- `record_template` (String) String to use as template for each record instead of the default comma-separated list. All fields used in the template must be present in `field_names` as well, otherwise they will end up as null. Format as a Go `text/template` without any standard functions, like conditionals, loops, sub-templates, etc.
- `sample_rate` (Number) Floating number to specify sampling rate. Sampling is applied on top of filtering, and regardless of the current `sample_interval` of the data.
- `timestamp_format` (String) String to specify the format for timestamps, such as `unixnano`, `unix`, or `rfc3339`.

2
docs/data-sources/magic_transit_site.md
View file

@ -45,7 +45,7 @@ data "cloudflare_magic_transit_site" "example_magic_transit_site" {
Optional:
- `connector_identifier` (String) Identifier
- `connectorid` (String) Identifier
<a id="nestedatt--location"></a>

4
docs/data-sources/magic_transit_site_lan.md
View file

@ -25,6 +25,9 @@ data "cloudflare_magic_transit_site_lan" "example_magic_transit_site_lan" {
### Required
- `account_id` (String) Identifier
### Optional
- `lan_id` (String) Identifier
### Read-Only
@ -92,6 +95,7 @@ Read-Only:
- `dhcp_pool_end` (String) A valid IPv4 address.
- `dhcp_pool_start` (String) A valid IPv4 address.
- `dns_server` (String) A valid IPv4 address.
- `dns_servers` (List of String)
- `reservations` (Map of String) Mapping of MAC addresses to IP addresses

1
docs/data-sources/magic_transit_site_lans.md
View file

@ -102,6 +102,7 @@ Read-Only:
- `dhcp_pool_end` (String) A valid IPv4 address.
- `dhcp_pool_start` (String) A valid IPv4 address.
- `dns_server` (String) A valid IPv4 address.
- `dns_servers` (List of String)
- `reservations` (Map of String) Mapping of MAC addresses to IP addresses

3
docs/data-sources/magic_transit_site_wan.md
View file

@ -25,6 +25,9 @@ data "cloudflare_magic_transit_site_wan" "example_magic_transit_site_wan" {
### Required
- `account_id` (String) Identifier
### Optional
- `wan_id` (String) Identifier
### Read-Only

4
docs/data-sources/magic_transit_sites.md
View file

@ -14,7 +14,7 @@ description: |-
```terraform
data "cloudflare_magic_transit_sites" "example_magic_transit_sites" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
connector_identifier = "023e105f4ecef8ad9ca31a8372d0c353"
connectorid = "023e105f4ecef8ad9ca31a8372d0c353"
}
```
@ -27,7 +27,7 @@ data "cloudflare_magic_transit_sites" "example_magic_transit_sites" {
### Optional
- `connector_identifier` (String) Identifier
- `connectorid` (String) Identifier
- `max_items` (Number) Max items to fetch, default: 1000
### Read-Only

21
docs/data-sources/queue_consumer.md
View file

@ -24,6 +24,27 @@ data "cloudflare_queue_consumer" "example_queue_consumer" {
### Required
- `account_id` (String) A Resource identifier.
### Read-Only
- `consumer_id` (String) A Resource identifier.
- `created_on` (String)
- `queue_id` (String) A Resource identifier.
- `script` (String) Name of a Worker
- `script_name` (String) Name of a Worker
- `settings` (Attributes) (see [below for nested schema](#nestedatt--settings))
- `type` (String)
<a id="nestedatt--settings"></a>
### Nested Schema for `settings`
Read-Only:
- `batch_size` (Number) The maximum number of messages to include in a batch.
- `max_concurrency` (Number) Maximum number of concurrent consumers that may consume from this Queue. Set to `null` to automatically opt in to the platform's maximum (recommended).
- `max_retries` (Number) The maximum number of retries
- `max_wait_time_ms` (Number) The number of milliseconds to wait for a batch to fill up before attempting to deliver it
- `retry_delay` (Number) The number of seconds to delay before making the message available for another attempt.
- `visibility_timeout_ms` (Number) The number of milliseconds that a message is exclusively leased. After the timeout, the message becomes available for another attempt.

52
docs/data-sources/r2_bucket_cors.md Normal file
View file

@ -0,0 +1,52 @@
---
page_title: "cloudflare_r2_bucket_cors Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_bucket_cors (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_bucket_cors" "example_r2_bucket_cors" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
### Read-Only
- `rules` (Attributes List) (see [below for nested schema](#nestedatt--rules))
<a id="nestedatt--rules"></a>
### Nested Schema for `rules`
Read-Only:
- `allowed` (Attributes) Object specifying allowed origins, methods and headers for this CORS rule. (see [below for nested schema](#nestedatt--rules--allowed))
- `expose_headers` (List of String) Specifies the headers that can be exposed back, and accessed by, the JavaScript making the cross-origin request. If you need to access headers beyond the safelisted response headers, such as Content-Encoding or cf-cache-status, you must specify it here.
- `id` (String) Identifier for this rule
- `max_age_seconds` (Number) Specifies the amount of time (in seconds) browsers are allowed to cache CORS preflight responses. Browsers may limit this to 2 hours or less, even if the maximum value (86400) is specified.
<a id="nestedatt--rules--allowed"></a>
### Nested Schema for `rules.allowed`
Read-Only:
- `headers` (List of String) Specifies the value for the Access-Control-Allow-Headers header R2 sets when requesting objects in this bucket from a browser. Cross-origin requests that include custom headers (e.g. x-user-id) should specify these headers as AllowedHeaders.
- `methods` (List of String) Specifies the value for the Access-Control-Allow-Methods header R2 sets when requesting objects in a bucket from a browser.
- `origins` (List of String) Specifies the value for the Access-Control-Allow-Origin header R2 sets when requesting objects in a bucket from a browser.

54
docs/data-sources/r2_bucket_event_notification.md Normal file
View file

@ -0,0 +1,54 @@
---
page_title: "cloudflare_r2_bucket_event_notification Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_bucket_event_notification (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_bucket_event_notification" "example_r2_bucket_event_notification" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
### Read-Only
- `queues` (Attributes List) List of queues associated with the bucket. (see [below for nested schema](#nestedatt--queues))
<a id="nestedatt--queues"></a>
### Nested Schema for `queues`
Read-Only:
- `queue_id` (String) Queue ID
- `queue_name` (String) Name of the queue
- `rules` (Attributes List) (see [below for nested schema](#nestedatt--queues--rules))
<a id="nestedatt--queues--rules"></a>
### Nested Schema for `queues.rules`
Read-Only:
- `actions` (List of String) Array of R2 object actions that will trigger notifications
- `created_at` (String) Timestamp when the rule was created
- `description` (String) A description that can be used to identify the event notification rule after creation
- `prefix` (String) Notifications will be sent only for objects with this prefix
- `rule_id` (String) Rule ID
- `suffix` (String) Notifications will be sent only for objects with this suffix

105
docs/data-sources/r2_bucket_lifecycle.md Normal file
View file

@ -0,0 +1,105 @@
---
page_title: "cloudflare_r2_bucket_lifecycle Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_bucket_lifecycle (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_bucket_lifecycle" "example_r2_bucket_lifecycle" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
### Read-Only
- `rules` (Attributes List) (see [below for nested schema](#nestedatt--rules))
<a id="nestedatt--rules"></a>
### Nested Schema for `rules`
Read-Only:
- `abort_multipart_uploads_transition` (Attributes) Transition to abort ongoing multipart uploads (see [below for nested schema](#nestedatt--rules--abort_multipart_uploads_transition))
- `conditions` (Attributes) Conditions that apply to all transitions of this rule (see [below for nested schema](#nestedatt--rules--conditions))
- `delete_objects_transition` (Attributes) Transition to delete objects (see [below for nested schema](#nestedatt--rules--delete_objects_transition))
- `enabled` (Boolean) Whether or not this rule is in effect
- `id` (String) Unique identifier for this rule
- `storage_class_transitions` (Attributes List) Transitions to change the storage class of objects (see [below for nested schema](#nestedatt--rules--storage_class_transitions))
<a id="nestedatt--rules--abort_multipart_uploads_transition"></a>
### Nested Schema for `rules.abort_multipart_uploads_transition`
Read-Only:
- `condition` (Attributes) Condition for lifecycle transitions to apply after an object reaches an age in seconds (see [below for nested schema](#nestedatt--rules--abort_multipart_uploads_transition--condition))
<a id="nestedatt--rules--abort_multipart_uploads_transition--condition"></a>
### Nested Schema for `rules.abort_multipart_uploads_transition.condition`
Read-Only:
- `max_age` (Number)
- `type` (String)
<a id="nestedatt--rules--conditions"></a>
### Nested Schema for `rules.conditions`
Read-Only:
- `prefix` (String) Transitions will only apply to objects/uploads in the bucket that start with the given prefix, an empty prefix can be provided to scope rule to all objects/uploads
<a id="nestedatt--rules--delete_objects_transition"></a>
### Nested Schema for `rules.delete_objects_transition`
Read-Only:
- `condition` (Attributes) Condition for lifecycle transitions to apply after an object reaches an age in seconds (see [below for nested schema](#nestedatt--rules--delete_objects_transition--condition))
<a id="nestedatt--rules--delete_objects_transition--condition"></a>
### Nested Schema for `rules.delete_objects_transition.condition`
Read-Only:
- `date` (String)
- `max_age` (Number)
- `type` (String)
<a id="nestedatt--rules--storage_class_transitions"></a>
### Nested Schema for `rules.storage_class_transitions`
Read-Only:
- `condition` (Attributes) Condition for lifecycle transitions to apply after an object reaches an age in seconds (see [below for nested schema](#nestedatt--rules--storage_class_transitions--condition))
- `storage_class` (String)
<a id="nestedatt--rules--storage_class_transitions--condition"></a>
### Nested Schema for `rules.storage_class_transitions.condition`
Read-Only:
- `date` (String)
- `max_age` (Number)
- `type` (String)

52
docs/data-sources/r2_bucket_lock.md Normal file
View file

@ -0,0 +1,52 @@
---
page_title: "cloudflare_r2_bucket_lock Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_bucket_lock (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_bucket_lock" "example_r2_bucket_lock" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
### Read-Only
- `rules` (Attributes List) (see [below for nested schema](#nestedatt--rules))
<a id="nestedatt--rules"></a>
### Nested Schema for `rules`
Read-Only:
- `condition` (Attributes) Condition to apply a lock rule to an object for how long in seconds (see [below for nested schema](#nestedatt--rules--condition))
- `enabled` (Boolean) Whether or not this rule is in effect
- `id` (String) Unique identifier for this rule
- `prefix` (String) Rule will only apply to objects/uploads in the bucket that start with the given prefix, an empty prefix can be provided to scope rule to all objects/uploads
<a id="nestedatt--rules--condition"></a>
### Nested Schema for `rules.condition`
Read-Only:
- `date` (String)
- `max_age_seconds` (Number)
- `type` (String)

56
docs/data-sources/r2_bucket_sippy.md Normal file
View file

@ -0,0 +1,56 @@
---
page_title: "cloudflare_r2_bucket_sippy Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_bucket_sippy (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_bucket_sippy" "example_r2_bucket_sippy" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
### Read-Only
- `destination` (Attributes) Details about the configured destination bucket (see [below for nested schema](#nestedatt--destination))
- `enabled` (Boolean) State of Sippy for this bucket
- `source` (Attributes) Details about the configured source bucket (see [below for nested schema](#nestedatt--source))
<a id="nestedatt--destination"></a>
### Nested Schema for `destination`
Read-Only:
- `access_key_id` (String) ID of the Cloudflare API token used when writing objects to this
bucket
- `account` (String)
- `bucket` (String) Name of the bucket on the provider
- `provider` (String)
<a id="nestedatt--source"></a>
### Nested Schema for `source`
Read-Only:
- `bucket` (String) Name of the bucket on the provider
- `provider` (String)
- `region` (String) Region where the bucket resides (AWS only)

48
docs/data-sources/r2_custom_domain.md Normal file
View file

@ -0,0 +1,48 @@
---
page_title: "cloudflare_r2_custom_domain Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_r2_custom_domain (Data Source)
## Example Usage
```terraform
data "cloudflare_r2_custom_domain" "example_r2_custom_domain" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
bucket_name = "example-bucket"
domain_name = "example-domain/custom-domain.com"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Account ID
- `bucket_name` (String) Name of the bucket
- `domain_name` (String) Name of the custom domain
### Read-Only
- `domain` (String) Domain name of the custom domain to be added
- `enabled` (Boolean) Whether this bucket is publicly accessible at the specified custom domain
- `min_tls` (String) Minimum TLS Version the custom domain will accept for incoming connections. If not set, defaults to 1.0.
- `status` (Attributes) (see [below for nested schema](#nestedatt--status))
- `zone_id` (String) Zone ID of the custom domain resides in
- `zone_name` (String) Zone that the custom domain resides in
<a id="nestedatt--status"></a>
### Nested Schema for `status`
Read-Only:
- `ownership` (String) Ownership status of the domain
- `ssl` (String) SSL certificate status

47
docs/data-sources/registrar_domains.md
View file

@ -35,51 +35,4 @@ data "cloudflare_registrar_domains" "example_registrar_domains" {
<a id="nestedatt--result"></a>
### Nested Schema for `result`
Read-Only:
- `available` (Boolean) Shows if a domain is available for transferring into Cloudflare Registrar.
- `can_register` (Boolean) Indicates if the domain can be registered as a new domain.
- `created_at` (String) Shows time of creation.
- `current_registrar` (String) Shows name of current registrar.
- `expires_at` (String) Shows when domain name registration expires.
- `id` (String) Domain identifier.
- `locked` (Boolean) Shows whether a registrar lock is in place for a domain.
- `registrant_contact` (Attributes) Shows contact information for domain registrant. (see [below for nested schema](#nestedatt--result--registrant_contact))
- `registry_statuses` (String) A comma-separated list of registry status codes. A full list of status codes can be found at [EPP Status Codes](https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en).
- `supported_tld` (Boolean) Whether a particular TLD is currently supported by Cloudflare Registrar. Refer to [TLD Policies](https://www.cloudflare.com/tld-policies/) for a list of supported TLDs.
- `transfer_in` (Attributes) Statuses for domain transfers into Cloudflare Registrar. (see [below for nested schema](#nestedatt--result--transfer_in))
- `updated_at` (String) Last updated.
<a id="nestedatt--result--registrant_contact"></a>
### Nested Schema for `result.registrant_contact`
Read-Only:
- `address` (String) Address.
- `address2` (String) Optional address line for unit, floor, suite, etc.
- `city` (String) City.
- `country` (String) The country in which the user lives.
- `email` (String) The contact email address of the user.
- `fax` (String) Contact fax number.
- `first_name` (String) User's first name
- `id` (String) Contact Identifier.
- `last_name` (String) User's last name
- `organization` (String) Name of organization.
- `phone` (String) User's telephone number
- `state` (String) State.
- `zip` (String) The zipcode or postal code where the user lives.
<a id="nestedatt--result--transfer_in"></a>
### Nested Schema for `result.transfer_in`
Read-Only:
- `accept_foa` (String) Form of authorization has been accepted by the registrant.
- `approve_transfer` (String) Shows transfer status with the registry.
- `can_cancel_transfer` (Boolean) Indicates if cancellation is still possible.
- `disable_privacy` (String) Privacy guards are disabled at the foreign registrar.
- `enter_auth_code` (String) Auth code has been entered and verified.
- `unlock_domain` (String) Domain is unlocked at the foreign registrar.

7
docs/data-sources/stream_audio_track.md
View file

@ -26,4 +26,11 @@ data "cloudflare_stream_audio_track" "example_stream_audio_track" {
- `account_id` (String) The account identifier tag.
- `identifier` (String) A Cloudflare-generated unique identifier for a media item.
### Read-Only
- `default` (Boolean) Denotes whether the audio track will be played by default in a player.
- `label` (String) A string to uniquely identify the track amongst other audio track labels for the specified video.
- `status` (String) Specifies the processing status of the video.
- `uid` (String) A Cloudflare-generated unique identifier for a media item.

5
docs/data-sources/stream_key.md
View file

@ -24,4 +24,9 @@ data "cloudflare_stream_key" "example_stream_key" {
- `account_id` (String) Identifier
### Read-Only
- `created` (String) The date and time a signing key was created.
- `id` (String) Identifier

16
docs/data-sources/user_agent_blocking_rules.md
View file

@ -41,20 +41,4 @@ data "cloudflare_user_agent_blocking_rules" "example_user_agent_blocking_rules"
<a id="nestedatt--result"></a>
### Nested Schema for `result`
Read-Only:
- `configuration` (Attributes) The configuration object for the current rule. (see [below for nested schema](#nestedatt--result--configuration))
- `description` (String) An informative summary of the rule.
- `id` (String) The unique identifier of the User Agent Blocking rule.
- `mode` (String) The action to apply to a matched request.
- `paused` (Boolean) When true, indicates that the rule is currently paused.
<a id="nestedatt--result--configuration"></a>
### Nested Schema for `result.configuration`
Read-Only:
- `target` (String) The configuration target for this rule. You must set the target to `ua` for User Agent Blocking rules.
- `value` (String) The exact user agent string to match. This value will be compared to the received `User-Agent` HTTP header value.

10
docs/data-sources/waiting_room_rules.md
View file

@ -26,4 +26,14 @@ data "cloudflare_waiting_room_rules" "example_waiting_room_rules" {
- `waiting_room_id` (String)
- `zone_id` (String) Identifier
### Read-Only
- `action` (String) The action to take when the expression matches.
- `description` (String) The description of the rule.
- `enabled` (Boolean) When set to true, the rule is enabled.
- `expression` (String) Criteria defining when there is a match for the current rule.
- `id` (String) The ID of the rule.
- `last_updated` (String)
- `version` (String) The version of the rule.

11
docs/data-sources/workers_cron_trigger.md
View file

@ -28,15 +28,6 @@ data "cloudflare_workers_cron_trigger" "example_workers_cron_trigger" {
### Read-Only
- `schedules` (Attributes List) (see [below for nested schema](#nestedatt--schedules))
<a id="nestedatt--schedules"></a>
### Nested Schema for `schedules`
Read-Only:
- `created_on` (String)
- `cron` (String)
- `modified_on` (String)
- `schedules` (List of String)

35
docs/data-sources/workers_route.md Normal file
View file

@ -0,0 +1,35 @@
---
page_title: "cloudflare_workers_route Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_workers_route (Data Source)
## Example Usage
```terraform
data "cloudflare_workers_route" "example_workers_route" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
route_id = "023e105f4ecef8ad9ca31a8372d0c353"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `route_id` (String) Identifier
- `zone_id` (String) Identifier
### Read-Only
- `id` (String) Identifier
- `pattern` (String)
- `script` (String) Name of the script, used in URLs and route configuration.

44
docs/data-sources/workers_routes.md Normal file
View file

@ -0,0 +1,44 @@
---
page_title: "cloudflare_workers_routes Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_workers_routes (Data Source)
## Example Usage
```terraform
data "cloudflare_workers_routes" "example_workers_routes" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `zone_id` (String) Identifier
### Optional
- `max_items` (Number) Max items to fetch, default: 1000
### Read-Only
- `result` (Attributes List) The items returned by the data source (see [below for nested schema](#nestedatt--result))
<a id="nestedatt--result"></a>
### Nested Schema for `result`
Read-Only:
- `id` (String) Identifier
- `pattern` (String)
- `script` (String) Name of the script, used in URLs and route configuration.

13
docs/data-sources/zero_trust_access_infrastructure_target.md
View file

@ -48,13 +48,26 @@ Optional:
- `direction` (String) The sorting direction.
- `hostname` (String) Hostname of a target
- `hostname_contains` (String) Partial match to the hostname of a target
- `ip_like` (String) Filters for targets whose IP addresses look like the specified string.
Supports `*` as a wildcard character
- `ip_v4` (String) IPv4 address of the target
- `ip_v6` (String) IPv6 address of the target
- `ips` (List of String) Filters for targets that have any of the following IP addresses. Specify
`ips` multiple times in query parameter to build list of candidates.
- `ipv4_end` (String) Defines an IPv4 filter range's ending value (inclusive). Requires
`ipv4_start` to be specified as well.
- `ipv4_start` (String) Defines an IPv4 filter range's starting value (inclusive). Requires
`ipv4_end` to be specified as well.
- `ipv6_end` (String) Defines an IPv6 filter range's ending value (inclusive). Requires
`ipv6_start` to be specified as well.
- `ipv6_start` (String) Defines an IPv6 filter range's starting value (inclusive). Requires
`ipv6_end` to be specified as well.
- `modified_after` (String) Date and time at which the target was modified after (inclusive)
- `modified_before` (String) Date and time at which the target was modified before (inclusive)
- `order` (String) The field to sort by.
- `target_ids` (List of String) Filters for targets that have any of the following UUIDs. Specify
`target_ids` multiple times in query parameter to build list of
candidates.
- `virtual_network_id` (String) Private virtual network identifier of the target

19
docs/data-sources/zero_trust_access_infrastructure_targets.md
View file

@ -19,12 +19,18 @@ data "cloudflare_zero_trust_access_infrastructure_targets" "example_zero_trust_a
direction = "asc"
hostname = "hostname"
hostname_contains = "hostname_contains"
ip_like = "ip_like"
ip_v4 = "ip_v4"
ip_v6 = "ip_v6"
ips = ["string"]
ipv4_end = "ipv4_end"
ipv4_start = "ipv4_start"
ipv6_end = "ipv6_end"
ipv6_start = "ipv6_start"
modified_after = "2019-12-27T18:11:19.117Z"
modified_before = "2019-12-27T18:11:19.117Z"
order = "hostname"
target_ids = ["182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"]
virtual_network_id = "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
}
```
@ -43,14 +49,27 @@ data "cloudflare_zero_trust_access_infrastructure_targets" "example_zero_trust_a
- `direction` (String) The sorting direction.
- `hostname` (String) Hostname of a target
- `hostname_contains` (String) Partial match to the hostname of a target
- `ip_like` (String) Filters for targets whose IP addresses look like the specified string.
Supports `*` as a wildcard character
- `ip_v4` (String) IPv4 address of the target
- `ip_v6` (String) IPv6 address of the target
- `ips` (List of String) Filters for targets that have any of the following IP addresses. Specify
`ips` multiple times in query parameter to build list of candidates.
- `ipv4_end` (String) Defines an IPv4 filter range's ending value (inclusive). Requires
`ipv4_start` to be specified as well.
- `ipv4_start` (String) Defines an IPv4 filter range's starting value (inclusive). Requires
`ipv4_end` to be specified as well.
- `ipv6_end` (String) Defines an IPv6 filter range's ending value (inclusive). Requires
`ipv6_start` to be specified as well.
- `ipv6_start` (String) Defines an IPv6 filter range's starting value (inclusive). Requires
`ipv6_end` to be specified as well.
- `max_items` (Number) Max items to fetch, default: 1000
- `modified_after` (String) Date and time at which the target was modified after (inclusive)
- `modified_before` (String) Date and time at which the target was modified before (inclusive)
- `order` (String) The field to sort by.
- `target_ids` (List of String) Filters for targets that have any of the following UUIDs. Specify
`target_ids` multiple times in query parameter to build list of
candidates.
- `virtual_network_id` (String) Private virtual network identifier of the target
### Read-Only

6
docs/data-sources/zero_trust_access_mtls_hostname_settings.md
View file

@ -26,4 +26,10 @@ data "cloudflare_zero_trust_access_mtls_hostname_settings" "example_zero_trust_a
- `account_id` (String) The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
- `zone_id` (String) The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
### Read-Only
- `china_network` (Boolean) Request client certificates for this hostname in China. Can only be set to true if this zone is china network enabled.
- `client_certificate_forwarding` (Boolean) Client Certificate Forwarding is a feature that takes the client cert provided by the eyeball to the edge, and forwards it to the origin as a HTTP header to allow logging on the origin.
- `hostname` (String) The hostname that these settings apply to.

6
docs/data-sources/zero_trust_device_custom_profile_local_domain_fallback.md
View file

@ -26,4 +26,10 @@ data "cloudflare_zero_trust_device_custom_profile_local_domain_fallback" "exampl
- `account_id` (String)
- `policy_id` (String) Device ID.
### Read-Only
- `description` (String) A description of the fallback domain, displayed in the client UI.
- `dns_server` (List of String) A list of IP addresses to handle domain resolution.
- `suffix` (String) The domain suffix to match when resolving locally.

6
docs/data-sources/zero_trust_device_default_profile_local_domain_fallback.md
View file

@ -24,4 +24,10 @@ data "cloudflare_zero_trust_device_default_profile_local_domain_fallback" "examp
- `account_id` (String)
### Read-Only
- `description` (String) A description of the fallback domain, displayed in the client UI.
- `dns_server` (List of String) A list of IP addresses to handle domain resolution.
- `suffix` (String) The domain suffix to match when resolving locally.

10
docs/data-sources/zero_trust_device_managed_networks.md
View file

@ -31,17 +31,9 @@ data "cloudflare_zero_trust_device_managed_networks" "example_zero_trust_device_
### Read-Only
- `config` (Attributes) The configuration object containing information for the WARP client to detect the managed network. (see [below for nested schema](#nestedatt--config))
- `config` (String) The configuration object containing information for the WARP client to detect the managed network.
- `id` (String) API UUID.
- `name` (String) The name of the device managed network. This name must be unique.
- `type` (String) The type of device managed network.
<a id="nestedatt--config"></a>
### Nested Schema for `config`
Read-Only:
- `sha256` (String) The SHA-256 hash of the TLS certificate presented by the host found at tls_sockaddr. If absent, regular certificate verification (trusted roots, valid timestamp, etc) will be used to validate the certificate.
- `tls_sockaddr` (String) A network address of the form "host:port" that the WARP client will use to detect the presence of a TLS host.

10
docs/data-sources/zero_trust_device_managed_networks_list.md
View file

@ -37,17 +37,9 @@ data "cloudflare_zero_trust_device_managed_networks_list" "example_zero_trust_de
Read-Only:
- `config` (Attributes) The configuration object containing information for the WARP client to detect the managed network. (see [below for nested schema](#nestedatt--result--config))
- `config` (String) The configuration object containing information for the WARP client to detect the managed network.
- `name` (String) The name of the device managed network. This name must be unique.
- `network_id` (String) API UUID.
- `type` (String) The type of device managed network.
<a id="nestedatt--result--config"></a>
### Nested Schema for `result.config`
Read-Only:
- `sha256` (String) The SHA-256 hash of the TLS certificate presented by the host found at tls_sockaddr. If absent, regular certificate verification (trusted roots, valid timestamp, etc) will be used to validate the certificate.
- `tls_sockaddr` (String) A network address of the form "host:port" that the WARP client will use to detect the presence of a TLS host.

2
docs/data-sources/zero_trust_dlp_custom_profile.md
View file

@ -28,6 +28,7 @@ data "cloudflare_zero_trust_dlp_custom_profile" "example_zero_trust_dlp_custom_p
### Read-Only
- `ai_context_enabled` (Boolean)
- `allowed_match_count` (Number) Related DLP policies will trigger when the match count exceeds the number set.
- `confidence_threshold` (String)
- `context_awareness` (Attributes) Scan the context of predefined entries to only return matches surrounded by keywords. (see [below for nested schema](#nestedatt--context_awareness))
@ -80,6 +81,7 @@ Read-Only:
Read-Only:
- `ai_context_available` (Boolean)
- `available` (Boolean) Indicates whether this entry can be made more or less sensitive by setting a confidence threshold.
Profiles that use an entry with `available` set to true can use confidence thresholds

1
docs/data-sources/zero_trust_dlp_entries.md
View file

@ -54,6 +54,7 @@ Read-Only:
Read-Only:
- `ai_context_available` (Boolean)
- `available` (Boolean) Indicates whether this entry can be made more or less sensitive by setting a confidence threshold.
Profiles that use an entry with `available` set to true can use confidence thresholds

1
docs/data-sources/zero_trust_dlp_entry.md
View file

@ -48,6 +48,7 @@ data "cloudflare_zero_trust_dlp_entry" "example_zero_trust_dlp_entry" {
Read-Only:
- `ai_context_available` (Boolean)
- `available` (Boolean) Indicates whether this entry can be made more or less sensitive by setting a confidence threshold.
Profiles that use an entry with `available` set to true can use confidence thresholds

2
docs/data-sources/zero_trust_dlp_predefined_profile.md
View file

@ -28,6 +28,7 @@ data "cloudflare_zero_trust_dlp_predefined_profile" "example_zero_trust_dlp_pred
### Read-Only
- `ai_context_enabled` (Boolean)
- `allowed_match_count` (Number) Related DLP policies will trigger when the match count exceeds the number set.
- `confidence_threshold` (String)
- `context_awareness` (Attributes) Scan the context of predefined entries to only return matches surrounded by keywords. (see [below for nested schema](#nestedatt--context_awareness))
@ -80,6 +81,7 @@ Read-Only:
Read-Only:
- `ai_context_available` (Boolean)
- `available` (Boolean) Indicates whether this entry can be made more or less sensitive by setting a confidence threshold.
Profiles that use an entry with `available` set to true can use confidence thresholds

9
docs/data-sources/zero_trust_gateway_proxy_endpoint.md
View file

@ -26,4 +26,13 @@ data "cloudflare_zero_trust_gateway_proxy_endpoint" "example_zero_trust_gateway_
- `account_id` (String)
- `proxy_endpoint_id` (String)
### Read-Only
- `created_at` (String)
- `id` (String) The ID of this resource.
- `ips` (List of String) A list of CIDRs to restrict ingress connections.
- `name` (String) The name of the proxy endpoint.
- `subdomain` (String) The subdomain to be used as the destination in the proxy client.
- `updated_at` (String)

29
docs/data-sources/zero_trust_tunnel_cloudflared_token.md Normal file
View file

@ -0,0 +1,29 @@
---
page_title: "cloudflare_zero_trust_tunnel_cloudflared_token Data Source - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_zero_trust_tunnel_cloudflared_token (Data Source)
## Example Usage
```terraform
data "cloudflare_zero_trust_tunnel_cloudflared_token" "example_zero_trust_tunnel_cloudflared_token" {
account_id = "699d98642c564d2e855e9661899b7252"
tunnel_id = "f70ff985-a4ef-4643-bbbc-4a0ed4fc8415"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Cloudflare account ID
- `tunnel_id` (String) UUID of the tunnel.

1
docs/data-sources/zone.md
View file

@ -50,6 +50,7 @@ benefits.
- `type` (String) A full zone implies that DNS is hosted with Cloudflare. A partial zone is
typically a partner-hosted zone or a CNAME setup.
- `vanity_name_servers` (List of String) An array of domains used for custom name servers. This is only available for Business and Enterprise plans.
- `verification_key` (String) Verification key for partial zone setup.
<a id="nestedatt--filter"></a>
### Nested Schema for `filter`

2
docs/data-sources/zone_cache_reserve.md
View file

@ -27,8 +27,8 @@ data "cloudflare_zone_cache_reserve" "example_zone_cache_reserve" {
### Read-Only
- `editable` (Boolean) Whether the setting is editable
- `id` (String) ID of the zone setting.
- `modified_on` (String) Last time this setting was modified.
- `value` (String) The value of the feature
- `zone_setting_id` (String) ID of the zone setting.

1
docs/data-sources/zones.md
View file

@ -94,6 +94,7 @@ benefits.
- `type` (String) A full zone implies that DNS is hosted with Cloudflare. A partial zone is
typically a partner-hosted zone or a CNAME setup.
- `vanity_name_servers` (List of String) An array of domains used for custom name servers. This is only available for Business and Enterprise plans.
- `verification_key` (String) Verification key for partial zone setup.
<a id="nestedatt--result--account"></a>
### Nested Schema for `result.account`

2
docs/guides/migrating-renamed-resources.md
View file

@ -17,7 +17,7 @@ description: Guide for handling renamed resources in the Cloudflare Provider
migration.
- Make backups of your configuration and state file.
~> It is recommended to do perform testing in a non-production, non-critical
~> It is recommended to perform testing in a non-production, non-critical
environment or a small subset resources before performing the changes to
all resources.

114
docs/guides/version-5-upgrade.md
View file

@ -42,40 +42,63 @@ provider "cloudflare" {
}
```
## Resource renames
## Approach
For an in depth guide on how to perform migrations for resources or datasources that
have been renamed, check out [migrating renamed resources].
At a high level, there are two parts to the migration. The first is the migration of the
configuration (HCL) and the second is the migration of the state. Within each of those
sections, there is the need to migrate attributes and potentially the resource rename.
The pattern files for v5 resource renames are:
### Automatic
- `cloudflare_terraform_v5_resource_renames_configuration`
- `cloudflare_terraform_v5_resource_renames_state`
For assisting with automatic migrations, we have provided [GritQL] patterns.
## Automatic migration
For assisting with automatic migrations, we have provided a [GritQL] pattern.
This will allow you to rewrite the parts of your Terraform configuration (not state)
that have changed automatically. Once you [install Grit], you can run the following
command in the directory where your Terraform configuration is located.
This will allow you to rewrite the parts of your Terraform configuration and state
that have changed automatically. Once you [install Grit], you can run the commands
in the directory where your Terraform configuration is located.
~> While all efforts have been made to ease the transition, some of the more complex
resources that may contain difficult to reconcile resources have been intentionally
skipped for the automatic migration and are only manually documented. If you are
using modules or other dynamic features of HCL, the provided codemods may not be
as effective. We recommend reviewing the migration notes below to verify all the
as effective. We recommend reviewing the manual migration notes to verify all the
changes.
```bash
$ grit apply github.com/cloudflare/terraform-provider-cloudflare#cloudflare_terraform_v5
```
We recommend ensuring you are using version control for these changes or make a
backup prior to initiating the change to enable reverting if needed.
1. Update the resource attributes in your configuration. _Note: this will not update
your state file. The next step will determine how your state file is updated._
```bash
$ grit apply github.com/cloudflare/terraform-provider-cloudflare#cloudflare_terraform_v5
```
2. Choose the appropriate method from [migrating renamed resources] that best suits
your situation and use case to migrate the attribute changes. If you are choosing to
use the provided GritQL patterns, the pattern name is
`cloudflare_terraform_v5_attribute_renames_state`. Otherwise, you can reimport the
resources without manually managing the state file.
3. Perform the resource renames. _Note: this will not update your state file.
The next step will determine how your state file is updated._
```bash
$ grit apply github.com/cloudflare/terraform-provider-cloudflare#cloudflare_terraform_v5_resource_renames_configuration
```
4. Choose the appropriate method from [migrating renamed resources] that best suits
your situation and use case to migrate the resource renames. If you are choosing to
use the provided GritQL patterns, the pattern name is
`cloudflare_terraform_v5_resource_renames_state`.
### Manual
1. Update the resource attributes in your configuration using the migration notes.
2. Choose the appropriate method from [migrating renamed resources] that best suits
your situation and use case to migrate the attribute changes.
3. Perform the resource renames using the migration notes.
4. Choose the appropriate method from [migrating renamed resources] that best suits
your situation and use case to migrate the resource renames.
<!-- This code block is only used for confirming grit patterns -->
## Changelog
```grit
language hcl
@ -152,7 +175,7 @@ cloudflare_terraform_v5()
## cloudflare_device_settings_policy
- Renamed to `cloudflare_zero_trust_device_profiles`
- Renamed to `cloudflare_zero_trust_device_custom_profile` or `cloudflare_zero_trust_device_custom_profile` depending on your intended usage.
## cloudflare_dlp_custom_profile
@ -166,7 +189,7 @@ cloudflare_terraform_v5()
- Renamed to `cloudflare_zero_trust_custom_dlp_profile` or `cloudflare_zero_trust_predefined_dlp_profile` depending on which you are targeting.
## cloudflare_fallback_domain
## cloudflare_fallback_domain / cloudflare_zero_trust_local_fallback_domain
- Renamed to `cloudflare_zero_trust_device_custom_profile_local_domain_fallback` or `cloudflare_zero_trust_device_default_profile_local_domain_fallback` depending on which you are targeting.
@ -192,7 +215,7 @@ cloudflare_terraform_v5()
## cloudflare_split_tunnel
- Renamed to `cloudflare_zero_trust_split_tunnels`
- Renamed to `cloudflare_zero_trust_device_default_profile` and `cloudflare_zero_trust_device_custom_profile` depending on which you are targeting.
## cloudflare_static_route
@ -228,11 +251,11 @@ cloudflare_terraform_v5()
## cloudflare_tunnel_route
- Renamed to `cloudflare_zero_trust_tunnel_route`
- Renamed to `cloudflare_zero_trust_tunnel_cloudflared_route`
## cloudflare_tunnel_virtual_network
- Renamed to `cloudflare_zero_trust_tunnel_virtual_network`
- Renamed to `cloudflare_zero_trust_tunnel_cloudflared_virtual_network`
## cloudflare_worker_cron_trigger
@ -254,10 +277,6 @@ cloudflare_terraform_v5()
- Renamed to `cloudflare_workers_for_platforms_dispatch_namespace`
## cloudflare_zone_dnssec
- Renamed to `cloudflare_dns_zone_dnssec`
## cloudflare_managed_headers
- Renamed to `cloudflare_managed_transforms`
@ -830,6 +849,10 @@ resource "cloudflare_api_token" "example" {
}
```
## cloudflare_custom_page
- `cloudflare_custom_page` has been removed.
## cloudflare_zone_settings_override
- `cloudflare_zone_settings_override` has been removed. Use `cloudflare_zone_setting` instead on a per setting basis.
@ -1118,6 +1141,9 @@ resource "cloudflare_api_token" "example" {
## cloudflare_dns_record
- `data` is now a single nested attribute (`data = { ... }`) instead of a block (`data { ... }`).
- `data.flag` is now a number (`flag = 0`) instead of a string (`flag = "0"`).
- `hostname` has been removed. Instead, you should use a combination of data source and resource attributes to get the same value.
- `allow_overwrite` has been removed.
## cloudflare_zero_trust_risk_behavior
@ -1138,7 +1164,7 @@ resource "cloudflare_api_token" "example" {
- `from_list` is now a list of objects (`from_list = [{ ... }]`) instead of multiple block attribute (`from_list { ... }`).
- `from_value` is now a list of objects (`from_value = [{ ... }]`) instead of multiple block attribute (`from_value { ... }`).
- `header` is now a list of objects (`header = [{ ... }]`) instead of multiple block attribute (`header { ... }`).
- `headers` is now a list of objects (`headers = [{ ... }]`) instead of multiple block attribute (`headers { ... }`).
- `headers` is now a map of attributes keyed by the name instead of multiple block attribute (`headers { ... }`).
- `host` is now a list of objects (`host = [{ ... }]`) instead of multiple block attribute (`host { ... }`).
- `logging` is now a single nested attribute (`logging = { ... }`) instead of a block (`logging { ... }`).
- `matched_data` is now a list of objects (`matched_data = [{ ... }]`) instead of multiple block attribute (`matched_data { ... }`).
@ -1228,9 +1254,6 @@ resource "cloudflare_api_token" "example" {
## cloudflare_workers_script
- `name` is now `script_name`.
- `compatibility_date` is now `metadata.compatibility_date`.
- `compatibility_flags` is now `metadata.compatibility_flags`.
- `tags` is now `metadata.tags`.
- `analytics_engine_binding` is now a list of objects (`analytics_engine_binding = [{ ... }]`) instead of multiple block attribute (`analytics_engine_binding { ... }`).
- `d1_database_binding` is now a list of objects (`d1_database_binding = [{ ... }]`) instead of multiple block attribute (`d1_database_binding { ... }`).
- `kv_namespace_binding` is now a list of objects (`kv_namespace_binding = [{ ... }]`) instead of multiple block attribute (`kv_namespace_binding { ... }`).
@ -1249,6 +1272,7 @@ resource "cloudflare_api_token" "example" {
## cloudflare_page_rule
- `actions`is now a single nested attribute instead of a block.
- `ignore = true` is now `exclude = ["*"]`
- `ignore = false` is now `include = ["*"]`
- `cache_ttl_by_status` is now a map (`cache_ttl_by_status = { ... }`) instead of a list of objects (`cache_ttl_by_status = [{ ... }]`)
@ -1258,16 +1282,14 @@ Before
```
resource "cloudflare_page_rule" "example" {
target = "example.com"
actions = [
{
cache_key_fields = {
query_string = {
ignore = true
ignore = false
}
actions {
cache_key_fields = {
query_string = {
ignore = true
ignore = false
}
}
]
}
}
```
@ -1276,16 +1298,14 @@ After
```
resource "cloudflare_page_rule" "example" {
target = "example.com"
actions = [
{
cache_key_fields = {
query_string = {
exclude = ["*"]
include = ["*"]
}
actions = {
cache_key_fields = {
query_string = {
exclude = ["*"]
include = ["*"]
}
}
]
}
}
```

6
docs/resources/api_shield.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
resource "cloudflare_api_shield" "example_api_shield" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
auth_id_characteristics = [{
name = "authorization"
type = "header"
@ -27,12 +27,12 @@ resource "cloudflare_api_shield" "example_api_shield" {
### Required
- `auth_id_characteristics` (Attributes List) (see [below for nested schema](#nestedatt--auth_id_characteristics))
- `zone_id` (String) Identifier
- `zone_id` (String)
### Read-Only
- `errors` (Attributes List) (see [below for nested schema](#nestedatt--errors))
- `id` (String) Identifier
- `id` (String) The ID of this resource.
- `messages` (Attributes List) (see [below for nested schema](#nestedatt--messages))
- `success` (Boolean) Whether the API call was successful

10
docs/resources/api_shield_discovery_operation.md
View file

@ -13,8 +13,8 @@ description: |-
```terraform
resource "cloudflare_api_shield_discovery_operation" "example_api_shield_discovery_operation" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
operation_id = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415"
zone_id = "zone_id"
operation_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
state = "review"
}
```
@ -24,8 +24,8 @@ resource "cloudflare_api_shield_discovery_operation" "example_api_shield_discove
### Required
- `operation_id` (String) UUID
- `zone_id` (String) Identifier
- `operation_id` (String)
- `zone_id` (String)
### Optional
@ -35,6 +35,6 @@ resource "cloudflare_api_shield_discovery_operation" "example_api_shield_discove
### Read-Only
- `id` (String) UUID
- `id` (String) The ID of this resource.

10
docs/resources/api_shield_operation.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
resource "cloudflare_api_shield_operation" "example_api_shield_operation" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
endpoint = "/api/v1/users/{var1}"
host = "www.example.com"
method = "GET"
@ -28,14 +28,14 @@ resource "cloudflare_api_shield_operation" "example_api_shield_operation" {
- `endpoint` (String) The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/.
- `host` (String) RFC3986-compliant host.
- `method` (String) The HTTP method used to access the endpoint.
- `zone_id` (String) Identifier
- `zone_id` (String)
### Read-Only
- `features` (Attributes) (see [below for nested schema](#nestedatt--features))
- `id` (String) UUID
- `id` (String) The ID of this resource.
- `last_updated` (String)
- `operation_id` (String) UUID
- `operation_id` (String)
<a id="nestedatt--features"></a>
### Nested Schema for `features`
@ -145,7 +145,7 @@ Read-Only:
Read-Only:
- `created_at` (String)
- `id` (String) UUID
- `id` (String)
- `is_learned` (Boolean) True if schema is Cloudflare-provided.
- `name` (String) Schema file name.

4
docs/resources/api_shield_operation_schema_validation_settings.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
resource "cloudflare_api_shield_operation_schema_validation_settings" "example_api_shield_operation_schema_validation_settings" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
operation_id = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415"
mitigation_action = "log"
}
@ -25,7 +25,7 @@ resource "cloudflare_api_shield_operation_schema_validation_settings" "example_a
### Required
- `operation_id` (String) UUID
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional

6
docs/resources/api_shield_schema.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
resource "cloudflare_api_shield_schema" "example_api_shield_schema" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
file = "file.txt"
kind = "openapi_v3"
name = "petstore schema"
@ -28,7 +28,7 @@ resource "cloudflare_api_shield_schema" "example_api_shield_schema" {
- `file` (String) Schema file bytes
- `kind` (String) Kind of schema
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -51,7 +51,7 @@ Read-Only:
- `created_at` (String)
- `kind` (String) Kind of schema
- `name` (String) Name of the schema
- `schema_id` (String) UUID
- `schema_id` (String)
- `source` (String) Source of the schema
- `validation_enabled` (Boolean) Flag whether schema is enabled for validation.

6
docs/resources/api_shield_schema_validation_settings.md
View file

@ -13,7 +13,7 @@ description: |-
```terraform
resource "cloudflare_api_shield_schema_validation_settings" "example_api_shield_schema_validation_settings" {
zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
zone_id = "zone_id"
validation_default_mitigation_action = "none"
validation_override_mitigation_action = "none"
}
@ -32,7 +32,7 @@ Mitigation actions are as follows:
* `block` - deny access to the site when request does not conform to schema
A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation
- `zone_id` (String) Identifier
- `zone_id` (String)
### Optional
@ -45,7 +45,7 @@ To clear any override, use the special value `disable_override` or `null`
### Read-Only
- `id` (String) Identifier
- `id` (String) The ID of this resource.
## Import

2
docs/resources/authenticated_origin_pulls.md
View file

@ -44,7 +44,9 @@ resource "cloudflare_authenticated_origin_pulls" "example_authenticated_origin_p
- `created_at` (String) The time when the certificate was created.
- `enabled` (Boolean) Indicates whether hostname-level authenticated origin pulls is enabled. A null value voids the association.
- `expires_on` (String) The date when the certificate expires.
- `id` (String) Identifier
- `issuer` (String) The certificate authority that issued the certificate.
- `private_key` (String) The hostname certificate's private key.
- `serial_number` (String) The serial number on the uploaded certificate.
- `signature` (String) The type of hash used for the certificate.
- `status` (String) Status of the certificate or the association.

18
docs/resources/cloud_connector_rules.md
View file

@ -35,6 +35,15 @@ resource "cloudflare_cloud_connector_rules" "example_cloud_connector_rules" {
- `rules` (Attributes List) List of Cloud Connector rules (see [below for nested schema](#nestedatt--rules))
- `zone_id` (String) Identifier
### Read-Only
- `cloud_provider` (String) Cloud Provider type
- `description` (String)
- `enabled` (Boolean)
- `expression` (String)
- `id` (String) The ID of this resource.
- `parameters` (Attributes) Parameters of Cloud Connector Rule (see [below for nested schema](#nestedatt--parameters))
<a id="nestedatt--rules"></a>
### Nested Schema for `rules`
@ -55,3 +64,12 @@ Optional:
- `host` (String) Host to perform Cloud Connection to
<a id="nestedatt--parameters"></a>
### Nested Schema for `parameters`
Read-Only:
- `host` (String) Host to perform Cloud Connection to

7
docs/resources/cloudforce_one_request_asset.md
View file

@ -32,7 +32,6 @@ resource "cloudflare_cloudforce_one_request_asset" "example_cloudforce_one_reque
### Optional
- `asset_identifer` (String) UUID
- `source` (String) Asset file to upload
### Read-Only
@ -43,4 +42,10 @@ resource "cloudflare_cloudforce_one_request_asset" "example_cloudforce_one_reque
- `id` (Number) Asset ID
- `name` (String) Asset name
## Import
Import is supported using the following syntax:
```shell
$ terraform import cloudflare_cloudforce_one_request_asset.example '<account_identifier>/<request_identifier>/<asset_identifer>'
```

5
docs/resources/content_scanning_expression.md
View file

@ -28,9 +28,10 @@ resource "cloudflare_content_scanning_expression" "example_content_scanning_expr
- `body` (Attributes List) (see [below for nested schema](#nestedatt--body))
- `zone_id` (String) Identifier
### Optional
### Read-Only
- `expression_id` (String) Identifier
- `id` (String) The unique ID for this custom scan expression
- `payload` (String) Ruleset expression to use in matching content objects
<a id="nestedatt--body"></a>
### Nested Schema for `body`

24
docs/resources/custom_hostname.md
View file

@ -19,6 +19,20 @@ resource "cloudflare_custom_hostname" "example_custom_hostname" {
bundle_method = "ubiquitous"
certificate_authority = "digicert"
cloudflare_branding = false
custom_cert_bundle = [{
custom_certificate = <<EOT
-----BEGIN CERTIFICATE-----
MIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...
-----END CERTIFICATE-----
EOT
custom_key = <<EOT
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/SCB5...
-----END PRIVATE KEY-----
EOT
}]
custom_certificate = "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n"
custom_key = <<EOT
-----BEGIN RSA PRIVATE KEY-----
@ -99,6 +113,7 @@ Optional:
- `bundle_method` (String) A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.
- `certificate_authority` (String) The Certificate Authority that will issue the certificate
- `cloudflare_branding` (Boolean) Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true
- `custom_cert_bundle` (Attributes List) Array of custom certificate and key pairs (1 or 2 pairs allowed) (see [below for nested schema](#nestedatt--ssl--custom_cert_bundle))
- `custom_certificate` (String) If a custom uploaded certificate is used.
- `custom_key` (String) The key for a custom uploaded certificate.
- `method` (String) Domain control validation (DCV) method used for this hostname.
@ -106,6 +121,15 @@ Optional:
- `type` (String) Level of validation to be used for this hostname. Domain validation (dv) must be used.
- `wildcard` (Boolean) Indicates whether the certificate covers a wildcard.
<a id="nestedatt--ssl--custom_cert_bundle"></a>
### Nested Schema for `ssl.custom_cert_bundle`
Required:
- `custom_certificate` (String) If a custom uploaded certificate is used.
- `custom_key` (String) The key for a custom uploaded certificate.
<a id="nestedatt--ssl--settings"></a>
### Nested Schema for `ssl.settings`

27
docs/resources/custom_ssl.md
View file

@ -100,7 +100,7 @@ resource "cloudflare_custom_ssl" "example_custom_ssl" {
- `hosts` (List of String)
- `id` (String) Identifier
- `issuer` (String) The certificate authority that issued the certificate.
- `keyless_server` (Attributes) (see [below for nested schema](#nestedatt--keyless_server))
- `keyless_server` (String)
- `modified_on` (String) When the certificate was last modified.
- `priority` (Number) The order/priority in which the certificate will be used in a request. The higher priority will break ties across overlapping 'legacy_custom' certificates, but 'legacy_custom' certificates will always supercede 'sni_custom' certificates.
- `signature` (String) The type of hash used for the certificate.
@ -114,31 +114,6 @@ Optional:
- `label` (String)
<a id="nestedatt--keyless_server"></a>
### Nested Schema for `keyless_server`
Read-Only:
- `created_on` (String) When the Keyless SSL was created.
- `enabled` (Boolean) Whether or not the Keyless SSL is on or off.
- `host` (String) The keyless SSL name.
- `id` (String) Keyless certificate identifier tag.
- `modified_on` (String) When the Keyless SSL was last modified.
- `name` (String) The keyless SSL name.
- `permissions` (List of String) Available permissions for the Keyless SSL for the current user requesting the item.
- `port` (Number) The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.
- `status` (String) Status of the Keyless SSL.
- `tunnel` (Attributes) Configuration for using Keyless SSL through a Cloudflare Tunnel (see [below for nested schema](#nestedatt--keyless_server--tunnel))
<a id="nestedatt--keyless_server--tunnel"></a>
### Nested Schema for `keyless_server.tunnel`
Read-Only:
- `private_ip` (String) Private IP of the Key Server Host
- `vnet_id` (String) Cloudflare Tunnel Virtual Network ID
## Import
Import is supported using the following syntax:

6
docs/resources/d1_database.md
View file

@ -28,7 +28,7 @@ resource "cloudflare_d1_database" "example_d1_database" {
### Required
- `account_id` (String) Account identifier tag.
- `name` (String)
- `name` (String) D1 database name.
### Optional
@ -38,9 +38,9 @@ resource "cloudflare_d1_database" "example_d1_database" {
- `created_at` (String) Specifies the timestamp the resource was created as an ISO8601 string.
- `file_size` (Number) The D1 database's size, in bytes.
- `id` (String) The ID of this resource.
- `id` (String) D1 database identifier (UUID).
- `num_tables` (Number)
- `uuid` (String)
- `uuid` (String) D1 database identifier (UUID).
- `version` (String)
## Import

2
docs/resources/dns_firewall.md
View file

@ -26,7 +26,7 @@ resource "cloudflare_dns_firewall" "example_dns_firewall" {
negative_cache_ttl = 900
ratelimit = 600
retries = 2
upstream_ips = ["192.0.2.1", "198.51.100.1", "string"]
upstream_ips = ["192.0.2.1", "198.51.100.1", "2001:DB8:100::CF"]
}
```

96
docs/resources/dns_settings.md Normal file
View file

@ -0,0 +1,96 @@
---
page_title: "cloudflare_dns_settings Resource - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_dns_settings (Resource)
## Example Usage
```terraform
resource "cloudflare_dns_settings" "example_dns_settings" {
zone_id = "zone_id"
zone_defaults = {
flatten_all_cnames = false
foundation_dns = false
internal_dns = {
reference_zone_id = "reference_zone_id"
}
multi_provider = false
nameservers = {
type = "cloudflare.standard"
}
ns_ttl = 86400
secondary_overrides = false
soa = {
expire = 604800
min_ttl = 1800
mname = "kristina.ns.cloudflare.com"
refresh = 10000
retry = 2400
rname = "admin.example.com"
ttl = 3600
}
zone_mode = "standard"
}
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `account_id` (String) The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
- `zone_defaults` (Attributes) (see [below for nested schema](#nestedatt--zone_defaults))
- `zone_id` (String) The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
<a id="nestedatt--zone_defaults"></a>
### Nested Schema for `zone_defaults`
Optional:
- `flatten_all_cnames` (Boolean) Whether to flatten all CNAME records in the zone. Note that, due to DNS limitations, a CNAME record at the zone apex will always be flattened.
- `foundation_dns` (Boolean) Whether to enable Foundation DNS Advanced Nameservers on the zone.
- `internal_dns` (Attributes) Settings for this internal zone. (see [below for nested schema](#nestedatt--zone_defaults--internal_dns))
- `multi_provider` (Boolean) Whether to enable multi-provider DNS, which causes Cloudflare to activate the zone even when non-Cloudflare NS records exist, and to respect NS records at the zone apex during outbound zone transfers.
- `nameservers` (Attributes) Settings determining the nameservers through which the zone should be available. (see [below for nested schema](#nestedatt--zone_defaults--nameservers))
- `ns_ttl` (Number) The time to live (TTL) of the zone's nameserver (NS) records.
- `secondary_overrides` (Boolean) Allows a Secondary DNS zone to use (proxied) override records and CNAME flattening at the zone apex.
- `soa` (Attributes) Components of the zone's SOA record. (see [below for nested schema](#nestedatt--zone_defaults--soa))
- `zone_mode` (String) Whether the zone mode is a regular or CDN/DNS only zone.
<a id="nestedatt--zone_defaults--internal_dns"></a>
### Nested Schema for `zone_defaults.internal_dns`
Optional:
- `reference_zone_id` (String) The ID of the zone to fallback to.
<a id="nestedatt--zone_defaults--nameservers"></a>
### Nested Schema for `zone_defaults.nameservers`
Required:
- `type` (String) Nameserver type
<a id="nestedatt--zone_defaults--soa"></a>
### Nested Schema for `zone_defaults.soa`
Required:
- `expire` (Number) Time in seconds of being unable to query the primary server after which secondary servers should stop serving the zone.
- `min_ttl` (Number) The time to live (TTL) for negative caching of records within the zone.
- `mname` (String) The primary nameserver, which may be used for outbound zone transfers.
- `refresh` (Number) Time in seconds after which secondary servers should re-check the SOA record to see if the zone has been updated.
- `retry` (Number) Time in seconds after which secondary servers should retry queries after the primary server was unresponsive.
- `rname` (String) The email address of the zone administrator, with the first label representing the local part of the email address.
- `ttl` (Number) The time to live (TTL) of the SOA record itself.

46
docs/resources/dns_settings_internal_view.md Normal file
View file

@ -0,0 +1,46 @@
---
page_title: "cloudflare_dns_settings_internal_view Resource - Cloudflare"
subcategory: ""
description: |-
---
# cloudflare_dns_settings_internal_view (Resource)
## Example Usage
```terraform
resource "cloudflare_dns_settings_internal_view" "example_dns_settings_internal_view" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
name = "my view"
zones = ["372e67954025e0ba6aaa6d586b9e0b59"]
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `account_id` (String) Identifier
### Optional
- `name` (String) The name of the view.
- `zones` (List of String) The list of zones linked to this view.
### Read-Only
- `created_time` (String) When the view was created.
- `id` (String) Identifier
- `modified_time` (String) When the view was last modified.
## Import
Import is supported using the following syntax:
```shell
$ terraform import cloudflare_dns_settings_internal_view.example '<account_id>/<view_id>'
```

6
docs/resources/email_routing_dns.md
View file

@ -28,18 +28,12 @@ resource "cloudflare_email_routing_dns" "example_email_routing_dns" {
### Read-Only
- `created` (String) The date and time the settings have been created.
- `enabled` (Boolean) State of the zone settings for Email Routing.
- `errors` (Attributes List) (see [below for nested schema](#nestedatt--errors))
- `id` (String) Identifier
- `messages` (Attributes List) (see [below for nested schema](#nestedatt--messages))
- `modified` (String) The date and time the settings have been modified.
- `result` (Attributes) (see [below for nested schema](#nestedatt--result))
- `result_info` (Attributes) (see [below for nested schema](#nestedatt--result_info))
- `skip_wizard` (Boolean) Flag to check if the user skipped the configuration wizard.
- `status` (String) Show the state of your account, and the type or configuration error.
- `success` (Boolean) Whether the API call was successful
- `tag` (String) Email Routing settings tag. (Deprecated, replaced by Email Routing settings identifier)
<a id="nestedatt--errors"></a>
### Nested Schema for `errors`

12
docs/resources/email_routing_rule.md
View file

@ -43,11 +43,7 @@ resource "cloudflare_email_routing_rule" "example_email_routing_rule" {
- `enabled` (Boolean) Routing rule status.
- `name` (String) Routing rule name.
- `priority` (Number) Priority of the routing rule.
### Read-Only
- `id` (String) Routing rule identifier.
- `tag` (String) Routing rule tag. (Deprecated, replaced by routing rule identifier)
- `rule_identifier` (String) Routing rule identifier.
<a id="nestedatt--actions"></a>
### Nested Schema for `actions`
@ -67,10 +63,4 @@ Required:
- `type` (String) Type of matcher.
- `value` (String) Value for matcher.
## Import
Import is supported using the following syntax:
```shell
$ terraform import cloudflare_email_routing_rule.example '<zone_id>/<rule_identifier>'
```

17
docs/resources/email_routing_settings.md
View file

@ -24,21 +24,4 @@ resource "cloudflare_email_routing_settings" "example_email_routing_settings" {
- `zone_id` (String) Identifier
### Read-Only
- `created` (String) The date and time the settings have been created.
- `enabled` (Boolean) State of the zone settings for Email Routing.
- `id` (String) Email Routing settings identifier.
- `modified` (String) The date and time the settings have been modified.
- `name` (String) Domain of your zone.
- `skip_wizard` (Boolean) Flag to check if the user skipped the configuration wizard.
- `status` (String) Show the state of your account, and the type or configuration error.
- `tag` (String) Email Routing settings tag. (Deprecated, replaced by Email Routing settings identifier)
## Import
Import is supported using the following syntax:
```shell
$ terraform import cloudflare_email_routing_settings.example '<zone_id>'
```

6
docs/resources/email_security_block_sender.md
View file

@ -14,10 +14,10 @@ description: |-
```terraform
resource "cloudflare_email_security_block_sender" "example_email_security_block_sender" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
is_regex = false
pattern = "test@example.com"
is_regex = true
pattern = "x"
pattern_type = "EMAIL"
comments = "block sender with email test@example.com"
comments = "comments"
}
```

8
docs/resources/email_security_trusted_domains.md
View file

@ -15,10 +15,10 @@ description: |-
resource "cloudflare_email_security_trusted_domains" "example_email_security_trusted_domains" {
account_id = "023e105f4ecef8ad9ca31a8372d0c353"
is_recent = true
is_regex = false
is_similarity = false
pattern = "example.com"
comments = null
is_regex = true
is_similarity = true
pattern = "x"
comments = "comments"
}
```

10
docs/resources/filter.md
View file

@ -32,10 +32,6 @@ resource "cloudflare_filter" "example_filter" {
- `expression` (String) The filter expression. For more information, refer to [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/).
- `zone_id` (String) Identifier
### Optional
- `filter_id` (String) The unique identifier of the filter.
### Read-Only
- `description` (String) An informative summary of the filter.
@ -43,4 +39,10 @@ resource "cloudflare_filter" "example_filter" {
- `paused` (Boolean) When true, indicates that the filter is currently paused.
- `ref` (String) A short reference tag. Allows you to select related filters.
## Import
Import is supported using the following syntax:
```shell
$ terraform import cloudflare_filter.example '<zone_id>/<filter_id>'
```

Some files were not shown because too many files have changed in this diff Show more