Merge pull request #1267 from cloudflare/be-more-verbose-about-tf-and…

…-dash-rulesets resource/cloudflare_ruleset: be verbose about dashboard created Rulesets
cloudflare · Oct 20, 2021 · 73a37ae · 73a37ae
2 parents d286c01 + 857111c
commit 73a37ae
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/cloudflare/resource_cloudflare_ruleset.go b/cloudflare/resource_cloudflare_ruleset.go
@@ -15,6 +15,12 @@ import (
 	"github.com/pkg/errors"
 )
 
+const (
+	accountLevelRulesetDeleteURL = "https://api.cloudflare.com/#account-rulesets-delete-account-ruleset"
+	zoneLevelRulesetDeleteURL    = "https://api.cloudflare.com/#zone-rulesets-delete-zone-ruleset"
+	duplicateRulesetError        = "failed to create ruleset %q as a similar configuration already exists. If you are migrating from the Dashboard, you will need to first manually remove it using the API (%s) before you can configure it in Terraform. Otherwise, you have hit the entitlements quota and should contact your account team."
+)
+
 func resourceCloudflareRuleset() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceCloudflareRulesetCreate,
@@ -363,6 +369,14 @@ func resourceCloudflareRulesetCreate(d *schema.ResourceData, meta interface{}) e
 	}
 
 	if err != nil {
+		if strings.Contains(err.Error(), "exceeded maximum number") {
+			deleteRulesetURL := accountLevelRulesetDeleteURL
+			if accountID == "" {
+				deleteRulesetURL = zoneLevelRulesetDeleteURL
+			}
+			return fmt.Errorf(duplicateRulesetError, rulesetName, deleteRulesetURL)
+		}
+
 		return errors.Wrap(err, fmt.Sprintf("error creating ruleset %s", rulesetName))
 	}
 

diff --git a/website/docs/r/ruleset.html.markdown b/website/docs/r/ruleset.html.markdown
@@ -15,6 +15,8 @@ same syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine
 in different products, allowing you to configure several products using the same
 basic syntax.
 
+~> **NOTE:** If you previously configured Rulesets using the dashboard, you first need to delete them ([zone](https://api.cloudflare.com/#zone-rulesets-delete-zone-ruleset), [account](https://api.cloudflare.com/#account-rulesets-delete-account-ruleset) documentation) and clean up the resources before attempting to configure them with Terraform. This is because Terraform will fail to apply if configuration already exists to prevent blindly overwriting changes.
+
 ## Example Usage
 
 ```hcl