Skip to content
This repository has been archived by the owner on May 28, 2023. It is now read-only.

Latest commit

 

History

History
1974 lines (1317 loc) · 158 KB

CHANGELOG.md

File metadata and controls

1974 lines (1317 loc) · 158 KB

4.6.0 (Unreleased)

4.5.0 (3rd May, 2023)

FEATURES:

  • New Resource: cloudflare_regional_hostname (#2396)
  • New Resource: cloudflare_turnstile_widget (#2380)

ENHANCEMENTS:

  • resource/cloudflare_device_posture_rule: Add support for sentinelone type. (#2279)
  • resource/cloudflare_logpush_job: Fix schema for logpush job dataset field (#2397)
  • resource/cloudflare_logpush_job: add max upload parameters (#2394)
  • resource/cloudflare_logpush_job: add support for device_posture_results and zero_trust_network_sessions. (#2405)
  • resource/cloudflare_notification_policy: Added support for setting Megabits per second threshold for dos alert in Cloudflare notification policy resource. (#2404)
  • resource/cloudflare_pages_project: added secrets to Pages project. Secrets are encrypted environment variables, ideal for secrets such as API tokens. See documentation here: https://developers.cloudflare.com/pages/platform/functions/bindings/#secrets (#2399)
  • resource/cloudflare_ruleset: add support for the compress_response action (#2372)
  • resource/cloudflare_ruleset: add support for the http_response_compression phase (#2372)

BUG FIXES:

  • resource/cloudflare_load_balancer: fixes random_steering being unset on value updates (#2403)
  • resource/cloudflare_pages_project: fixes pages project acceptance test (#2402)
  • resource/cloudflare_ruleset: ensure custom cache keys using query parameters are defined as known values for state handling (#2388)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.65.0 to 0.66.0 (#2398)
  • provider: bumps github.com/hashicorp/terraform-plugin-mux from 0.9.0 to 0.10.0 (#2395)

4.4.0 (19th April, 2023)

NOTES:

  • resource/cloudflare_ruleset: introduced future deprecation warning for the http_request_sbfm phase. (#2382)

ENHANCEMENTS:

  • resource/cloudflare_access_organization: Add auto_redirect_to_identity flag (#2356)
  • resource/cloudflare_access_policy: Add isolation_required flag (#2351)
  • resource/cloudflare_tunnel: Adds config_src parameter (#2369)
  • resource/cloudflare_worker_script: Add logpush attribute (#2375)

INTERNAL:

  • scripts/generate-changelog-entry: make error message match the executable we are expecting (#2357)

DEPENDENCIES:

  • provider: bumps dependabot/fetch-metadata from 1.3.6 to 1.4.0 (#2383)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.64.0 to 0.65.0 (#2370)
  • provider: bumps golang.org/x/net from 0.8.0 to 0.9.0 (#2359)
  • provider: bumps peter-evans/create-or-update-comment from 2 to 3 (#2355)

4.3.0 (5th April, 2023)

NOTES:

  • adds support for a basic flox environment project (#2345)

FEATURES:

  • New Resource: cloudflare_device_dex_tests (#2250)
  • New Resource: cloudflare_worker_domain (#2339)

ENHANCEMENTS:

  • resource/cloudflare_access_group: Add example of usage of Azure (#2332)
  • resource/cloudflare_access_identity_provider: add claims and scopes fields (#2313)
  • resource/cloudflare_access_identity_provider: add ability for users to enable SCIM provisioning on their Identity Providers (#2147)
  • resource/cloudflare_device_posture_integration: add support for managing kolide third party posture provider. (#2321)
  • resource/cloudflare_device_settings_policy: use new cloudflare.ServiceMode type (#2331)
  • resource/cloudflare_ruleset: enforce schema validation of conflicting cache key parameters (#2326)
  • resource/cloudflare_teams_rules: updated gateway rule action audit ssh and rule settings (#2303)
  • resource/cloudflare_worker_script: Add compatibility_flags attribute (#2324)
  • resources/device_settings_policy: add validation for possible service_mode_v2_mode values (#2331)

BUG FIXES:

  • datasource/cloudflare_devices: Fix cloudflare_devices data source to return devices correctly and not error (#2348)
  • resource/cloudflare_custom_ssl: fix json sent to API when geo_restrictions are not used (#2319)

DEPENDENCIES:

  • provider: bumps actions/stale from 7 to 8 (#2322)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.63.0 to 0.64.0 (#2344)
  • provider: bumps github.com/hashicorp/terraform-plugin-go from 0.14.3 to 0.15.0 (#2333)
  • provider: bumps github.com/hashicorp/terraform-plugin-testing from 1.1.0 to 1.2.0 (#2320)

4.2.0 (22nd March, 2023)

BREAKING CHANGES:

  • resource/cloudflare_ruleset: status has been removed in favour of enabled now that the workaround for zero values is no longer required (#2271)

NOTES:

  • cloudflare_ruleset has been migrated to the terraform-plugin-framework in doing so addresses issues with the internal representation of zero values. A downside to this is that to get the full benefits, you will need to remove the resource from your Terraform state (terraform state rm ...) and then import the resource back into your state. Along with this, you will need to update any references to status which was the previous workaround for the enabled values. If you have status = "enabled" you will need to replace it with enabled = true and similar for status = "disabled" to be replaced with enabled = false. (#2271)

FEATURES:

  • New Data Source: cloudflare_list (#2296)
  • New Data Source: cloudflare_lists (#2296)
  • New Resource: cloudflare_address_map (#2290)
  • New Resource: cloudflare_list_item (#2304)

ENHANCEMENTS:

  • resource/access_organization: add ui_read_only_toggle_reason field (#2175)
  • resource/cloudflare_device_posture_rule: Support check_disks in the input block schema. (#2280)
  • resource/cloudflare_notification_policy_webhooks: ensure url triggers recreation, not in-place updates (#2302)
  • resource/cloudflare_tunnel: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#2281)
  • resource/cloudflare_tunnel_config: add support for import of cloudflare_tunnel_config (#2298)
  • resource/cloudflare_tunnel_config: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#2281)
  • resource/cloudflare_tunnel_route: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#2281)
  • resource/cloudflare_worker_script: Add compatibility_date attribute (#2300)

BUG FIXES:

  • resource/cloudflare_ruleset: support cache rules for status range >= and =< operations (#2307)
  • resource/cloudflare_teams_account: fixes an issue where accounts that had never configured DLP payload logging would error upon reading this resource (#2284)

INTERNAL:

  • resource/cloudflare_ruleset: migrate from SDKv2 to terraform-plugin-framework (#2271)
  • test: swap SDKv2 testing harness to github.com/hashicorp/terraform-plugin-testing (#2272)

DEPENDENCIES:

  • provider: bumps actions/setup-go from 3 to 4 (#2291)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.62.0 to 0.63.0 (#2289)
  • provider: bumps github.com/hashicorp/terraform-plugin-framework from 1.1.1 to 1.2.0 (#2314)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.25.1-0.20230317190757-53a4ec42ea7e to 2.26.0 (#2308)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.26.0 to 2.26.1 (#2315)

4.1.0 (March 8th, 2023)

ENHANCEMENTS:

  • resource/cloudflare_cloudflare_teams_rules: Add untrusted_cert setting to teams rules settings (#2256)
  • resource/cloudflare_teams_account: Add support for DLP payload logging public key (#2267)
  • resource/cloudflare_teams_rule: Add support for enabling DLP payload logging per-rule (#2267)
  • resource/cloudflare_waiting_room: add 'ru-RU' and 'fa-IR' to default_template_language field (#2262)

BUG FIXES:

  • resource/cloudflare_access_group: fixes an issue where Azure group rules with different identity provider ids would override each other (#2270)
  • resource/cloudflare_notification_policy: ensure all emails are saved if multiple email_integration values specified (#2248)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.61.0 to 0.62.0 (#2268)
  • provider: bumps github.com/stretchr/testify from 1.8.1 to 1.8.2 (#2263)
  • provider: bumps golang.org/x/net from 0.7.0 to 0.8.0 (#2274)

4.0.0 (February 21st, 2023)

Warning Prior to upgrading you should ensure you have adequate backups in the event you need to rollback to version 3. This is a major version bump and involves backwards incompatible changes.

3.x to 4.x upgrade guide

BREAKING CHANGES:

  • datasource/cloudflare_waf_groups: removed in favour of cloudflare_rulesets (#2138)
  • datasource/cloudflare_waf_packages: removed in favour of cloudflare_rulesets (#2138)
  • datasource/cloudflare_waf_rules: removed in favour of cloudflare_rulesets (#2138)
  • provider: account_id is no longer available as a global configuration option. Instead, use the resource specific attributes. (#2139)
  • resource/cloudflare_access_bookmark: resource has been removed in favour of configuration on cloudflare_access_application (#2136)
  • resource/cloudflare_access_rule: require explicit zone_id or account_id and remove implicit fallback to user level rules (#2157)
  • resource/cloudflare_account_member: account_id is now required (#2153)
  • resource/cloudflare_account_member: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_argo_tunnel: resource has been renamed to cloudflare_tunnel (#2135)
  • resource/cloudflare_ip_list: removed in favour of cloudflare_list (#2137)
  • resource/cloudflare_load_balancer: Migrate session_affinity_attributes from TypeMap to TypeSet (#1959)
  • resource/cloudflare_load_balancer: session_affinity_attributes.drain_duration is now TypeInt instead of TypeString (#1959)
  • resource/cloudflare_load_balancer_monitor: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_monitor: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_load_balancer_pool: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_pool: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_spectrum_application: edge_ip_connectivity is now nested under edge_ips as connectivity (#2219)
  • resource/cloudflare_spectrum_application: edge_ips.type is now a required field (#2219)
  • resource/cloudflare_spectrum_application: edge_ips now contains nested attributes other than IP ranges. type and connectivity have been added. edge_ips.ips contains the static IP addresses that used to reside at edge_ips. (#2219)
  • resource/cloudflare_waf_group: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_override: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_package: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_rule: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_workers_kv: account_id is now required (#2153)
  • resource/cloudflare_workers_kv: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_kv_namespace: account_id is now required (#2153)
  • resource/cloudflare_workers_kv_namespace: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_script: account_id is now required (#2153)
  • resource/cloudflare_workers_script: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_zone: account_id is now required (#2153)
  • resource/cloudflare_zone: no longer sets client.AccountID internally and relies on the resource provided value (#2154)

3.35.0 (February 20th, 2023)

FEATURES:

  • New Data Source: cloudflare_rulesets (#2220)

ENHANCEMENTS:

  • resource/cloudflare_argo_tunnel: mark tunnel_token as sensitive (#2231)
  • resource/cloudflare_device_settings_policy: Add new flag MS IP Exclusion for device policies (#2236)
  • resource/cloudflare_dlp_profile: Add new allowed_match_count field to profiles (#2210)

BUG FIXES:

  • resource/cloudflare_logpush_job: fixing typo in comment (#2238)
  • resource/cloudflare_record: always send tags object which allows removal of unwanted tags (#2205)
  • resource/cloudflare_tunnel_config: use correct notation for nested lists (#2235)

INTERNAL:

  • internal: bump Go version to 1.20 (#2243)

DEPENDENCIES:

  • provider: bump golang.org/x/net to v0.7.0 (#2245)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.60.0 to 0.61.0 (#2240)
  • provider: bumps github.com/hashicorp/terraform-plugin-framework-validators from 0.9.0 to 0.10.0 (#2227)
  • provider: bumps github.com/hashicorp/terraform-plugin-mux from 0.8.0 to 0.9.0 (#2228)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.24.1 to 2.25.0 (#2239)
  • provider: bumps golang.org/x/net from 0.6.0 to 0.7.0 (#2241)

3.34.0 (February 8th, 2023)

BREAKING CHANGES:

  • datasource/cloudflare_waf_groups: removed with no current replacement (#2138)
  • datasource/cloudflare_waf_packages: removed with no current replacement (#2138)
  • datasource/cloudflare_waf_rules: removed with no current replacement (#2138)
  • provider: account_id is no longer available as a global configuration option. Instead, use the resource specific attributes. (#2139)
  • resource/cloudflare_access_bookmark: resource has been removed in favour of configuration on cloudflare_access_application (#2136)
  • resource/cloudflare_access_rule: require explicit zone_id or account_id and remove implicit fallback to user level rules (#2157)
  • resource/cloudflare_account_member: account_id is now required (#2153)
  • resource/cloudflare_account_member: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_argo_tunnel: resource has been renamed to cloudflare_tunnel (#2135)
  • resource/cloudflare_ip_list: removed in favour of cloudflare_list (#2137)
  • resource/cloudflare_load_balancer: Migrate session_affinity_attributes from TypeMap to TypeSet (#1959)
  • resource/cloudflare_load_balancer: session_affinity_attributes.drain_duration is now TypeInt instead of TypeString (#1959)
  • resource/cloudflare_load_balancer_monitor: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_monitor: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_load_balancer_pool: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_pool: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_notification_policy: alert types block_notification_review_accepted and workers_uptime have been removed. (#2215)
  • resource/cloudflare_notification_policy: alert types g6_health_alert has been renamed to load_balancing_health_alert (#2215)
  • resource/cloudflare_notification_policy: alert types g6_pool_toggle_alert has been renamed to load_balancing_pool_enablement_alert (#2215)
  • resource/cloudflare_notification_policy: alert types scriptmonitor_alert_new_max_length_script_url has been renamed to scriptmonitor_alert_new_max_length_resource_url (#2215)
  • resource/cloudflare_notification_policy: alert types scriptmonitor_alert_new_scripts has been renamed to scriptmonitor_alert_new_resources (#2215)
  • resource/cloudflare_waf_group: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_override: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_package: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_rule: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_workers_kv: account_id is now required (#2153)
  • resource/cloudflare_workers_kv: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_kv_namespace: account_id is now required (#2153)
  • resource/cloudflare_workers_kv_namespace: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_script: account_id is now required (#2153)
  • resource/cloudflare_workers_script: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_zone: account_id is now required (#2153)
  • resource/cloudflare_zone: no longer sets client.AccountID internally and relies on the resource provided value (#2154)

FEATURES:

  • New Resource: cloudflare_mtls_certificate (#2182)
  • New Resource: cloudflare_queue (#2134)

ENHANCEMENTS:

  • resource/cloudflare_notification_policy: alert types block_notification_block_removed, fbm_dosd_attack, scriptmonitor_alert_new_max_length_resource_url, scriptmonitor_alert_new_resources, tunnel_health_event, tunnel_update_event have been added. (#2215)
  • resource/cloudflare_ruleset: Preserve IDs of unmodified rules when updating rulesets (#2172)
  • resource/cloudflare_ruleset: add support for score_per_period and score_response_header_name (#2177)
  • resource/cloudflare_worker_script: add support for queue_binding (#2134)

BUG FIXES:

  • resource/cloudflare_account_member: allow status to be computed when not provided (#2217)
  • resource/cloudflare_page_rule: fix failing page rules acceptance tests (#2213)
  • resource/cloudflare_page_rule: make cache_key_fields optional to align with API constraints (#2192)
  • resource/cloudflare_page_rule: remove empty cookie and header fields when applying this resource (#2208)
  • resource/cloudflare_pages_project: changing name will now force recreation of the project (#2216)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.59.0 to 0.60.0 (#2204)
  • provider: bumps goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (#2201)

3.33.1 (January 25th, 2023)

BUG FIXES:

  • provider: remove conflicting ExactlyOneOf schema validation from framework schema (#2185)

3.33.0 (January 25th, 2023)

BREAKING CHANGES:

  • datasource/cloudflare_waf_groups: removed with no current replacement (#2138)
  • datasource/cloudflare_waf_packages: removed with no current replacement (#2138)
  • datasource/cloudflare_waf_rules: removed with no current replacement (#2138)
  • provider: account_id is no longer available as a global configuration option. Instead, use the resource specific attributes. (#2139)
  • resource/cloudflare_access_bookmark: resource has been removed in favour of configuration on cloudflare_access_application (#2136)
  • resource/cloudflare_access_rule: require explicit zone_id or account_id and remove implicit fallback to user level rules (#2157)
  • resource/cloudflare_account_member: account_id is now required (#2153)
  • resource/cloudflare_account_member: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_argo_tunnel: resource has been renamed to cloudflare_tunnel (#2135)
  • resource/cloudflare_ip_list: removed in favour of cloudflare_list (#2137)
  • resource/cloudflare_load_balancer_monitor: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_monitor: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_load_balancer_pool: account_id is now required (#2153)
  • resource/cloudflare_load_balancer_pool: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_waf_group: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_override: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_package: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_waf_rule: removed in favour of cloudflare_ruleset (#2138)
  • resource/cloudflare_workers_kv: account_id is now required (#2153)
  • resource/cloudflare_workers_kv: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_kv_namespace: account_id is now required (#2153)
  • resource/cloudflare_workers_kv_namespace: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_workers_script: account_id is now required (#2153)
  • resource/cloudflare_workers_script: no longer sets client.AccountID internally and relies on the resource provided value (#2154)
  • resource/cloudflare_zone: account_id is now required (#2153)
  • resource/cloudflare_zone: no longer sets client.AccountID internally and relies on the resource provided value (#2154)

ENHANCEMENTS:

  • provider: mux terraform-plugin-sdk/v2 and terraform-plugin-framework (#2170)
  • resource/cloudflare_access_group: supports ip_list property. (#2073)
  • resource/cloudflare_access_organization: add support for user_seat_expiration_inactive_time (#2115)
  • resource/cloudflare_ruleset: do not let edge_ttl: default be zero (#2143)
  • resource/cloudflare_teams_accounts: adds support for mailto_address and mailto_subject blockpage settings (#2146)
  • resource/cloudflare_teams_rules: adds egress rule settings. (#2159)

BUG FIXES:

  • resource/cloudflare_record: fix issue with DNS comments and tags not being set for new records (#2148)

DEPENDENCIES:

  • provider: bumps dependabot/fetch-metadata from 1.3.5 to 1.3.6 (#2183)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.58.1 to 0.59.0 (#2166)

3.32.0 (January 11th, 2023)

FEATURES:

  • New Resource: cloudflare_device_managed_networks (#2126)

ENHANCEMENTS:

  • provider: X-Auth-Email, X-Auth-Key, X-Auth-User-Service-Key and Authorization values are now automatically redacted from debug logs (#2123)
  • provider: use inbuilt cloudflare-go logger for HTTP interactions (#2123)
  • resource/cloudflare_device_posture_rule: add ability to create crowdstrike s2s posture rule creation (#2128)
  • resource/cloudflare_origin_ca: support all authentication schemes (#2124)
  • resource/cloudflare_pages_project: adds support for always_use_latest_compatibility_date, fail_open, service_binding and usage_model (#2083)
  • resource/cloudflare_record: add support for tags and comments. (#2105)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.57.1 to 0.58.1 (#2122)

3.31.0 (December 28th, 2022)

NOTES:

  • resource/cloudflare_worker_script: supports explicit account_id instead of inheriting global values (#2102)

FEATURES:

  • New Resource: cloudflare_tiered_cache (#2101)

ENHANCEMENTS:

  • resource/cloudflare_access_application: makes allowed_idps type to set (#2094)
  • resource/cloudflare_custom_hostname: add support for defining custom metadata (#2107)

BUG FIXES:

  • resource/cloudflare_api_shield: allow for empty auth_id_characteristics (#2091)
  • resource/cloudflare_ruleset: allow edge_ttl -> default to be optional (#2097)

DEPENDENCIES:

  • provider: bumps actions/stale from 6 to 7 (#2098)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.56.0 to 0.57.0 (#2102)

3.30.0 (December 14th, 2022)

FEATURES:

  • New Data Source: cloudflare_load_balancer_pools (#1228)
  • New Resource: cloudflare_url_normalization_settings (#1878)

ENHANCEMENTS:

  • resource/cloudflare_workers_script: add support for analytics_engine_binding bindings (#2051)

BUG FIXES:

  • resource/access_application: fix issue where session_duration always showed a diff for bookmark apps (#2076)
  • resource/cloudflare_ruleset: fix issue where SSL setting is based of security level (#2088)
  • resource/cloudflare_split_tunnel: handle nested attribute changes and ignore ordering (#2066)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.55.0 to 0.56.0 (#2075)
  • provider: bumps goreleaser/goreleaser-action from 3.2.0 to 4.1.0 (#2087)

3.29.0 (November 30th, 2022)

NOTES:

  • datasource/api_token_permission_groups: permissions attribute has been deprecated in favour of individual resource level attributes. (#1960)

FEATURES:

  • New Resource: cloudflare_device_settings_policy (#1926)
  • New Resource: cloudflare_tunnel_config (#2041)

ENHANCEMENTS:

  • resource/cloudflare_fallback_domain: Add creating fallback domains for device policies (#1926)
  • resource/cloudflare_logpush_job: add support for workers_trace_events (#2025)
  • resource/cloudflare_origin_ca_certificate: add logic to renew certificate and add a new flag to set if we should renew earlier (#2048)
  • resource/cloudflare_origin_ca_certificate: trigger a replacement when csr is changed (#2055)
  • resource/cloudflare_origin_ca_certificate: trigger a replacement when validity is changed (#2046)
  • resource/cloudflare_pages_domain: add note about needing to make a separate cloudflare_record. (#2060)
  • resource/cloudflare_pages_project: add note about linking git accounts to Cloudflare account. (#2060)
  • resource/cloudflare_ruleset: add support for importing existing resources (#2054)
  • resource/cloudflare_split_tunnel: Add configuring split tunnel for device policies (#1926)
  • resource/cloudflare_workers_kv: add support for explicitly setting account_id on the resource (#2049)
  • resource/cloudflare_workers_kv_namespace: add support for explicitly setting account_id on the resource (#2049)
  • resource/cloudflare_workers_kv_namespace: swap internals to use new method signatures from cloudflare-go release (#2049)

BUG FIXES:

  • datasource/api_token_permission_groups: add user, account and zone attributes to contain only those specific resource level permissions. (#1960)
  • resource/access_policy: Fix issue where only last SAML rule group was applied in Access policy (#2033)
  • resource/cloudflare_account: Fix uninitialized cloudflare.Account.Settings (#2034)
  • resource/cloudflare_custom_hostname: remove ForceNew on wait_for_ssl_pending_validation (#2027)
  • resource/cloudflare_list: Do not reapply changes if only list order changed. (#2063)
  • resource/cloudflare_record: Fix null MX record creation (#2038)
  • resource/cloudflare_spectrum_application: ignore ordering of edge_ips (#2032)
  • resource/cloudflare_workers_kv: key changes force creation of a new resource (#2044)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.54.0 to 0.55.0 (#2049)

3.28.0 (November 16th, 2022)

ENHANCEMENTS:

  • resource/cloudflare_zone: add new plans for zone subscriptions (#2023)

BUG FIXES:

  • resource/access_application: Fix issue where empty CORS headers state causes panics (#2010)

DEPENDENCIES:

  • provider: bumps dependabot/fetch-metadata from 1.3.4 to 1.3.5 (#2008)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.53.0 to 0.54.0 (#2016)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.24.0 to 2.24.1 (#2024)

3.27.0 (November 2nd, 2022)

FEATURES:

  • New Resource: cloudflare_access_organization (#1961)
  • New Resource: cloudflare_dlp_profile (#1984)
  • New Resource: cloudflare_total_tls (#1979)
  • New Resource: cloudflare_waiting_room_rules (#1957)

ENHANCEMENTS:

  • resource/cloudflare_access_application: add support for app_launcher, biso, dash_sso and warp to the schema (#1988)
  • resource/cloudflare_load_balancer_monitor: support defining explicit account_id for resources (#1986)
  • resource/cloudflare_load_balancer_pool: support defining explicit account_id for resources (#1986)
  • resource/cloudflare_logpush_job: add support for "access_requests" dataset parameter (#2001)
  • resource/cloudflare_teams_list: handle pagination for larger Team List accounts (#1706)
  • test: use T.Setenv to set env vars in provider tests (#1985)

BUG FIXES:

  • resource/cloudflare_access_group: fix issue where policy groups were always showing a diff during plans (#1983)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.52.0 to 0.53.0 (#1995)
  • provider: bumps github.com/stretchr/testify from 1.8.0 to 1.8.1 (#1993)

3.26.0 (October 19th, 2022)

ENHANCEMENTS:

  • resource/cloudflare_custom_hostname: Add wait_for_ssl_pending_validation attribute (#1953)
  • resource/cloudflare_device_posture_rule: Add chromeos and unique_client_id values (#1950)
  • resource/cloudflare_load_balancer: Migrate to autogen docs, improve docs (#1954)
  • resource/cloudflare_pages_domain: add Pages project domain importer. (#1973)
  • resource/cloudflare_ruleset: add support for overriding sensitivity levels for ruleset rules (#1965)

BUG FIXES:

  • resource/cloudflare_byo_ip_prefix: set correct prefix ID for the byoip prefix during import. (#1951)
  • resource/cloudflare_custom_ssl: check GeoRestrictions is not nil before attempting to compare it (#1964)
  • resource/cloudflare_pages_project: add defaults to Pages project deployment config (#1973)
  • resource/cloudflare_zone_settings_override: Fetch/modify origin_max_http_version as a single setting. (#1805)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.51.0 to 0.52.0 (#1962)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.23.0 to 2.24.0 (#1969)
  • provider: bumps goreleaser/goreleaser-action from 3.1.0 to 3.2.0 (#1977)

3.25.0 (October 5th, 2022)

NOTES:

  • resource/device_posture_rule: update device posture rule to reflect new linux posture fields (#1842)

ENHANCEMENTS:

  • resource/cloudflare_account_member: permit setting status in terraform schema if desired (#1920)
  • resource/cloudflare_email_routing_catch_all: switch to a dedicated scheme to allow type = "drop" (#1947)
  • resource/cloudflare_load_balancer: Add support for adaptive_routing, location_strategy, random_steering, and zero_downtime_failover (#1941)
  • resource/cloudflare_load_balancer: update internal method signatures to match upstream library (#1932)
  • resource/cloudflare_load_balancer_monitor: update internal method signatures to match upstream library (#1932)
  • resource/cloudflare_load_balancer_pool: update internal method signatures to match upstream library (#1932)

BUG FIXES:

  • provider: allow individual setting of x-auth-service-key (#1923)
  • provider: fix versioning injection during release builds (#1935)
  • resource/cloudflare_byo_ip_prefix: fix Import to set account_id (#1930)
  • resource/cloudflare_record: update Read method to pull from remote API instead of local configuration which is empty during Import (#1942)
  • resource/cloudflare_zone_settings_override: Fix array manipulation bug related to single zone settings (#1925)

DEPENDENCIES:

  • provider: bumps actions/stale from 5 to 6 (#1922)
  • provider: bumps dependabot/fetch-metadata from 1.3.3 to 1.3.4 (#1945)

3.24.0 (September 21st, 2022)

NOTES:

  • resource/cloudflare_access_bookmark: Bookmark resource is deprecated in favor of using the cloudflare_access_application resource. (#1914)
  • resource/cloudflare_email_routing_rule: Fix example resource to use correct syntax (#1895)
  • resource/cloudflare_email_routing_rule_catch_all: Fix example resource to use correct syntax (#1895)

FEATURES:

  • New Data Source: cloudflare_accounts (#1899)
  • New Data Source: cloudflare_record (#1906)
  • New Resource: cloudflare_account (#1902)
  • New Resource: cloudflare_user_agent_blocking_rule (#1894)

ENHANCEMENTS:

  • resource/cloudflare_pages_project: Adds importer for pages_project (#1886)
  • tools: add devcontainer for local development (#1892)

BUG FIXES:

  • provider: allow setting api_user_service_key without token and/or key (#1907)
  • resource/cloudflare_load_balancer_monitor: fix detection of headers values changing (#1903)
  • resource/cloudflare_pages_project: fix null source on project create (#1898)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.49.0 to 0.50.0 (#1910)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.21.0 to 2.22.0 (#1900)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.22.0 to 2.23.0 (#1913)

3.23.0 (September 7th, 2022)

FEATURES:

  • New Resource: cloudflare_api_shield (#1874)
  • New Resource: cloudflare_email_routing_address (#1856)
  • New Resource: cloudflare_email_routing_catch_all (#1856)
  • New Resource: cloudflare_email_routing_rules (#1856)
  • New Resource: cloudflare_email_routing_settings (#1856)
  • New Resource: cloudflare_web3_hostname (#1882)

ENHANCEMENTS:

  • resource/cloudflare_access_service_token: updates internals to allow in place refreshing instead of full replacement based on the expires_at and min_days_for_renewal values (#1872)
  • resource/cloudflare_pages_domain: Adds support for Pages domains (#1835)
  • resource/cloudflare_pages_project: Adds support for Pages Projects (#1835)
  • resource/cloudflare_record: Add HTTPS DNS record type (#1887)
  • resource/cloudflare_worker: provide js module option to allow service bindings (#1865)

BUG FIXES:

  • resource/cloudflare_authenticated_origin_pulls: fix improper handling of enabled=false (#1861)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.48.0 to 0.49.0 (#1871)
  • provider: bumps github.com/golangci/golangci-lint from 1.48.0 to 1.49.0 (#1855)
  • provider: bumps goreleaser/goreleaser-action from 3.0.0 to 3.1.0 (#1868)

3.22.0 (August 24th, 2022)

NOTES:

  • update local setup documentation to reflect newer required Go version (#1847)

ENHANCEMENTS:

  • resource/cloudflare_ruleset: add support for http_config_settings (#1837)
  • resources/worker_script: add support for r2_bucket_binding (#1825)

BUG FIXES:

  • resource/cloudflare_fallback_domain: fix perpetual changes due to ordering (#1828)
  • resource/cloudflare_notification_policy: add missing alert types and filters to validation and docs (#1830)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.46.0 to 0.47.1 (#1844)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.20.0 to 2.21.0 (#1838)
  • provider: bumps github.com/hcloudflare-go from 0.47.1 to 0.48.0 (#1848)

3.21.0 (August 10th, 2022)

BREAKING CHANGES:

  • resource/cloudflare_page_rule: Removed always_online from page rules since this action has been decommissioned from page rules (#1817)

ENHANCEMENTS:

  • resource/cloudflare_custom_ssl: handle when remote ID changes during updates (#1824)
  • resource/cloudflare_ruleset: add support and configuration for serve_errors action (#1794)
  • resource/cloudflare_ruleset: add support for sni override in route action (#1816)

BUG FIXES:

  • resource/cloudflare_account_member: actually use the account_id value (#1823)
  • resource/cloudflare_zone_settings_override: add missing allowed value of 120 for browser_cache_ttl (#1822)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.45.0 to 0.46.0 (#1815)
  • provider: bumps github.com/golangci/golangci-lint from 1.47.2 to 1.47.3 (#1813)
  • provider: bumps github.com/golangci/golangci-lint from 1.47.3 to 1.48.0 (#1820)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.19.0 to 2.20.0 (#1804)

3.20.0 (July 27th, 2022)

BREAKING CHANGES:

  • resource/cloudflare_healthcheck: deprecates notification_email_addresses and notification_suspended in favour of cloudflare_notification_policy (#1789)

NOTES:

  • resource/cloudflare_access_rule: this resource now supports an explicit account_id instead of the implied one from the client configuration. You should update your configuration to include account_id and remove permadiffs. (#1790)
  • resource/cloudflare_account_member: this resource now supports an explicit account_id instead of the implied one from the client configuration. You should update your configuration to include account_id and remove permadiffs. (#1767)
  • resource/cloudflare_certificate_pack: remove references to long-deprecated dedicated certs (replaced by advanced) (#1778)
  • resource/cloudflare_rulesets: Cache Rules use cache flag instead of bypass_cache (#1785)
  • resource/cloudflare_zone: this resource now supports an explicit account_id instead of the implied one from the client configuration. You should update your configuration to include account_id and remove permadiffs. (#1767)

ENHANCEMENTS:

  • resource/cloudflare_access_application: Add support for Saas applications (#1762)
  • resource/cloudflare_access_rule: add support for account_id (#1790)
  • resource/cloudflare_account_member: add support for account_id (#1767)
  • resource/cloudflare_api_token: add support for not_before and expires_on (#1792)
  • resource/cloudflare_certificate_pack: fix some of the custom hostname docs copy (#1778)
  • resource/cloudflare_certificate_pack: update the list of allowed certificate authorities (#1778)
  • resource/cloudflare_load_balancer: Add support for LB country pools (#1797)
  • resource/cloudflare_managed_headers: swap filtering to use API instead of custom logic (#1765)
  • resource/cloudflare_ruleset: add support for from_value action parameter when using redirect action (#1781)
  • resource/cloudflare_zone: add support for account_id (#1767)

BUG FIXES:

  • resource/cloudflare_waiting_room: fix default waiting room session_duration and path values (#1766)
  • resource/cloudflare_zone_lockdown: Fix crash when logging upstream error message (#1777)

DEPENDENCIES:

  • provider: bumps github.com/cloudflare/cloudflare-go from 0.44.0 to 0.45.0 (#1793)
  • provider: bumps github.com/golangci/golangci-lint from 1.46.2 to 1.47.0 (#1786)
  • provider: bumps github.com/golangci/golangci-lint from 1.47.0 to 1.47.1 (#1788)
  • provider: bumps github.com/golangci/golangci-lint from 1.47.1 to 1.47.2 (#1795)
  • provider: bumps github.com/hashicorp/terraform-plugin-log from 0.4.1 to 0.5.0 (#1773)
  • provider: bumps github.com/hashicorp/terraform-plugin-log from 0.5.0 to 0.6.0 (#1780)
  • provider: bumps github.com/hashicorp/terraform-plugin-log from 0.6.0 to 0.7.0 (#1798)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.18.0 to 2.19.0 (#1779)

3.19.0 (July 13th, 2022)

ENHANCEMENTS:

  • resource/cloudflare_ipsec_tunnel: add allow_null_cipher to ipsec tunnel (#1736)
  • resource/cloudflare_record: Validate that DNS record names are non-empty (#1740)
  • resource/cloudflare_ruleset: add support for from_list action parameter when using redirect action (#1744)
  • resource/cloudflare_waiting_room: Add queueing_method field. (#1759)
  • resource/cloudflare_workers_script: add support for service_binding bindings (#1760)
  • resource/cloudflare_zone_settings_override: Add support for origin_max_http_version (#1755)

BUG FIXES:

  • resource/cloudflare_list: fix default values for redirect list updates (#1746)
  • resource/cloudflare_logpush_job: fix logpush job name validation regex (#1743)
  • resource/cloudflare_tunnel_route: Fix incorrect indexing of resource data id attributes (#1753)

DEPENDENCIES:

  • provider: bumps dependabot/fetch-metadata from 1.3.1 to 1.3.2 (#1747)
  • provider: bumps dependabot/fetch-metadata from 1.3.2 to 1.3.2 (#1748)
  • provider: bumps github.com/cloudflare/cloudflare-go from 0.43.0 to 0.44.0 (#1757)
  • provider: bumps github.com/hashicorp/terraform-plugin-docs from 0.12.0 to 0.13.0 (#1763)
  • provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.17.0 to 2.18.0 (#1758)
  • provider: bumps github.com/stretchr/testify from 1.7.5 to 1.8.0 (#1738)

3.18.0 (June 29th, 2022)

NOTES:

  • resource/cloudflare_ip_list: Deprecated cloudflare_ip_list in favor of cloudflare_list. (#1700)

FEATURES:

  • New Resource: cloudflare_managed_headers (#1688)
  • New Resource: resource/cloudflare_list: Added support for generic list types, including redirect lists. (#1700)

ENHANCEMENTS:

  • resource/cloudflare_logpush_job: adds support for kind attribute (#1718)
  • resource/cloudflare_logpush_job: validate name attribute (#1717)
  • resource/cloudflare_ruleset: add support for set cache settings (#1701)

BUG FIXES:

  • resource/cloudflare_logpush_job: Fix for optional filter attribute (#1712)
  • resource/cloudflare_logpush_job: fix unmarhalling job with empty/no filter (#1723)
  • resource/cloudflare_record: ensure trailing . in value don't cause surious diffs (#1713)

3.17.0 (June 15th, 2022)

BREAKING CHANGES:

  • resource/cloudflare_ruleset: deprecates enabled in overridden configurations immediately in favour of status (#1689)

FEATURES:

  • New Resource: cloudflare_tunnel_virtual_network (#1672)

ENHANCEMENTS:

  • resource/cloudflare_access_identity_provider: Add support for PKCE when creating IDPS. (#1667)
  • resource/cloudflare_device_posture_integration: add support for managing uptycs, intune and crowdstrike third party posture providers. (#1628)
  • resource/cloudflare_ipsec_tunnel: add support for healthcheck_enabled, health_check_target, healthcheck_type, psk (#1685)
  • resource/cloudflare_logpush_job: Add filter field support (#1660)
  • resource/cloudflare_tunnel_route: Add virtual_network_id attribute (#1668)

BUG FIXES:

  • resource/cloudflare_teams_rule: Fixes issue with rule precedence updates by using a generated version of precendence in API calls to reduce clashing versions (#1663)

3.16.0 (June 1st, 2022)

NOTES:

  • provider: swap internal logging mechanism to use tflog (#1638)
  • provider: updated internal package structure of repository (#1636)

ENHANCEMENTS:

  • resource/cloudflare_access_group: add support for external evaluation as a new access group rule (#1623)
  • resource/cloudflare_argo_tunnel: add tunnel_token support (#1590)
  • resource/cloudflare_logpush_job: add support for specifying frequency (#1634)
  • resource/cloudflare_ruleset: add support for custom fields logging (#1630)
  • resource/cloudflare_waiting_room: Add default_template_language field. (#1651)

BUG FIXES:

  • resource/cloudflare_access_application: Fix inability to update http_only_cookie_attribute to false (#1602)
  • resource/cloudflare_waiting_room_event: handle time pointer for nullable struct member (#1648)
  • resource/cloudflare_workers_kv: handle invalid id during terraform import (#1635)

3.15.0 (May 18th, 2022)

NOTES:

  • provider: internally swapped to using diag.Diagnostics for CRUD return types and using context.Context passed in from the provider itself instead of instantiating our own in each operation (#1592)

ENHANCEMENTS:

  • resource/cloudflare_device_posture_rule: Add expiration to device posture rule (#1585)
  • resource/cloudflare_logpush_job: add support for managing network_analytics_logs (#1627)
  • resource/cloudflare_logpush_job: allow r2 logpush destinations without ownership validation (#1597)
  • resource/ruleset: add support for origin and host_header attributes (#1620)

BUG FIXES:

  • resource/cloudflare_access_rule: Fix lifecycle of access_rule update (#1601)
  • resource/cloudflare_spectrum_application: prevent panic when configuration does not include edge_ips.connectivity (#1599)
  • resource/cloudflare_teams_rule: fixed detection of deleted teams rules (#1622)

3.14.0 (May 4th, 2022)

FEATURES:

  • New Resource: cloudflare_tunnel_route (#1572)

ENHANCEMENTS:

  • resource/cloudflare_certificate_pack: add support for new option (wait_for_active_status) to block creation until certificate pack is active (#1567)
  • resource/cloudflare_notification_policy: Add slo to notification policy filters (#1573)
  • resource/cloudflare_teams_list: Add support for IP type (#1550)

BUG FIXES:

  • cloudflare_tunnel_routes: Fix reads matching routers with larger CIDRs (#1581)
  • resource/cloudflare_access_group: allow github access groups to be created without a list of teams (#1589)
  • resource/cloudflare_logpush_job: make ownership challenge check for https not required (#1588)
  • resource/cloudflare_tunnel_route: Fix importing resource (#1580)
  • resource/cloudflare_zone: update plan identifier for professional rate plans (#1583)

3.13.0 (April 20th, 2022)

NOTES:

  • resource/cloudflare_byo_ip_prefix: now requires an explicit account_id parameter instead of implicitly relying on client.AccountID (#1563)
  • resource/cloudflare_ip_list: no longer sets client.AccountID internally for resources (#1563)
  • resource/cloudflare_magic_firewall_ruleset: no longer sets client.AccountID internally for resources (#1563)
  • resource/cloudflare_static_route: no longer sets client.AccountID internally for resources (#1563)
  • resource/cloudflare_worker_cron_trigger: now requires an explicit account_id parameter instead of implicitly relying on client.AccountID (#1563)

ENHANCEMENTS:

  • resource/cloudflare_custom_pages: add support for managed_challenge action (#1478)
  • resource/cloudflare_ruleset: add support for rule logging (#1538)

3.12.2 (April 13th, 2022)

ENHANCEMENTS:

  • resource/cloudflare_ruleset: Setting description to Optional to better reflect API requirements (#1556)

3.12.1 (April 9th, 2022)

BUG FIXES:

  • resource/cloudflare_zone: don't get stuck in endless loop for partner zone rate plans (#1547)

3.12.0 (April 6th, 2022)

NOTES:

  • resource/cloudflare_healthcheck: notification_suspended and notification_email_addresses attributes are being deprecated in favour of cloudflare_notification_policy resource instead. (#1529)

FEATURES:

  • New Resource: cloudflare_access_bookmark (#1539)

ENHANCEMENTS:

  • resource/cloudflare_access_application: Add service_auth_401_redirect field. (#1540)

BUG FIXES:

  • resource/cloudflare_api_token: ignore ordering changes in permission_groups (#1545)
  • resource/cloudflare_notification_policy: Fix unexpected crashes when using cloudflare_notification_policy with a filters attribute (#1542)
  • resource/cloudflare_zone_dnssec: don't try to enable DNSSEC when state is "pending" (#1530)

3.11.0 (March 23rd, 2022)

NOTES:

  • resource/cloudflare_origin_ca_certificate: requested_validity no longer decrements until the expires_on value but is now the amount of days the certificate was requested for. (#1502)

FEATURES:

  • New Resource: cloudflare_teams_proxy_endpoint (#1517)
  • New Resource: cloudflare_waiting_room_event (#1509)

ENHANCEMENTS:

  • resource/cloudflare_page_rule: add support for actions.disable_zaraz (#1523)
  • resource/cloudflare_ruleset: add support for action_parameters.response to control the response when triggering a WAF rule (#1507)
  • resource/cloudflare_ruleset: add support for ratelimit.requests_to_origin (#1507)

BUG FIXES:

  • resource/cloudflare_device_posture_integration: remove superfluous id from schema (#1504)
  • resource/cloudflare_spectrum_application: Fix 'edge_ip_connectivity' state persistence (#1515)

3.10.1 (March 10th, 2022)

BUG FIXES:

  • resource/cloudflare_ruleset: don't attempt to upgrade ratelimit if it isn't set (#1501)

3.10.0 (March 9th, 2022)

BREAKING CHANGES:

  • resource/cloudflare_ruleset: rename mitigation_expression to counting_expression (#1477)

ENHANCEMENTS:

  • resource/cloudflare_access_rule: add support for managed_challenge action (#1457)
  • resource/cloudflare_custom_hostname: adds support for custom_origin_sni (#1482)
  • resource/cloudflare_device_policy_certificates: add support for device policy certificate settings (#1467)
  • resource/cloudflare_teams_rules: Add insecure_disable_dnssec_validation option to settings (#1469)
  • resource/cloudflare_zone: add support for partner rate plans (#1464)

BUG FIXES:

  • resource/cloudflare_record: no need to pass the resourceCloudflareRecordUpdate to the NonRetryable handler (#1496)

3.9.1 (February 15th, 2022)

NOTES:

  • resource/cloudflare_api_token: revert swap from TypeList to TypeSet due to broken migration (#1455)

FEATURES:

  • New Data Source: cloudflare_devices (#1453)

3.9.0 (February 14th, 2022)

FEATURES:

  • New Resource: cloudflare_gre_tunnel (#1423)
  • New Resource: cloudflare_zone_cache_variants (#1444)

ENHANCEMENTS:

  • cloudflare_ruleset: add support for "managed_challenge" action (#1442)
  • resource/certificate_pack: adds validation_errors and validation_records with same format as custom hostnames. (#1424)
  • resource/custom_hostname: also adds missing validation_errors, and certificate_authority (#1424)
  • resource/custom_hostname: validation tokens are now an array (validation_records) instead of a top level, but the only top level record that was previously here was for cname validation, txt/http/email were entirely missing. (#1424)

BUG FIXES:

  • cloudflare_argo_tunnel: conditionally fetch settings based on the provided configuration (#1451)
  • resource/cloudflare_api_token: ignore ordering of permission_group IDs (#1425)

3.8.0 (January 28th, 2022)

FEATURES:

  • New Resource: cloudflare_ipsec_tunnel (#1404)

ENHANCEMENTS:

  • datasource/cloudflare_zones: allow filtering by account_id (#1401)
  • resource/cloudflare_cloudflare_teams_rules: Add check_session and add_headers attributes to settings (#1402)
  • resource/cloudflare_cloudflare_teams_rules: Add disable_download, disable_keyboard, and disable_upload attributes to BISOAdminControls (#1402)
  • resource/cloudflare_logpush_job: add support for managing dns_logs (#1400)
  • resource/cloudflare_ruleset: add skip support for products and phases (#1391)
  • resource/cloudflare_ruleset: smoother handling of UI/API collisions during migrations (#1393)
  • resource/cloudflare_teams_accounts: Add the fips field for configuring FIPS-compliant TLS. (#1380)

BUG FIXES:

  • resource/cloudflare_fallback_domain: default entries are now restored on delete. (#1399)
  • resource/cloudflare_ruleset: conditionally set action parameter "version" (#1388)
  • resource/cloudflare_ruleset: fix handling of false values for category/rule overrides (#1405)

3.7.0 (January 13th, 2022)

FEATURES:

  • New Resource: cloudflare_device_posture_integration (#1340)
  • New Resource: cloudflare_fallback_domain (#1356)

ENHANCEMENTS:

  • resource/cloudflare_firewall_rule: add support for managed_challenge action (#1378)
  • resource/cloudflare_load_balancer_monitor: added support for smtp, icmp_ping, and udp_icmp monitors (#1371)
  • resource/cloudflare_logpush_job: add support for account-level logpush jobs (#1311)
  • resource/cloudflare_logpush_ownership_challenge: add support for account-level logpush ownership challenges (#1311)

BUG FIXES:

  • resource/cloudflare_api_token: modified_on is now read correctly (#1368)

DEPENDENCIES:

  • github.com/cloudflare/cloudflare-go v0.29.0 => v0.30.0 (#1379)

3.6.0 (December 23rd, 2021)

ENHANCEMENTS:

  • resource/cloudflare_access_application: add bookmark type to apptypes (#1343)
  • resource/cloudflare_teams_rules: GATE-2273: Adds support for device posture gateway rules (#1353)

BUG FIXES:

  • resource/cloudflare_load_balancer: handle empty rules for resourceCloudflareLoadBalancerStateUpgradeV1 (#1257)
  • resource/cloudflare_split_tunnel: import will now use correct import function (#1345)

3.5.0 (December 14th, 2021)

NOTES:

  • provider: split schema definition from resource CRUD operations (#1321)

FEATURES:

  • New Data Source: cloudflare_access_identity_provider (#1300)

ENHANCEMENTS:

  • resource/cloudflare_access_application: add support for app_launcher_visible to the schema (#1303)
  • resource/cloudflare_ruleset: add support for rewriting HTTP response headers (#1339)
  • resource/cloudflare_zone: support changing type values (#1301)

BUG FIXES:

  • resource/cloudflare_access_group: fix mapping error for AzureAD (#1341)
  • resource/cloudflare_access_rule: allow "ip6" to be a padded or unpadded value and compare correctly (#1294)
  • resource/cloudflare_argo: call Read for Import operations (#1295)
  • resource/cloudflare_argo_tunnel: fix import mechanism (#1329)
  • resource/cloudflare_argo_tunnel: update CNAME to use cfargotunnel.com (#1293)
  • resource/cloudflare_origin_ca_certificate: reintroduce DiffSuppressFunc for requested_validity changes to handle all schema/SDK combinations (#1289)
  • resource/cloudflare_split_tunnel: import now works by specifying accountId/mode (#1313)
  • resource/cloudflare_teams_list: ignore items ordering (#1338)

3.4.0 (November 1st, 2021)

ENHANCEMENTS:

  • provider: add the ability to configure a different hostname and base path for the API client (#1270)
  • resource/cloudflare_access_application: add support for 'skip_interstitial' and 'logo_url' properties (#1262)
  • resource/cloudflare_custom_hostname: add settings.early_hints to ssl schema (#1286)
  • resource/cloudflare_ruleset: add support for exposed credential checks (#1263)
  • resource/cloudflare_zone_setting_override: add support for overriding early_hints (#1285)

BUG FIXES:

  • resource/cloudflare_ruleset: allow action parameter override enabled to be true/false or uninitialised (#1275)
  • resource/cloudflare_ruleset: allow setting uri and path action parmeters together in a single rule (#1271)

3.3.0 (October 20th, 2021)

FEATURES:

  • New Data Source: cloudflare_account_roles (#1238)

ENHANCEMENTS:

  • resource/cloudflare_access_application: add support for 'SameSite' and 'HttpOnly' cookie attributes (#1241)
  • resource/cloudflare_argo_tunnel: add cname as exported attribute (#1259)
  • resource/cloudflare_load_balancer_pool: add support for origin steering (#1240)
  • resource/cloudflare_ruleset: add support for 'Action' and 'Enabled' action_parameters > overrides attributes (#1249)
  • resource/cloudflare_zone_setting_override: add support for overriding binary_ast (#1261)
  • resource/cloudflare_zone_setting_override: add support for overriding filter_logs_to_cloudflare (#1261)
  • resource/cloudflare_zone_setting_override: add support for overriding log_to_cloudflare (#1261)
  • resource/cloudflare_zone_setting_override: add support for overriding orange_to_orange (#1261)
  • resource/cloudflare_zone_setting_override: add support for overriding proxy_read_timeout (#1261)
  • resource/cloudflare_zone_setting_override: add support for overriding visitor_ip (#1261)

BUG FIXES:

  • resource/cloudflare_access_policy: handle empty nil values for building policies (#1237)
  • resource/cloudflare_ruleset: don't attempt to update "custom" rulesets using the phase entrypoint (#1245)

3.2.0 (October 7th, 2021)

NOTES:

  • provider: cloudflare-go has been upgraded to v0.25.0 (#1236)

FEATURES:

  • New Data Source: cloudflare_zone (#1213)
  • New Resource: cloudflare_split_tunnel (#1207)

ENHANCEMENTS:

  • provider: add support for debugging via debuggers (like delve) (#1217)
  • resource/cloudflare_access_policy: add support for approval_required flag (#1230)

BUG FIXES:

  • resource/cloudflare_account_member: handle role changes made in the dashboard (#1202)
  • resource/cloudflare_origin_ca_certificate: ignore requested_validity changes due to the value decreasing but still store it (#1214)
  • resource/cloudflare_record: handle Updates for records with data blocks (#1229)

3.1.0 (September 21st, 2021)

ENHANCEMENTS:

  • resource/cloudflare_ruleset: add support for ddos_l7 configuration (#1212)

3.0.1 (September 21st, 2021)

ENHANCEMENTS:

  • resource/cloudflare_access_rule: add state migrator for 3.x (#1211)
  • resource/cloudflare_custom_ssl: add state migrator for 3.x (#1211)
  • resource/cloudflare_load_balancer: add state migrator for 3.x (#1211)
  • resource/cloudflare_record: add state migrator for 3.x (#1211)

3.0.0 (September 20th, 2021)

2.x to 3.x upgrade guide

BREAKING CHANGES:

  • resource/cloudflare_access_rule: configuration is now a TypeList instead of a TypeMap (#1188)
  • resource/cloudflare_custom_ssl: custom_ssl_options is now a TypeList instead of TypeMap (#1188)
  • resource/cloudflare_load_balancer: fixed_response is now a TypeList instead of a TypeMap (#1188)
  • resource/cloudflare_load_balancer: fixed_response.status_codeis now aTypeIntinstead of aTypeString` (#1188)
  • resource/cloudflare_record: data is now a TypeList instead of a TypeMap (#1188)

NOTES:

  • provider: Golang version has been upgraded to 1.17 (#1188)
  • provider: HTTP user agent is now "terraform/:version terraform-plugin-sdk/:version terraform-provider-cloudflare/:version" (#1188)
  • provider: Minimum Terraform core version is now 0.14 (#1188)
  • provider: terraform-plugin-sdk has been upgraded to 2.x (#1188)

ENHANCEMENTS:

  • resource/cloudflare_custom_hostname: settings.ciphers is now a TypeSet internally to handle suppress ordering changes. Schema representation remains the same (#1188)
  • resource/cloudflare_custom_hostname: settings is now Optional/Computed to reflect the stricter schema validation introduced in terraform-plugin-sdk v2 (#1188)
  • resource/cloudflare_custom_hostname: status is now Computed as the value isn't managed by an end user (#1188)

2.27.0 (September 20th, 2021)

NOTES:

  • provider: Update to cloudflare-go v0.22.0 (#1184)

FEATURES:

  • New Resource: cloudflare_access_keys_configuration (#1186)
  • New Resource: cloudflare_teams_account (#1173)
  • New Resource: cloudflare_teams_rule (#1173)

ENHANCEMENTS:

  • resource/cloudflare_access_policy: add support for purpose justification and approvals (#1199)
  • resource/cloudflare_ruleset: add support for HTTP rate limiting (#1179)
  • resource/cloudflare_ruleset: add support for Transform Rules (#1169)
  • resource/cloudflare_ruleset: add support for WAF payload logging (#1174)
  • resource/cloudflare_ruleset: add support for more complex skip ruleset configurations (#1201)

BUG FIXES:

  • resource/cloudflare_ruleset: fix state handling for terraform-plugin-sdk v2 (#1183)
  • resource/cloudflare_zone_settings_override: remap zero_rtt => 0rtt for resource delete (#1175)

2.26.1 (August 30th, 2021)

Fixes

  • resource/cloudflare_ruleset: Send a single payload for rules instead of many individual payloads to prevent overwriting previous rules (#1171)

2.26.0 (August 27th, 2021)

  • New resource: cloudflare_notification_policy (#1138)
  • New resource: cloudflare_notification_policy_webhooks (#1151)
  • New resource: cloudflare_ruleset (#1143)
  • New resource: cloudflare_teams_location (#1154)
  • New datasource: cloudflare_origin_ca_root_certificate (#1158)

Improvements

  • resource/cloudflare_waiting_room: Add support for json_response_enabled as an argument (#1122)

2.25.0 (August 4th, 2021)

Improvements

  • resource/cloudflare_access_device_posture_rule: Add support for domain_joined, firewall, os_version, and disk_encryption (#1137)
  • provider: bump cloudflare-go to v0.20.0 (#1146)

2.24.0 (July 19th, 2021)

Improvements

  • resource/cloudflare_logpush_job: Add support for "nel_reports" as a dataset (#1122)
  • resource/cloudflare_custom_hostname: Allow SSL options to be optional when not required (#1131)
  • resource/cloudflare_access_identity_provider: Support optional Okta API token (#1119)
  • resource/cloudflare_load_balancer_pool: Add support for load shedding (#1108)
  • resource/cloudflare_load_balancer_pool: Add support for longitude and latitude (#1093)

Fixes

  • resource/cloudflare_record: Use correct Import method on resource (#1116)
  • resource/cloudflare_worker_cron_trigger: Account for deletion of scripts and force a refresh of triggers (#1121)
  • resource/cloudflare_rate_limit: Handle origin_traffic missing from API response (#1125)
  • resource/cloudflare_record: Support allow_overwrite for root records (#1129)

2.23.0 (June 30th, 2021)

  • New resource: cloudflare_waiting_room (#1053)

Improvements

  • datasource/cloudflare_waf_rules: Export default_mode as an attribute (#1079)

Fixes

  • resource/cloudflare_access_application: Revert removal of schema changes causing existing applications unable to re-apply (#1118)

2.22.0 (June 25th, 2021)

  • New resource: cloudflare_static_route (#1098)

Improvements

  • resource/cloudflare_origin_ca: Ignore decreasing requested_validity (#1043)
  • resource/waf_override: Allow rules to be optional (#1090)
  • resource/cloudflare_zone: Don't attempt to set free zone rate plans as that is already the default (#1102)
  • resource/cloudflare_access_application: Ability to set type for Applications (#1076)
  • resource/cloudflare_zone_lockdown: Update documentation to show examples of multiple configurations (#1106)

2.21.0 (May 26th, 2021)

  • New resource: cloudflare_device_posture_rule (#1058)
  • New resource: cloudflare_teams_list (#1058)

Improvements

  • provider: Update to terraform-plugin-sdk v1.17.1 (#1035, #1043)
  • resource/cloudflare_logpush_job: Allow ownership_challenge to be optional to account for Datadog, Splunk or S3-Compatible endpoints (#1048)
  • resource/cloudflare_access_group: Add support for login_method (#1066)
  • resource/cloudflare_load_balancer: Add support for promixity based steering (#1072)
  • resource/cloudflare_access_application: Prevent bad CORS configuration when credentials and all origins are permitted (#1073)
  • resource/cloudflare_access_service_tokens: Allow configuration to manage automatic renewal when the threshold is crossed and Terraform operations are performed within the window (#1057)
  • resource/cloudflare_load_balancer_pool: Allow support for Host header settings (#1042)

Fixes

  • resource/cloudflare_access_policy: Allow empty slices in blocks when building policies (#1034)
  • resource/cloudflare_load_balancer: Fix override attributes pop_pools and region_pools referencing incorrect values causing a panic (#1039)

2.20.0 (April 15th, 2021)

New resource: cloudflare_access_ca_certificate (#995)

Improvements

  • resource/cloudflare_access_application: Improve documentation for Import usage (#1002)
  • resource/cloudflare_logpush_job: Update documentation to reflect requirements for destination_conf to match across all uses (#1024)
  • resource/cloudflare_custom_hostname_fallback: Better handle service lag when updating existing resources by attempting retries (#1014)
  • resource/cloudflare_waf_group: Simplify error handling using inbuilt helpers (#1015)
  • resource/cloudflare_waf_rule: Simplify error handling using inbuilt helpers (#1015)
  • resource/cloudflare_waf_package: Simplify error handling using inbuilt helpers (#1015)
  • resource/cloudflare_access_group: Add support for login_method (#1018)
  • provider: Update to cloudflare-go v0.16.0 (#1018)
  • provider: Update to terraform-plugin-sdk v1.16.1 (#1003)
  • resource/cloudflare_load_balancer: Add support for rules (#1016)

2.19.2 (March 15th, 2021)

Fixes

  • resource/cloudflare_record: Address regression from 2.19.1 by checking the API response instead of the schema output for Priority (#992)

2.19.1 (March 11th, 2021)

Fixes

  • resource/cloudflare_record: Update Priority handling for MX parked records (#986)

2.19.0 (March 10th, 2021)

Fixes

  • resource/cloudflare_access_group: Fix crash when constructing a GSuite group (#940)
  • resource/cloudflare_access_policy: Make precedence required (#941)
  • resource/cloudflare_access_group: Fix crash when constructing a SAML group (#948)
  • resource/cloudflare_zone: Update Retry logic to look at an available field for passing conditions (#973)
  • resource/cloudflare_page_rule: Allow ignoring/including all query string parameters for cache_key_fields (#975)

Improvements

  • resource/cloudflare_access_policy: Enable zone and account level resources to be imported (#956)
  • resource/cloudflare_origin_ca_certificate: Smoother import process with less recreation (#955)
  • provider: Update internals to match cloudflare-go 0.14 for better error handling and context aware methods (#976)

2.18.0 (February 3rd, 2021)

  • New Resource: cloudflare_argo_tunnel (#905)
  • New Resource: cloudflare_worker_cron_trigger (#926)

Fixes

  • datasource/cloudflare_zones: Pagination is now correctly handled internally and will return more than the single page of results (cloudflare/cloudflare-go#534).
  • resource/cloudflare_access_policy: Correctly handle transforming API responses to schema (#917)
  • resource/cloudflare_access_group: Correctly handle transforming API responses to schema (#918)
  • resource/cloudflare_ip_list: Ensure account ID is persisted during Import (#916)

Improvements

  • resource/cloudflare_access_application: Allow any session_duration that is time.ParseDuration compatible (#910)
  • resource/cloudflare_rate_limit: Add the ability to configure match.response.headers in rate limits (#911)
  • resource/cloudflare_access_rule: Validate IP masks within schema (#921)

2.17.0 (January 5th, 2021)

  • New Resource: cloudflare_magic_firewall_ruleset (#884)

Fixes

  • resource/cloudfare_api_token: Omitting conditions will no longer send empty arrays causing IP restriction issues and unusable tokens (#902)

2.16.0 (January 5th, 2021)

Improvements

  • resource/cloudflare_access_application: Add support for custom_deny_message and custom_deny_url values (#895)
  • resource/cloudflare_load_balancer_monitor: Add support for probe_zone for monitors (#903)

2.15.0 (December 29th, 2020)

Improvements

  • resource/cloudflare_load_balancer: Add support for session_affinity_ttl (#882)
  • resource/cloudflare_load_balancer: Add support for session_affinity_attributes (#883)

Fixes

  • resource/cloudflare_page_rule: Fixed crash during update when using custom cache key (#894)

2.14.0 (November 26th, 2020)

  • New Resource: cloudflare_api_token (#862)
  • New Datasource: cloudflare_api_token_permission_groups (#862)
  • New Resource: cloudflare_zone_dnssec (#852)
  • New Datasource: cloudflare_zone_dnssec (#852)

Improvements

  • resource/cloudflare_record: Add explicit fields for CAA records instead of relying on the map value (#866)
  • resource/cloudflare_account_member: Swap schema role_ids to TypeSet to better handle internal ordering changes (#876)

Fixes

  • datasource/cloudflare_waf_groups: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
  • datasource/cloudflare_waf_packages: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
  • datasource/cloudflare_waf_rules: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
  • datasource/cloudflare_zones: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)

2.13.2 (November 6th, 2020)

Fixes

  • resource/cloudflare_filter: Remove schema based validation for filters (#863)

2.13.1 (November 5th, 2020)

Improvements

  • resource/cloudflare_filter: Pass missing credential error through to end user (#860)

2.13.0 (November 5th, 2020)

Improvements

  • datasource/cloudflare_ip_ranges: Add the ability to query china_ipv4_cidr_blocks and china_ipv6_cidr_blocks (#833)
  • resource/cloudflare_filter: Improve validation of expressions using the schema (#848)

Fixes

  • resource/cloudflare_page_rule: Set default for cache_key_fields.host.resolved to prevent panics (#832)
  • resource/cloudflare_authenticated_origin_pulls: Fix off-by-one error check in Import (#832)
  • resource/cloudflare_authenticated_origin_pulls_certificate: Fix off-by-one error check in Import (#832)

2.12.0 (October 22nd, 2020)

Improvements

  • resource/cloudflare_certificate_pack: Swap internal representation of hosts to remove inconsistent ordering issues (#800)
  • resource/cloudflare_logpush_job: Handle deletion outside of Terraform (#798)
  • resource/cloudflare_access_group: Add support for geo conditionals (#803)
  • resource/cloudflare_access_application: Add support for enable_binding_cookie (#802)
  • resource/cloudflare_waf_rule: Improve documentation for mode (#824)
  • datasource/cloudflare_waf_rule: Improve documentation for mode (#824)
  • resource/cloudflare_access_application: Add support for zone-level routes to Access resources (#819)
  • resource/cloudflare_access_group: Add support for zone-level routes to Access resources (#819)
  • resource/cloudflare_access_identity_provider: Add support for zone-level routes to Access resources (#819)
  • resource/cloudflare_access_policy: Add support for zone-level routes to Access resources (#819)

Fixes

  • resource/cloudflare_custom_hostname_fallback_origin: Don't retry the "active" status of custom hostnames fallbacks (#818)
  • resource/cloudflare_zone: Remove DiffSuppressFunc causing jump_start issues (#830)

2.11.0 (September 11th, 2020)

  • New Resource: cloudflare_certificate_pack (#778)

Improvements

  • resource/cloudflare_access_group: Add support for auth_method (#762)
  • resource/cloudflare_access_group: De-duplicate blocks in groups by accepting lists instead (#739)
  • resource/cloudflare_worker_script: Adds support for webassembly_binding (#780)
  • resource/cloudflare_healthcheck: Retry hostname resolution errors when encountering "no such host" responses (#789)
  • resource/cloudflare_access_application: Better validation for allowed methods and origin combinations to prevent getting state into an unrecoverable state (#793)

Fixes

  • resource/cloudflare_healthcheck: Handle resource deletion outside of Terraform (#787)
  • resource/cloudflare_custom_hostname: Ensure Import sets hostname to prevent recreation (#788)
  • resource/cloudflare_ip_list: Handle resource deletion outside of Terraform (#794)
  • resource/cloudflare_ip_list: Remove item.id from schema (#796)

2.10.1 (August 24th, 2020)

Fixes

  • resource/cloudflare_access_application: Handle the zone_id => account_id move internally (#724)

2.10.0 (August 24th, 2020)

  • New Resource: cloudflare_custom_hostname_origin_fallback (#757)
  • New Resource: cloudflare_authenticated_origin_pulls (#749)
  • New Resource: cloudflare_authenticated_origin_pulls_certificate (#749)
  • New Resource: cloudflare_ip_list (#766)

Improvements

  • resource/cloudflare_spectrum_application: Add support for port ranges (#745)
  • resource/cloudflare_custom_hostname: Force creation of a new resource if the zone_id value changes (#761)
  • resource/cloudflare_record: Retry record creation/update if the response includes an "already exists" exception for handling race conditions (#773)

Fixes

  • resource/cloudflare_firewall_rule: Compare descriptions after converting unicode + HTML entities to prevent unnecessary diffs (#758)
  • resource/cloudflare_filter: Compare descriptions after converting unicode + HTML entities to prevent unnecessary diffs (#758)

2.9.0 (July 30th, 2020)

  • New Resource: cloudflare_custom_hostname (SSL for SaaS) (#746)

Improvements

  • resource/access_application: Add support for allowed_idps and restricting which Identity Providers are associated with an Application (#734)
  • resource/access_application: Add support for auto_redirect_to_identity (#730)
  • resource/access_application: Add CORS support (#725)
  • resource/cloudflare_custom_ssl: Allow geo_restrictions to be nil and not included in the request payload (#714)
  • datasource/cloudflare_zones: Filtering is now performed on the server side and the name parameter is no longer a regex. Instead, name is a string to match on and match is a regex. See the website documentation for more examples and updated references (#708) in order to make your code compatible with this release.

2.8.0 (June 22, 2020)

  • New Resource: cloudflare_waf_override (#691)

Improvements

  • resource/cloudflare_argo: Allow tiered_caching and smart_routing to be toggled individually allowing for entitlement differences (#703)
  • resource/cloudflare_page_rule: Add support for cache_ttl_by_status (#706)
  • resource/cloudflare_worker_script: Add support for plain_text and secret_text bindings (#710)

Fixes

  • resource/cloudflare_record: Update TestAccCloudflareRecord_LOC test asserted value to use less precise floats and match the API responses (#712)
  • resource/cloudflare_record: Update TestAccCloudflareRecord_Basic test metadata attributes to match updated API payload (#713)

2.7.0 (May 20, 2020)

  • New Resource: cloudflare_byo_ip_prefix (#671)
  • New Resource: cloudflare_logpull_retention (#678)
  • New Resource: cloudflare_healthcheck (#680)

Improvements:

  • resource/cloudflare_worker_route: Improve documentation to mention using account_id for the underlying APIs (#669)
  • resource/cloudflare_worker_script: Improve documentation to mention using account_id for the underlying APIs (#670)
  • resource/cloudflare_load_balancer_pool: Improve documentation to mention notification_email accepts a comma delimited list of emails (#687)
  • resource/cloudflare_page_rule: Add support for cache_key_fields Page Rule action (#662)

Fixes:

  • resource/cloudflare_zone_settings_override: Fix regression where if you didn't have universal SSL settings defined, it would error when setting them (#663)
  • resource/cloudflare_zone: Handle changing zone rate plan from "free" to "enterprise" (#668)
  • resource/cloudflare_record: Update validation to allow PTR records (9a8fd43)

2.6.0 (April 22, 2020)

Improvements:

  • resource/cloudflare_zone_settings_override: Add universal_ssl to control enablement of Universal SSL on a zone (#658)
  • provider: API keys and API tokens are now validated to help differentiate incorrect usage before making API calls (#661)
  • resource/cloudflare_logpush_job: Add support for "firewall_events" dataset parameter (#660)
  • resource/cloudflare_logpush_job: Add support for "dataset" parameter (#649)
  • resource/cloudflare_zone_settings_override: Remove edge_cache_ttl (#654)
  • resource/cloudflare_access_group: Allow Access conditions for include/require/exclude to be used consistently between Access Groups and Access Policies (#646)

Fixes:

  • resource/cloudflare_logpush_job: fix for strconv.Atoi: parsing "" error while creating Logpush job

2.5.1 (April 03, 2020)

Improvements:

  • resource/cloudflare_zone_settings_override: Update image_resizing options to include "open" (#639)

Fixes:

2.5.0 (March 27, 2020)

Improvements:

  • resource/cloudflare_access_policy: Add support for service_token and any_valid_service_token (#612)
  • resource/cloudflare_waf_group: Handle WAF group deletions in the API responses (#623)
  • resource/cloudflare_waf_package: Handle WAF package deletions in the API responses (#623)
  • resource/cloudflare_waf_rule: Handle WAF rule deletions in the API responses (#623)
  • resource/cloudflare_access_policy: Add support for group (#626)
  • resource/cloudflare_firewall_rule: Add support for bypassing specific products (#630)
  • resource/cloudflare_spectrum_application: Add support for edge_ips, argo_smart_routing and edge_ip_connectivity (#631)
  • resource/cloudflare_access_group: Add support for using external providers (gsuite, github, azure, okta, saml, mTLS certificate, common name ) (#633)

2.4.1 (March 12, 2020)

Improvements:

  • resource/cloudflare_logpush_job: Support Import on the resource (#618)

Fixes:

  • resource/cloudflare_record: Missing CAA in DNS validation (#619)

2.4.0 (March 09, 2020)

  • New Resource: cloudflare_workers_kv (#595)
  • New Resource: cloudflare_access_identity_provider (#597)

Improvements:

  • resource/cloudflare_record: Stricter validation for record types (#610)
  • resource/logpush_job: Add more verbose error handling (#564)
  • resource/zone_settings_override: Update documentation for cache_level values (#606)
  • resource/access_application: Add documentation for available attributes (#587)
  • resource/cloudflare_firewall_rule: Add support for bypassing security configuration rules by URL (#568)
  • resource/cloudflare_record_migrate: Use zone_id for state migration before attempting to use domain (#566)
  • resource/cloudflare_load_balancer: Update session_affinity validation to allow "ip_cookie" (#573)
  • datasource/ip_ranges: Update documentation to show 0.12 syntax (#617)

Fixes

  • resource/zone_settings_override: Handle individual zone settings within Delete operations (#599)

2.3.0 (December 18, 2019)

  • New Resource: cloudflare_origin_ca_certificate (#547)

Fixes:

  • resource/cloudflare_zone_settings_override: Renamed 0rtt to zero_rtt to conform to HCL grammar requirements (#557)

Improvements:

  • resource/cloudflare_access_rule: Add ip6 as valid option (#560)
  • resource/cloudflare_spectrum_application: Swap proxy_protocol to string field with supporting enum values instead (#561)
  • resource/cloudflare_waf_rule: Add package_id as valid option and export group_id (#552)

2.2.0 (December 05, 2019)

  • New Resource: cloudflare_access_group (#510)
  • New Resource: cloudflare_workers_kv_namespace (#443)

Improvements:

  • resource/cloudflare_zone_settings_override: Add non_identity to allowed decision schema (#541)
  • resource/cloudflare_zone_settings_override: Add support for 0rtt and http3 settings (#542)
  • resource/cloudflare_load_balancer_monitor: Allow empty string for expected_body (#539)
  • resource/cloudflare_worker_script: Add support for Worker KV Namespace Bindings (#544)
  • data_source/waf_rules, resource/cloudflare_waf_rule, Support allowed modes for WAF Rules (#550)

Fixes:

  • resource/cloudflare_spectrum_application: Spectrum origin_port is optional (#549)

2.1.0 (November 07, 2019)

  • New datasource: cloudflare_waf_rules (#525)

Improvements:

  • resource/cloudflare_zone: Expose verification_key for partial setups (#532)
  • resource/cloudflare_worker_route: Enable API Tokens support from upstream cloudflare-go release

2.0.1 (October 22, 2019)

  • New Resource: cloudflare_access_service_tokens (#521)
  • New Resource: cloudflare_waf_package (#475)
  • New Resource: cloudflare_waf_group (#476)
  • New datasource: cloudflare_waf_groups (#508)
  • New datasource: cloudflare_waf_packages (#509)

Fixes:

  • resource/cloudflare_page_rule: Set h2_prioritization individually not via bulk endpoint (#493)
  • resource/cloudflare_zone_settings_override: Set zone_id to prevent unnecessary re-creation of resources (#502)

Improvements:

  • resource/cloudflare_spectrum_application: Add support for setting traffic_type (#481)
  • resource/cloudflare_zone_settings_override: Update documentation with default values (#498)

Internals:

  • Migrated to Terraform plugin SDK (#489)

2.0.0 (September 30, 2019)

Breaking changes:

  • provider/cloudflare:
  • renamed token to api_key
  • renamed org_id to account_id
  • removed use_org_from_zone, you need to explicitly specify account_id
  • Environment variables:
  • renamed CLOUDFLARE_TOKEN to CLOUDFLARE_API_TOKEN
  • renamed CLOUDFLARE_ORG_ID to CLOUDFLARE_ACCOUNT_ID
  • removed CLOUDFLARE_ORG_ZONE, you need to explicitly specify CLOUDFLARE_ACCOUNT_ID
  • Changed the following resources to require Zone ID:
  • cloudflare_access_rule
  • cloudflare_filter
  • cloudflare_firewall_rule
  • cloudflare_load_balancer
  • cloudflare_page_rule
  • cloudflare_rate_limit
  • cloudflare_record
  • cloudflare_waf_rule
  • cloudflare_worker_route"
  • cloudflare_zone_lockdown
  • cloudflare_zone_settings_override
  • Workers single-script support removed

Please see Version 2 Upgrade Guide for details.

Improvements:

  • cloudflare/resource_cloudflare_argo: Handle errors when fetching tiered caching + smart routing settings (#477)
  • Various documentation updates for 0.12 syntax

1.18.1 (August 29, 2019)

Fixes:

  • resource/cloudflare_load_balancer: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_page_rule: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_rate_limit: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_waf_rule: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_worker_route: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_worker_script: Mark zone as Computed to allow deprecations (#462)
  • resource/cloudflare_zone_lockdown: Mark zone as Computed to allow deprecations (#462)

1.18.0 (August 27, 2019)

Fixes:

  • resource/cloudflare_page_rule: Fix a logic condition where setting edge_cache_ttl action but then not updating it in subsequent apply runs causes it to be blown away (#453)

Improvements:

  • provider: You can now use API tokens to authenticate instead of user email and key (#450)
  • resource/cloudflare_zone_lockdown: priority can now be set on the resource (#445)
  • resource/cloudflare_custom_ssl: Updated website documentation navigation to include link for resource (#442))

Deprecations:

  • resource/cloudflare_access_rule: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_filter: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_firewall_rule: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_load_balancer: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_page_rule: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_rate_limit: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_waf_rule: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_worker_route: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_worker_script: zone has been superseded by using zone_id (#452)
  • resource/cloudflare_zone_lockdown: zone has been superseded by using zone_id (#452)

1.17.1 (August 09, 2019)

Fixes:

  • Partially revert [#421] deprecation messages

1.17.0 (August 09, 2019)

Removals:

  • resource/cloudflare_zone_settings_override: sha1_support has been removed due to Cloudflare no longer supporting SHA1 certificates or the API endpoint (#415)

Deprecations:

  • resource/cloudflare_zone_settings_override: tls_1_2_only has been superseded by using min_tls_version instead (#405)
  • resource/cloudflare_access_rule: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_filter: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_firewall_rule: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_load_balancer: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_page_rule: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_rate_limit: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_waf_rule: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_worker_route: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_worker_script: zone has been superseded by using zone_id (#421)
  • resource/cloudflare_zone_lockdown: zone has been superseded by using zone_id (#421)

Improvements:

  • New Resource: cloudflare_custom_ssl (#418)
  • resource/cloudflare_filter: Strip all surrounding whitespace from filter expressions to match API responses (#361)
  • resource/cloudflare_zone: Support unicode zone name values (#412)
  • resource/cloudflare_page_rule: Allow setting origin_pull for SSL (#430)
  • resource/cloudflare_load_balancer_monitor: Add TCP support for load balancer monitor (#428)

Fixes:

  • resource/cloudflare_logpush_job: Update documentation (#395)
  • resource/cloudflare_zone_lockdown: Fix: examples in documentation (#407)
  • resource/cloudflare_page_rule: Set nil on changed string-based Page Rule actions

1.16.1 (June 27, 2019)

Fixes:

  • resource/cloudflare_page_rule: Fix regression in browser_cache_ttl where the value was sent as a string instead of an integer to the remote (#390)

1.16.0 (June 20, 2019)

Improvements:

  • resource/cloudflare_zone_settings_override: Add support for h2_prioritization and image_resizing (#381)
  • resource/cloudflare_load_balancer_pool: Update IP range for tests to not use reserved ranges (#369)

Fixes:

  • resource/cloudflare_page_rule: Fix issues with browser_cache_ttl defaults and when value is 0 (for Enterprise users) (#379)

1.15.0 (May 24, 2019)

  • The provider is now compatible with Terraform v0.12, while retaining compatibility with prior versions. (#309)

1.14.0 (May 15, 2019)

Improvements:

  • New Resource: cloudflare_argo Manage Argo features (#304)
  • cloudflare_zone: Support management of partial zones (#303)
  • cloudflare_rate_limit: Update modes documentation (#293)
  • cloudflare_load_balancer: Allow steering policy of "random" (#329)

Fixes:

  • cloudflare_page_rule - Allow setting browser_cache_ttl to 0 (#293)
  • cloudflare_page_rule - Swap to completely replacing rules (#338)

1.13.0 (April 12, 2019)

Improvements

  • New Resource: cloudflare_logpush_job (#287)
  • cloudflare_zone_settings - Remove option to toggle always_on_ddos (#253)
  • cloudflare_page_rule - Update documentation to clarify "0" usage
  • cloudflare_zones - Return zone ID and zone name (#275)
  • cloudflare_load_balancer - Add enabled field (#208)
  • cloudflare_record - validators: Allow PTR DNS records (#283)

Fixes:

  • cloudflare_custom_pages - Use correct casing for zone_id lookups
  • cloudflare_rate_limit - Make correlate optional and not flap in state management (#271)
  • cloudflare_spectrum_application - Fixed integration tests to work (#275)
  • cloudflare_page_rule - Better track field changes in actions resource. (#107)

1.12.0 (March 07, 2019)

Improvements:

  • provider: Enable request/response logging (#212)
  • resource/cloudflare_load_balancer_monitor: Add validation for port (#213)
  • resource/cloudflare_load_balancer_monitor: Add allow_insecure and follow_redirects (#205)
  • resource/cloudflare_page_rule: Updated available actions documentation to match what is available (#228)
  • provider: Swap to using go modules for dependency management (#230)
  • provider: Minimum Go version for development is now 1.11 (#230)

Fixes:

  • resource/cloudflare_record: Read data back from API correctly (#217)
  • resource/cloudflare_rate_limit: Read correlate back from API correctly (#204)
  • resource/cloudflare_load_balancer_monitor: Fix incorrect type cast for port (#213)
  • resource/cloudflare_load_balancer: Make steering_policy computed to avoid spurious diffs (#214)
  • resource/cloudflare_load_balancer: Read session_affinity back from API to make import work & detects drifts (#214)

1.11.0 (January 11, 2019)

Improvements:

  • New Resource: cloudflare_spectrum_app (#156)
  • New Data Source: cloudflare_zones (#168)
  • cloudflare_load_balancer_monitor - Add optional port parameter (#179)
  • cloudflare_page_rule - Improved documentation for priority attribute (#182], missing explicit_cache_control [#185)
  • cloudflare_rate_limit - Add challenge and js_challenge rate-limit modes (#172)

Fixes:

  • cloudflare_page_rule - Page rule zone attribute change to trigger new resource (#183)

1.10.0 (December 18, 2018)

Improvements:

  • cloudflare_zone_settings_override - Add opportunistic_onion zone setting support (#170)
  • cloudflare_zone - Add ability to set zone plan (#160)

Fixes:

  • cloudflare_zone - Allow zones to be properly imported (#157)
  • cloudflare_access_policy - Match access_policy argument requisites with reality (#158)
  • cloudflare_filter - Allow zone_id to set zone and vice versa (#162)
  • cloudflare_firewall_rule - Allow zone_id to set zone and vice versa (#174)
  • cloudflare_access_rule - Ensure zone and zone_id are always set (#175)
  • Minor documentation fixes

1.9.0 (November 15, 2018)

Improvements:

  • New Resource: cloudflare_access_application (#145)
  • New Resource: cloudflare_access_policy (#145)
  • cloudflare_load_balancer - Add steering policy support (#147)
  • cloudflare_load_balancer - Support session_affinity (#153)
  • cloudflare_load_balancer_pool - Support weight (#153)

Fixes:

  • cloudflare_record - Compare name without the zone name (#151)
  • Minor documentation fixes (#149] [#152)

1.8.0 (November 05, 2018)

Improvements:

  • New Resource: cloudflare_zone (#58)
  • New Resource: cloudflare_custom_pages (#132)
  • cloudflare_zone_settings_override - Allow setting SSL level to Strict (SSL-Only Origin Pull) (#122)
  • Update provider usage/build docs and how to update a dependency (#138)
  • Improve Building The Provider instructions (#143)
  • cloudflare_access_rule - Make importable for all rule types (#141)
  • cloudflare_load_balancer_pool - Implement Update (#140)

Fixes:

  • cloudflare_rate_limit - Documentation fixes for markdown where _ALL_ is italicized (#125)
  • cloudflare_worker_route - Correctly set multi_script on Enterprise worker imports (#124)
  • account_member - Ignore role ID ordering (#128)
  • cloudflare_rate_limit - Origin traffic isn't default anymore (#130)
  • cloudflare_rate_limit - Update rate limit validation to allow 1 (#129)
  • cloudflare_record - Add validation to ensure TTL is not set while proxied is true (#127)
  • Updated code for provider version in User-Agent
  • cloudflare_zone_lockdown - Fix import of zone lockdowns (#135)

1.7.0 (October 09, 2018)

Improvements:

  • New Resource: cloudflare_account_member (#78)

1.6.0 (October 05, 2018)

Improvements:

  • New Resource: cloudflare_filter
  • New Resource: cloudflare_firewall_rule

1.5.0 (September 21, 2018)

Improvements:

  • New Resource: cloudflare_zone_lockdown (#115)

Fixes:

  • Send User-Agent header with name and version when contacting API
  • cloudflare_page_rule - Fix page rule polish (off, lossless or lossy) (#116)

1.4.0 (September 11, 2018)

Improvements:

  • New Resource: cloudflare_worker_route (#110)
  • New Resource: cloudflare_worker_script (#110)

1.3.0 (September 04, 2018)

Improvements:

  • New Resource: cloudflare_access_rule (#64)

Fixes:

  • cloudflare_zone_settings_override - Change Zone Settings Override to use GetOkExists (#107)

1.2.0 (August 13, 2018)

Improvements:

  • New Resource: cloudflare_waf_rule (#98)
  • cloudflare_zone_settings_override - Add off as Security Level setting (#99)
  • resource_cloudflare_rate_limit - Add nat support (#96)
  • resource_cloudflare_zone_settings_override - Add zrt as a value for the tls_1_3 setting (#106)
  • Minor documentation improvements

Fixes:

  • cloudflare_record - Setting a DNS record's proxied flag to false stopped working (#103)

1.1.0 (July 25, 2018)

FIXES:

  • cloudflare_ip_ranges - IPv6 CIDR blocks should return IPv6 addresses (#51)
  • cloudflare_zone_settings_override - Allow 0 for browser_cache_ttl (#71)
  • cloudflare_page_rule - forwarding_urls in page rules are lists (#79)
  • cloudflare_page_rule - The API supports active and disabled, not paused (#84)

IMPROVEMENTS:

  • cloudflare_zone_settings_override - Add support for min_tls_version (#72)
  • cloudflare_page_rule - Add support for more settings: bypass_cache_on_cookie, cache_by_device_type, cache_deception_armor, cache_on_cookie, host_header_override, polish, explicit_cache_control, origin_error_page_pass_thru, sort_query_string_for_cache, resolve_override, respect_strong_etag, response_buffering, true_client_ip_header, mirage, disable_railgun, cache_key, waf, rocket_loader, cname_flattening (#68], [#81], [#85)
  • cloudflare_page_rule - Add off setting to security_level (#81)
  • cloudflare_record - DNS Record improvements (#97)
  • Various documentation improvements

1.0.0 (April 06, 2018)

BACKWARDS INCOMPATIBILITIES / NOTES:

  • resource/cloudflare_record: Changing name or domain now force a recreation of the record (#29)

FEATURES:

  • New Resource: cloudflare_rate_limit (#30)
  • New Resource: cloudflare_page_rule (#38)
  • New Resource: cloudflare_load_balancer (#40)
  • New Resource: cloudflare_load_balancer_pool (#40)
  • New Resource: cloudflare_zone_settings_override (#41)
  • New Resource: cloudflare_load_balancer_monitor (#42)
  • New Data Source: cloudflare_ip_ranges (#28)

IMPROVEMENTS:

  • resource/cloudflare_record: Validate TXT records (#14)
  • resource/cloudflare_record: Add data input to suppport SRV, LOC records (#29)
  • resource/cloudflare_record: Add computed attributes created_on, modified_on, proxiable, and metadata to records (#29)
  • resource/cloudflare_record: Support import of existing records (#36)
  • New Provider configuration options for API rate limiting (#43)
  • New Provider configuration options for using Organizations (#40)

0.1.0 (June 20, 2017)

NOTES:

  • Same functionality as that of Terraform 0.9.8. Repacked as part of Provider Splitout