Releases: cloudflare/terraform-provider-cloudflare
v4.46.0
ENHANCEMENTS:
- resource/cloudflare_waiting_room: add "bg-BG", "hr-HR", "cs-CZ", "da-DK", "fi-FI", "lt-LT", "ms-MY", "nb-NO", "ro-RO", "el-GR", "he-IL" "hi-IN", "hu-HU", "sr-BA", "sk-SK", "sl-SI", "sv-SE", "tl-PH", "th-TH", "uk-UA", and "vi-VN" to default_template_language field (#4509)
BUG FIXES:
- resource/cloudflare_certificate_pack: Fix importing existing resources issue due to 3 ignored required fields in importer (#4544)
- resource/cloudflare_list: Don't read list items if there are none configured (#4511)
- resource/cloudflare_zero_trust_list: Consider
items_with_description
when updating a ZT list (#4477) - resource/turnstile: Force recreate on region update (#4496)
DEPENDENCIES:
- provider: bump github.com/cloudflare/cloudflare-go from 0.108.0 to 0.109.0 (#4523)
- provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.14.0 to 0.15.0 (#4492)
- provider: bump github.com/hashicorp/terraform-plugin-go from 0.24.0 to 0.25.0 (#4483)
- provider: bump github.com/hashicorp/terraform-plugin-mux from 0.16.0 to 0.17.0 (#4484)
- provider: bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.34.0 to 2.35.0 (#4491)
- provider: bump golang.org/x/net from 0.30.0 to 0.31.0 (#4541)
- provider: bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (#4531)
v4.45.0
NOTES:
- datasource/cloudflare_infrastructure_access_targets: deprecated in favour of
cloudflare_zero_trust_infrastructure_access_targets
and will be removed in the next major version. (#4403) - resource/cloudflare_infrastructure_access_target: deprecated in favour of
cloudflare_zero_trust_infrastructure_access_target
and will be removed in the next major version. (#4403)
FEATURES:
- New Resource:
cloudflare_zero_trust_infrastructure_access_target
(#4403)
ENHANCEMENTS:
- resource/cloudflare_ruleset: add support for
zstd
compression in thecompress_response
action (#4300)
BUG FIXES:
- resource/cloudflare_workers_cron_trigger: fix incorrectly reported deprecated resource (#4295)
- resource/cloudflare_zero_trust_dlp_profile: Include more fields in
entry
set hash function (#4464)
DEPENDENCIES:
v4.44.0
NOTES:
cloudflare_list
has been migrated to theterraform-plugin-framework
in doing so addresses issues with the internal representation of zero values. A downside to this is that to get the full benefits, you will need to remove the resource from your Terraform state (terraform state rm ...
) and then import the resource back into your state. (#4228)
ENHANCEMENTS:
- resource/cloudflare_certificate_pack: Add SSL.com as valid certificate authority (#4267)
- resource/cloudflare_device_posture_rule: Add support for SentinelOne posture check operational_state field (#4200)
BUG FIXES:
- resource/cloudflare_device_posture_rule: fix bug where locations were not parsed correctly for client_certificate_v2 posture rules (#4168)
- resource/cloudflare_teams_rule: start persisting rule settings, wo rules may not stuck in plan cycle (#4261)
- resource/cloudflare_zone: When changing
type
to or frompartial
theverification_key
attribute will properly show that it will receive a new value. (#4019)
INTERNAL:
- resource/cloudflare_list: migrate from SDKv2 to
terraform-plugin-framework
(#4228)
DEPENDENCIES:
v4.43.0
FEATURES:
- New Resource:
cloudflare_infrastructure_access_target
(#4077)
ENHANCEMENTS:
- resource/cloudflare_access_application: added target contexts support for access application type infrastructure (#4128)
- resource/cloudflare_access_policy: added infrastructure connection rule support for access policy (#4128)
- resource/cloudflare_device_posture_integration: add support for managing
custom_s2s
third party posture provider. (#3917) - resource/cloudflare_device_posture_rule: add ability to create custom_s2s posture rule (#3917)
- resource/cloudflare_zone_settings_override: add support for Speed Brain (#4113)
DEPENDENCIES:
- provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.34 to 1.27.37 (#4124) - provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.37 to 1.27.38 (#4127) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.32 to 1.17.35 (#4124) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.35 to 1.17.36 (#4127) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.61.2 to 1.63.1 (#4124) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.63.1 to 1.63.2 (#4127) - provider: bump
github.com/aws/aws-sdk-go-v2
from 1.30.5 to 1.31.0 (#4124) - provider: bump actions/checkout from 3 to 4 (#4101)
- provider: bump github.com/cloudflare/cloudflare-go from 0.104.0 to 0.105.0 (#4125)
- provider: bump github.com/cloudflare/cloudflare-go from 0.105.0 to 0.106.0 (#4137)
- provider: bump github.com/hashicorp/terraform-plugin-framework from 1.11.0 to 1.12.0 (#4061)
- provider: bump github.com/hashicorp/terraform-plugin-go from 0.23.0 to 0.24.0 (#4060)
v5.0.0-alpha1
Warning
v5
of the provider is a ground-up rewrite using code generation from our OpenAPI spec
and migrating internals to use terraform-plugin-framework
.
This is an alpha release that includes support for many of the foundational Cloudflare
products however, is not recommended for existing configurations, critical workloads
or production usage. There are known bugs that will be addressed as the stability
increases and we get closer to general availability.
Resources that are expected to work relate to account memberships, zone management,
DNS records, rulesets and some TLS related products. The failure modes of the resources
that are not currently supported will vary from diagnostic warnings to potential state
corruption. At this time, please do not report bugs relating to broken resources as they are
likely already being worked on to release in upcoming versions. All other feedback can be
submitted in the linked discussion.
This release does not include migration guides or codemod documentation though they do
exist if you wish to venture through it yourself.
If you have suitable workloads and would like to test out the release, you can opt-in by updating
your provider version to explicitly match one of the release candidate versions
(~>, > or >= will not work).
terraform {
required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "5.0.0-alpha1"
}
}
}
v4.42.0
FEATURES:
- New Resource:
cloudflare_zero_trust_gateway_certificate
(#3547)
ENHANCEMENTS:
- resource/cloudflare_notification_policy: add support for
image_notification
alert type (#3981) - resource/cloudflare_access_group: Added description strings to all rule types (#3792)
- resource/cloudflare_bot_management: Add support for ai_bots_protection settings (#3960)
- resource/cloudflare_record: remove internal references to deprecated ZoneID and ZoneName fields (#4018)
- resource/cloudflare_workers_script: Add support for
hyperdrive
binding type (#3821) - resource/cloudflare_zone_settings_override: Add optional setting
replace_insecure_js
(#3602) - resource/rulesets: add cache_reserve terraform support and fix typo (#3923)
- resource/zero_trust_gateway_settings: Add missing disable_for_time example field (#3931)
BUG FIXES:
- resource/cloudflare_access_application: fix the name of the new resource to use when upgrading (#4044)
- resource/cloudflare_access_application: reconcile access application custom attributes logic (#3987)
- resource/cloudflare_hyperdrive_config: fix bug when calling passing Hyperdrive config ID to update method (#4042)
DEPENDENCIES:
- provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.31 to 1.27.32 (#3892) - provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.32 to 1.27.33 (#3901) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.30 to 1.17.31 (#3892) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.31 to 1.17.32 (#3901) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.61.0 to 1.61.1 (#3892) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.61.1 to 1.61.2 (#3901) - provider: bump
github.com/aws/aws-sdk-go-v2
from 1.30.4 to 1.30.5 (#3892) - provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.33 to 1.27.34 in the aws group (#4020)
- provider: bump github.com/cloudflare/cloudflare-go from 0.103.0 to 0.104.0 (#3974)
- provider: bump golang.org/x/net from 0.28.0 to 0.29.0 (#3911)
v4.41.0
NOTES:
- resource/cloudflare_logpush_job: Deprecate
frequency
in favour ofmax_upload_interval_seconds
(#3745) - resource/cloudflare_record: remove deprecated zone_name field (#3855)
FEATURES:
- New Data Source:
cloudflare_dcv_delegation
(#3885) - New Resource:
cloudflare_cloud_connector_rules
(#3622)
ENHANCEMENTS:
- resource/cloudflare_device_posture_rule: Modify Tanium's eid_last_seen field to be relative instead of a timestamp value (#3764)
- resource/cloudflare_teams_account: Add
disable_for_time
attribute (#3526) - resource/cloudflare_waiting_room: Add enabled_origin_commands field. (#3805)
- resource/rulesets: add "contains" support to custom cache key headers (#3820)
BUG FIXES:
- resource/cloudflare_access_mutual_tls_certificate: change associated hostnames to a set (#3498)
- resource/cloudflare_access_policy: Fix forcing new access policies when account id is not set through import (#3358)
- resource/cloudflare_record: Suppress matching ipv6 dns record (#3888)
- resource/cloudflare_record: handle scenarios where
content
andvalue
are both being set in state and erroneously always thinking thecontent
field is the source of truth (#3776) - resource/cloudflare_zero_trust_access_group: Fix false deprecation warnings (#3740)
- resource/cloudflare_zone_settings_override: fix migration process with nil initial_settings (#3829)
- resource/hyperdrive_config: use hyperdrive_config id when updating resource (#3704)
DEPENDENCIES:
- provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.27 to 1.27.31 (#3801) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.27 to 1.17.30 (#3801) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.58.3 to 1.60.1 (#3801) - provider: bump
github.com/aws/aws-sdk-go-v2
from 1.30.3 to 1.30.4 (#3801) - provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.60.1 to 1.61.0 in the aws group (#3823)
- provider: bump github.com/cloudflare/cloudflare-go from 0.101.0 to 0.102.0 (#3713)
- provider: bump github.com/cloudflare/cloudflare-go from 0.102.0 to 0.103.0 (#3824)
v4.40.0
NOTES:
- resource/cloudflare_access_application: deprecated in favour of
cloudflare_zero_trust_access_application
and will be removed in the next major version. (#3584) - resource/cloudflare_access_ca_certificate: deprecated in favour of
cloudflare_zero_trust_access_short_lived_certificate
and will be removed in the next major version. (#3584) - resource/cloudflare_access_custom_page: deprecated in favour of
cloudflare_zero_trust_access_custom_page
and will be removed in the next major version. (#3584) - resource/cloudflare_access_group: deprecated in favour of
cloudflare_zero_trust_access_group
and will be removed in the next major version. (#3584) - resource/cloudflare_access_identity_provider: deprecated in favour of
cloudflare_zero_trust_access_identity_provider
and will be removed in the next major version. (#3584) - resource/cloudflare_access_keys_configuration: deprecated in favour of
cloudflare_zero_trust_access_key_configuration
and will be removed in the next major version. (#3584) - resource/cloudflare_access_mutual_tls_certificate: deprecated in favour of
cloudflare_zero_trust_access_mtls_certificate
and will be removed in the next major version. (#3584) - resource/cloudflare_access_mutual_tls_hostname_settings: deprecated in favour of
cloudflare_zero_trust_access_mtls_hostname_settings
and will be removed in the next major version. (#3584) - resource/cloudflare_access_organization: deprecated in favour of
cloudflare_zero_trust_organization
and will be removed in the next major version. (#3584) - resource/cloudflare_access_policy: deprecated in favour of
cloudflare_zero_trust_access_policy
and will be removed in the next major version. (#3584) - resource/cloudflare_access_service_token: deprecated in favour of
cloudflare_zero_trust_access_service_token
and will be removed in the next major version. (#3584) - resource/cloudflare_access_tag: deprecated in favour of
cloudflare_zero_trust_access_tag
and will be removed in the next major version. (#3584) - resource/cloudflare_device_dex_test: deprecated in favour of
cloudflare_zero_trust_dex_test
and will be removed in the next major version. (#3584) - resource/cloudflare_device_managed_networks: deprecated in favour of
cloudflare_zero_trust_device_managed_networks
and will be removed in the next major version. (#3584) - resource/cloudflare_device_policy_certificates: deprecated in favour of
cloudflare_zero_trust_device_certificates
and will be removed in the next major version. (#3584) - resource/cloudflare_device_posture_integration: deprecated in favour of
cloudflare_zero_trust_device_posture_integration
and will be removed in the next major version. (#3584) - resource/cloudflare_device_posture_rule: deprecated in favour of
cloudflare_zero_trust_device_posture_rule
and will be removed in the next major version. (#3584) - resource/cloudflare_device_settings_policy: deprecated in favour of
cloudflare_zero_trust_device_profiles
and will be removed in the next major version. (#3584) - resource/cloudflare_dlp_custom_profile: deprecated in favour of
cloudflare_zero_trust_dlp_custom_profile
and will be removed in the next major version. (#3584) - resource/cloudflare_dlp_predefined_profile: deprecated in favour of
cloudflare_zero_trust_dlp_predefined_profile
and will be removed in the next major version. (#3584) - resource/cloudflare_dlp_profile: deprecated in favour of
cloudflare_zero_trust_dlp_profile
and will be removed in the next major version. (#3584) - resource/cloudflare_fallback_domain: deprecated in favour of
cloudflare_zero_trust_local_domain_fallback
and will be removed in the next major version. (#3584) - resource/cloudflare_gre_tunnel: deprecated in favour of
cloudflare_magic_wan_gre_tunnel
and will be removed in the next major version. (#3584) - resource/cloudflare_ipsec_tunnel: deprecated in favour of
cloudflare_magic_wan_ipsec_tunnel
and will be removed in the next major version. (#3584) - resource/cloudflare_record: fix a bug that prematurely removed the ability to set the deprecated
value
field. (#3674) - resource/cloudflare_risk_behavior: deprecated in favour of
cloudflare_zero_trust_risk_behavior
and will be removed in the next major version. (#3584) - resource/cloudflare_split_tunnel: deprecated in favour of
cloudflare_zero_trust_split_tunnels
and will be removed in the next major version. (#3584) - resource/cloudflare_static_route: deprecated in favour of
cloudflare_magic_wan_static_route
and will be removed in the next major version. (#3584) - resource/cloudflare_teams_account: deprecated in favour of
cloudflare_zero_trust_gateway_settings
and will be removed in the next major version. (#3584) - resource/cloudflare_teams_list: deprecated in favour of
cloudflare_zero_trust_list
and will be removed in the next major version. (#3584) - resource/cloudflare_teams_location: deprecated in favour of
cloudflare_zero_trust_dns_location
and will be removed in the next major version. (#3584) - resource/cloudflare_teams_proxy_endpoint: deprecated in favour of
cloudflare_zero_trust_gateway_proxy_endpoint
and will be removed in the next major version. (#3584) - resource/cloudflare_teams_rule: deprecated in favour of
cloudflare_zero_trust_gateway_policy
and will be removed in the next major version. (#3584) - resource/cloudflare_tunnel: deprecated in favour of
cloudflare_zero_trust_tunnel_cloudflared
and will be removed in the next major version. (#3584) - resource/cloudflare_tunnel_config: deprecated in favour of
cloudflare_zero_trust_tunnel_cloudflared_config
and will be removed in the next major version. (#3584) - resource/cloudflare_tunnel_route: deprecated in favour of
cloudflare_zero_trust_tunnel_route
and will be removed in the next major version. (#3584) - resource/cloudflare_tunnel_virtual_network: deprecated in favour of
cloudflare_zero_trust_tunnel_virtual_network
and will be removed in the next major version. (#3584) - resource/cloudflare_worker_cron_trigger: deprecated in favour of
cloudflare_workers_cron_trigger
and will be removed in the next major version. (#3584) - resource/cloudflare_worker_domain: deprecated in favour of
cloudflare_workers_custom_domain
and will be removed in the next major version. (#3584) - resource/cloudflare_worker_script: deprecated in favour of
cloudflare_workers_script
and will be removed in the next major version. (#3584) - resource/cloudflare_worker_secret: deprecated in favour of
cloudflare_workers_secret
and will be removed in the next major version. (#3584) - resource/cloudflare_workers_for_platforms_namespace: deprecated in favour of
cloudflare_workers_for_platforms_dispatch_namespace
and will be removed in the next major version. (#3584)
FEATURES:
- New Resource: `cloudflar...
v4.39.0
NOTES:
- resource/cloudflare_access_policy: remove deprecation notice related to precedence (#3556)
- resource/cloudflare_record:
value
is now deprecated in favour ofcontent
(#3509) - resource/cloudflare_worker_cron_trigger: deprecated in favour of
cloudflare_workers_cron_trigger
and will be removed in the next major version. (#3500) - resource/cloudflare_worker_domain: deprecated in favour of
cloudflare_workers_domain
and will be removed in the next major version. (#3500) - resource/cloudflare_worker_route: deprecated in favour of
cloudflare_workers_route
and will be removed in the next major version. (#3500) - resource/cloudflare_worker_script: deprecated in favour of
cloudflare_workers_script
and will be removed in the next major version. (#3500) - resource/cloudflare_worker_secret: deprecated in favour of
cloudflare_workers_secret
and will be removed in the next major version. (#3500) - resource/cloudflare_workers_for_platforms_namespace: deprecated in favour of
cloudflare_workers_for_platforms_dispatch_namespace
and will be removed in the next major version. (#3500) - resource/zone_settings_override: deprecate
minify
setting and include state migration to remove from local state. You should immediately remove the configuration from the resource to prevent permadiffs. Automatic migration of user configuration can be handled with Grit by runninggrit apply github.com/cloudflare/terraform-provider-cloudflare#cloudflare_zone_settings_override_remove_minify
(#3521)
FEATURES:
- New Data Source:
cloudflare_gateway_app_types
(#3470) - New Resource:
cloudflare_workers_cron_trigger
(#3500) - New Resource:
cloudflare_workers_domain
(#3500) - New Resource:
cloudflare_workers_for_platforms_dispatch_namespace
(#3500) - New Resource:
cloudflare_workers_route
(#3500) - New Resource:
cloudflare_workers_script
(#3500) - New Resource:
cloudflare_workers_secret
(#3500)
ENHANCEMENTS:
- resource/access_application: add
skip_app_launcher_login_page
flag to skip the App Launcher landing page (#3519) - resource/cloudflare_device_posture_rules: added support for intune compliance_status values (#3492)
- resource/cloudflare_teams_rule: Add
disable_clipboard_redirection
attribute toBISOAdminControls
(#3511) - resource/hyperdrive_config: Add support for creating Hyperdrive over Access configs (#3516)
- resource/hyperdrive_config: Add support for max_age and stale_while_revalidate in Hyperdrive Config caching settings (#3516)
BUG FIXES:
- resource/cloudflare_list_item: handle overlapping hostname
url_hostname
(#3515) - resource/cloudflare_risk_behavior: fix bug where partial definition of risk behaviors resulted in a provider error (#3463)
DEPENDENCIES:
v4.38.0
FEATURES:
- New Data Source:
cloudflare_gateway_categories
(#3443)
ENHANCEMENTS:
- resource/cloudflare_teams_list: add support for descriptions on list items (#3488)
- resource/cloudflare_teams_rules: add support for
ignore_cname_category_matches
(#3473)
BUG FIXES:
- resource/cloudflare-access-application: fixes bug when updating self_hosted_domains (#3468)
- resource/cloudflare_access_application: Fix bug that was not cleaning the API when removing all ids from the 'policies' list (#3469)
DEPENDENCIES:
- provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.24 to 1.27.25 (#3449) - provider: bump
github.com/aws/aws-sdk-go-v2/config
from 1.27.25 to 1.27.27 (#3483) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.24 to 1.17.25 (#3449) - provider: bump
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.25 to 1.17.27 (#3483) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.58.0 to 1.58.1 (#3449) - provider: bump
github.com/aws/aws-sdk-go-v2/service/s3
from 1.58.1 to 1.58.2 (#3483) - provider: bump
github.com/aws/aws-sdk-go-v2
from 1.30.1 to 1.30.2 (#3449) - provider: bump
github.com/aws/aws-sdk-go-v2
from 1.30.2 to 1.30.3 (#3483) - provider: bump github.com/cloudflare/cloudflare-go/v2 from 2.3.0 to 2.4.0 (#3480)