Inconsistency in Zero Trust permission naming #17351
Assignees
Labels
Backlog
PR has a related JIRA ticket
content:edit
Request for content edits
documentation
Documentation edits
product:API
product:fundamentals
Comments
tomasbedrich
added
content:edit
haleycode
assigned crwaters16 and RebeccaTamachiro and unassigned kodster28 and crwaters16
|
Hey @tomasbedrich thanks for flagging. I've opened an internal ticket (PCX-14250) to track this issue. We're investigating what it would take to update the permission names used by the API/Terraform, as they're not something the dev docs team can update directly. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Existing documentation URL(s)
https://developers.cloudflare.com/fundamentals/api/reference/permissions/
What changes are you suggesting?
There is a permission called "Zero Trust Write", which is available in the UI to assign to the API token. All good so far. ✅
However, when I try to assign this permission to the API token using Terraform (-> using API under the hood), it fails due to "Zero Trust Write" missing in the list of available permissions. I am using the suggested pattern. 😳
I traced it down using List Token Permission Groups endpoint, where the mentioned "Zero Trust Write" permission is not present at all. This is a clear inconsistency between docs and API. Likely there are more of the "Zero Trust ***" permissions which are incorrect.
Using reverse-engineering – i.e. by setting the permissions using UI, refreshing the Terraform resource and reading the Terraform state - I discovered the "Zero Trust Edit" (UI) permission corresponds to the "Teams Write" (API) permission.
I can see two possible resolutions:
Additional information
No response
The text was updated successfully, but these errors were encountered: