diff --git a/.semgrep.yml b/.semgrep.yml index 80fd0477fa..bc1ce1d14a 100644 --- a/.semgrep.yml +++ b/.semgrep.yml @@ -18,8 +18,11 @@ rules: - 'internal/sdkv2provider/resource_cloudflare_fallback_domain_test.go' patterns: - pattern-regex: '\d+\.\d+\.\d+\.\d+' + - pattern-not-regex: '-\d+\.\d+\.\d+\.\d+' - pattern-not: '127.0.0.1' - pattern-not: '0.0.0.0' + - pattern-not: '1.1.1.1' + - pattern-not: '1.0.0.1' - pattern-not-regex: '10\.\d+\.\d+.\d+' - pattern-not-regex: '192\.168\.\d+.\d+' - pattern-not-regex: '192\.0\.2\.\d+' # 192.0.2.0/24 (TEST-NET-1, rfc5737) @@ -156,6 +159,7 @@ rules: patterns: - pattern: '"account_id"' severity: WARNING + fix: "consts.AccountIDSchemaKey" - id: use-defined-zone-id-constant-instead-of-strings languages: - go @@ -168,4 +172,5 @@ rules: - 'templates/' patterns: - pattern: '"zone_id"' + fix: "consts.ZoneIDSchemaKey" severity: WARNING diff --git a/docs/data-sources/infrastructure_access_targets.md b/docs/data-sources/infrastructure_access_targets.md index 1e235ac608..982affd5d1 100644 --- a/docs/data-sources/infrastructure_access_targets.md +++ b/docs/data-sources/infrastructure_access_targets.md @@ -9,7 +9,20 @@ description: |- Use this data source to retrieve all Infrastructure Access Targets. - +## Example Usage + +```terraform +data "cloudflare_infrastructure_access_targets" "example" { + account_id = "f037e56e89293a057740de681ac9abbe" + hostname_contains = "example" + ipv4 = "198.51.100.1" +} + +# output the list of targets the data source contains +output "targets" { + value = data.cloudflare_infrastructure_access_targets.example.targets +} +``` ## Schema @@ -20,12 +33,12 @@ Use this data source to retrieve all Infrastructure Access Targets. ### Optional - `created_after` (String) A date and time after a target was created to filter on. -- `hostname` (String) The name of the app type. -- `hostname_contains` (String) The name of the app type. -- `ipv4` (String) The name of the app type. -- `ipv6` (String) The name of the app type. +- `hostname` (String) The hostname of the target. +- `hostname_contains` (String) Partial match to the hostname of a target +- `ipv4` (String) The target's IPv4 address. +- `ipv6` (String) The target's IPv6 address. - `modified_after` (String) A date and time after a target was modified to filter on. -- `virtual_network_id` (String) The name of the app type. +- `virtual_network_id` (String) The private virtual network identifier for the target. ### Read-Only diff --git a/docs/resources/access_application.md b/docs/resources/access_application.md index 38db3a0938..e592ed5379 100644 --- a/docs/resources/access_application.md +++ b/docs/resources/access_application.md @@ -29,9 +29,9 @@ resource "cloudflare_access_application" "staging_app" { type = "self_hosted" session_duration = "24h" auto_redirect_to_identity = false - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] } @@ -42,9 +42,9 @@ resource "cloudflare_access_application" "staging_app" { domain = "staging.example.com" type = "self_hosted" session_duration = "24h" - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] cors_headers { allowed_methods = ["GET", "POST", "OPTIONS"] @@ -56,15 +56,15 @@ resource "cloudflare_access_application" "staging_app" { # Infrastructure application configuration resource "cloudflare_zero_trust_access_application" "infra-app-example" { - account_id = "0da42c8d2132a9ddaf714f9e7c920711" + account_id = "f037e56e89293a057740de681ac9abbe" name = "infra-app" type = "infrastructure" - + target_criteria { port = 22 protocol = "SSH" target_attributes { - name = "hostname" + name = "hostname" values = ["tfgo-tests-useast", "tfgo-tests-uswest"] } } @@ -109,7 +109,7 @@ resource "cloudflare_zero_trust_access_application" "infra-app-example" { - `skip_app_launcher_login_page` (Boolean) Option to skip the App Launcher landing page. Defaults to `false`. - `skip_interstitial` (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to `false`. - `tags` (Set of String) The itags associated with the application. -- `target_criteria` (Block List) A list of mappings to apply to SCIM resources before provisioning them in this application. These can transform or filter the resources to be provisioned. (see [below for nested schema](#nestedblock--target_criteria)) +- `target_criteria` (Block List) The payload for an infrastructure application which defines the port, protocol, and target attributes. Only applicable to Infrastructure Applications, in which case this field is required. (see [below for nested schema](#nestedblock--target_criteria)) - `type` (String) The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`, `infrastructure`. Defaults to `self_hosted`. - `zone_id` (String) The zone identifier to target for the resource. Conflicts with `account_id`. diff --git a/docs/resources/access_policy.md b/docs/resources/access_policy.md index 78d958be54..cf81acf688 100644 --- a/docs/resources/access_policy.md +++ b/docs/resources/access_policy.md @@ -26,9 +26,9 @@ a particular resource. ```terraform # Allowing access to `test@example.com` email address only resource "cloudflare_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -42,9 +42,9 @@ resource "cloudflare_access_policy" "test_policy" { # Allowing `test@example.com` to access but only when coming from a # specific IP. resource "cloudflare_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -58,10 +58,10 @@ resource "cloudflare_access_policy" "test_policy" { # Access policy for an infrastructure application resource "cloudflare_access_policy" "infra-app-example-allow" { application_id = cloudflare_zero_trust_access_application.infra-app-example.id - account_id = "0da42c8d2132a9ddaf714f9e7c920711" - name = "infra-app-example-allow" - decision = "allow" - precedence = 1 + account_id = "f037e56e89293a057740de681ac9abbe" + name = "infra-app-example-allow" + decision = "allow" + precedence = 1 include { email = ["devuser@gmail.com"] @@ -76,15 +76,15 @@ resource "cloudflare_access_policy" "infra-app-example-allow" { # Infrastructure application configuration for infra-app-example-allow resource "cloudflare_zero_trust_access_application" "infra-app-example" { - account_id = "0da42c8d2132a9ddaf714f9e7c920711" + account_id = "f037e56e89293a057740de681ac9abbe" name = "infra-app" type = "infrastructure" - + target_criteria { port = 22 protocol = "SSH" target_attributes { - name = "hostname" + name = "hostname" values = ["tfgo-tests-useast", "tfgo-tests-uswest"] } } @@ -108,7 +108,7 @@ resource "cloudflare_zero_trust_access_application" "infra-app-example" { - `application_id` (String) The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** - `approval_group` (Block List) (see [below for nested schema](#nestedblock--approval_group)) - `approval_required` (Boolean) -- `connection_rules` (Block List, Max: 1) The rules that define how users may connect to the targets secured by your application. (see [below for nested schema](#nestedblock--connection_rules)) +- `connection_rules` (Block List, Max: 1) The rules that define how users may connect to the targets secured by your application. Only applicable to Infrastructure Applications, in which case this field is required. (see [below for nested schema](#nestedblock--connection_rules)) - `exclude` (Block List) A series of access conditions, see [Access Groups](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). (see [below for nested schema](#nestedblock--exclude)) - `isolation_required` (Boolean) Require this application to be served in an isolated browser for users matching this policy. - `precedence` (Number) The unique precedence for policies on a single application. Required when using `application_id`. diff --git a/docs/resources/healthcheck.md b/docs/resources/healthcheck.md index d1408c185f..1be5152adc 100644 --- a/docs/resources/healthcheck.md +++ b/docs/resources/healthcheck.md @@ -16,55 +16,55 @@ without needing a Cloudflare Load Balancer. ```terraform # HTTPS Healthcheck resource "cloudflare_healthcheck" "http_health_check" { - zone_id = var.cloudflare_zone_id - name = "http-health-check" + zone_id = var.cloudflare_zone_id + name = "http-health-check" description = "example http health check" - address = "example.com" - suspended = false + address = "example.com" + suspended = false check_regions = [ "WEU", "EEU" ] - type = "HTTPS" - port = 443 - method = "GET" - path = "/health" + type = "HTTPS" + port = 443 + method = "GET" + path = "/health" expected_body = "alive" expected_codes = [ "2xx", "301" ] follow_redirects = true - allow_insecure = false + allow_insecure = false header { header = "Host" values = ["example.com"] } - timeout = 10 - retries = 2 - interval = 60 - consecutive_fails = 3 + timeout = 10 + retries = 2 + interval = 60 + consecutive_fails = 3 consecutive_successes = 2 } # TCP Healthcheck resource "cloudflare_healthcheck" "tcp_health_check" { - zone_id = var.cloudflare_zone_id - name = "tcp-health-check" + zone_id = var.cloudflare_zone_id + name = "tcp-health-check" description = "example tcp health check" - address = "example.com" - suspended = false + address = "example.com" + suspended = false check_regions = [ "WEU", "EEU" ] - type = "TCP" - port = 22 - method = "connection_established" - timeout = 10 - retries = 2 - interval = 60 - consecutive_fails = 3 + type = "TCP" + port = 22 + method = "connection_established" + timeout = 10 + retries = 2 + interval = 60 + consecutive_fails = 3 consecutive_successes = 2 } ``` diff --git a/docs/resources/infrastructure_access_target.md b/docs/resources/infrastructure_access_target.md index 916bc42b73..17091757ed 100644 --- a/docs/resources/infrastructure_access_target.md +++ b/docs/resources/infrastructure_access_target.md @@ -14,28 +14,28 @@ The [Infrastructure Access Target](https://developers.cloudflare.com/cloudflare- ```terraform resource "cloudflare_infrastructure_access_target" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - hostname = "example-target" - ip = { - ipv4 = { - ip_addr = "210.26.29.230" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - ipv6 = { - ip_addr = "24c0:64e8:f0b4:8dbf:7104:72b0:ef8f:f5e0" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - } + hostname = "example-target" + ip = { + ipv4 = { + ip_addr = "198.51.100.1" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + ipv6 = { + ip_addr = "2001:db8::" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + } } resource "cloudflare_infrastructure_access_target" "ipv4_only_example" { account_id = "f037e56e89293a057740de681ac9abbe" - hostname = "example-ipv4-only" - ip = { - ipv4 = { - ip_addr = "210.26.29.230" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - } + hostname = "example-ipv4-only" + ip = { + ipv4 = { + ip_addr = "198.51.100.1" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + } } ``` diff --git a/docs/resources/list.md b/docs/resources/list.md index 7de102d91b..9b78eb8e4c 100644 --- a/docs/resources/list.md +++ b/docs/resources/list.md @@ -91,7 +91,7 @@ resource "cloudflare_list" "example" { item { value { - asn = 989 + asn = 989 } comment = "two" } diff --git a/docs/resources/list_item.md b/docs/resources/list_item.md index 1f547f6755..1dd6ec529b 100644 --- a/docs/resources/list_item.md +++ b/docs/resources/list_item.md @@ -63,7 +63,7 @@ resource "cloudflare_list_item" "example_asn_item" { account_id = "f037e56e89293a057740de681ac9abbe" list_id = cloudflare_list.example_asn_list.id comment = "List Item Comment" - asn = 6789 + asn = 6789 } # Hostname List diff --git a/docs/resources/observatory_scheduled_test.md b/docs/resources/observatory_scheduled_test.md index d30ccf6173..d32213545d 100644 --- a/docs/resources/observatory_scheduled_test.md +++ b/docs/resources/observatory_scheduled_test.md @@ -13,9 +13,9 @@ Provides a Cloudflare Observatory Scheduled Test resource. ```terraform resource "cloudflare_observatory_scheduled_test" "example" { - zone_id = "0da42c8d2132a9ddaf714f9e7c920711" - url = "example.com" - region = "us-central1" + zone_id = "0da42c8d2132a9ddaf714f9e7c920711" + url = "example.com" + region = "us-central1" frequency = "WEEKLY" } ``` diff --git a/docs/resources/ruleset.md b/docs/resources/ruleset.md index ea4fc61be5..46ffbadcfb 100644 --- a/docs/resources/ruleset.md +++ b/docs/resources/ruleset.md @@ -300,7 +300,7 @@ resource "cloudflare_ruleset" "cache_settings_example" { include = ["habc", "hdef"] check_presence = ["habc_t", "hdef_t"] exclude_origin = true - contains = { + contains = { "accept" = ["image/webp", "image/png"] "accept-encoding" = ["br", "zstd"] "some-header" = ["some-value", "some-other-value"] @@ -320,7 +320,7 @@ resource "cloudflare_ruleset" "cache_settings_example" { } } cache_reserve = { - eligible = true + eligible = true minimum_file_size = 100000 } origin_error_page_passthru = false diff --git a/docs/resources/teams_account.md b/docs/resources/teams_account.md index 509364dadc..cfe024a4d6 100644 --- a/docs/resources/teams_account.md +++ b/docs/resources/teams_account.md @@ -46,10 +46,10 @@ resource "cloudflare_teams_account" "example" { } proxy { - tcp = true - udp = true - root_ca = true - virtual_ip = false + tcp = true + udp = true + root_ca = true + virtual_ip = false disable_for_time = 3600 } diff --git a/docs/resources/tunnel_virtual_network.md b/docs/resources/tunnel_virtual_network.md index 883ba4cd45..234da99428 100644 --- a/docs/resources/tunnel_virtual_network.md +++ b/docs/resources/tunnel_virtual_network.md @@ -20,8 +20,8 @@ private IPs in your origins. ```terraform resource "cloudflare_tunnel_virtual_network" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - name = "vnet-for-documentation" - comment = "New tunnel virtual network for documentation" + name = "vnet-for-documentation" + comment = "New tunnel virtual network for documentation" } ``` diff --git a/docs/resources/waiting_room.md b/docs/resources/waiting_room.md index e0e1198495..fab3e26c8b 100644 --- a/docs/resources/waiting_room.md +++ b/docs/resources/waiting_room.md @@ -31,7 +31,7 @@ resource "cloudflare_waiting_room" "example" { host = "shop2.example.com" } - queueing_status_code = 200 + queueing_status_code = 200 enabled_origin_commands = ["revoke"] } diff --git a/docs/resources/waiting_room_event.md b/docs/resources/waiting_room_event.md index 9e14c7728b..0505e1c9ba 100644 --- a/docs/resources/waiting_room_event.md +++ b/docs/resources/waiting_room_event.md @@ -14,11 +14,11 @@ Provides a Cloudflare Waiting Room Event resource. ```terraform # Waiting Room Event resource "cloudflare_waiting_room_event" "example" { - zone_id = "0da42c8d2132a9ddaf714f9e7c920711" - waiting_room_id = "d41d8cd98f00b204e9800998ecf8427e" - name = "foo" - event_start_time = "2006-01-02T15:04:05Z" - event_end_time = "2006-01-02T20:04:05Z" + zone_id = "0da42c8d2132a9ddaf714f9e7c920711" + waiting_room_id = "d41d8cd98f00b204e9800998ecf8427e" + name = "foo" + event_start_time = "2006-01-02T15:04:05Z" + event_end_time = "2006-01-02T20:04:05Z" } ``` diff --git a/docs/resources/zero_trust_access_application.md b/docs/resources/zero_trust_access_application.md index 09dd8d28b2..c49dbe1dfe 100644 --- a/docs/resources/zero_trust_access_application.md +++ b/docs/resources/zero_trust_access_application.md @@ -29,9 +29,9 @@ resource "cloudflare_zero_trust_access_application" "staging_app" { type = "self_hosted" session_duration = "24h" auto_redirect_to_identity = false - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] } @@ -42,9 +42,9 @@ resource "cloudflare_zero_trust_access_application" "staging_app" { domain = "staging.example.com" type = "self_hosted" session_duration = "24h" - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] cors_headers { allowed_methods = ["GET", "POST", "OPTIONS"] @@ -90,7 +90,7 @@ resource "cloudflare_zero_trust_access_application" "staging_app" { - `skip_app_launcher_login_page` (Boolean) Option to skip the App Launcher landing page. Defaults to `false`. - `skip_interstitial` (Boolean) Option to skip the authorization interstitial when using the CLI. Defaults to `false`. - `tags` (Set of String) The itags associated with the application. -- `target_criteria` (Block List) A list of mappings to apply to SCIM resources before provisioning them in this application. These can transform or filter the resources to be provisioned. (see [below for nested schema](#nestedblock--target_criteria)) +- `target_criteria` (Block List) The payload for an infrastructure application which defines the port, protocol, and target attributes. Only applicable to Infrastructure Applications, in which case this field is required. (see [below for nested schema](#nestedblock--target_criteria)) - `type` (String) The application type. Available values: `app_launcher`, `bookmark`, `biso`, `dash_sso`, `saas`, `self_hosted`, `ssh`, `vnc`, `warp`, `infrastructure`. Defaults to `self_hosted`. - `zone_id` (String) The zone identifier to target for the resource. Conflicts with `account_id`. diff --git a/docs/resources/zero_trust_access_policy.md b/docs/resources/zero_trust_access_policy.md index debcb49eda..24ae5dc177 100644 --- a/docs/resources/zero_trust_access_policy.md +++ b/docs/resources/zero_trust_access_policy.md @@ -26,9 +26,9 @@ a particular resource. ```terraform # Allowing access to `test@example.com` email address only resource "cloudflare_zero_trust_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -42,9 +42,9 @@ resource "cloudflare_zero_trust_access_policy" "test_policy" { # Allowing `test@example.com` to access but only when coming from a # specific IP. resource "cloudflare_zero_trust_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -70,7 +70,7 @@ resource "cloudflare_zero_trust_access_policy" "test_policy" { - `application_id` (String) The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** - `approval_group` (Block List) (see [below for nested schema](#nestedblock--approval_group)) - `approval_required` (Boolean) -- `connection_rules` (Block List, Max: 1) The rules that define how users may connect to the targets secured by your application. (see [below for nested schema](#nestedblock--connection_rules)) +- `connection_rules` (Block List, Max: 1) The rules that define how users may connect to the targets secured by your application. Only applicable to Infrastructure Applications, in which case this field is required. (see [below for nested schema](#nestedblock--connection_rules)) - `exclude` (Block List) A series of access conditions, see [Access Groups](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/access_group#conditions). (see [below for nested schema](#nestedblock--exclude)) - `isolation_required` (Boolean) Require this application to be served in an isolated browser for users matching this policy. - `precedence` (Number) The unique precedence for policies on a single application. Required when using `application_id`. diff --git a/docs/resources/zero_trust_gateway_settings.md b/docs/resources/zero_trust_gateway_settings.md index 363a489a87..9ce69ae81f 100644 --- a/docs/resources/zero_trust_gateway_settings.md +++ b/docs/resources/zero_trust_gateway_settings.md @@ -46,10 +46,10 @@ resource "cloudflare_zero_trust_gateway_settings" "example" { } proxy { - tcp = true - udp = true - root_ca = true - virtual_ip = false + tcp = true + udp = true + root_ca = true + virtual_ip = false disable_for_time = 3600 } diff --git a/docs/resources/zero_trust_tunnel_virtual_network.md b/docs/resources/zero_trust_tunnel_virtual_network.md index b0a5ac6efb..4d8290d5a5 100644 --- a/docs/resources/zero_trust_tunnel_virtual_network.md +++ b/docs/resources/zero_trust_tunnel_virtual_network.md @@ -20,8 +20,8 @@ private IPs in your origins. ```terraform resource "cloudflare_zero_trust_tunnel_virtual_network" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - name = "vnet-for-documentation" - comment = "New tunnel virtual network for documentation" + name = "vnet-for-documentation" + comment = "New tunnel virtual network for documentation" } ``` diff --git a/examples/data-sources/cloudflare_infrastructure_access_target/data-source.tf b/examples/data-sources/cloudflare_infrastructure_access_target/data-source.tf deleted file mode 100644 index a9a5b1e3d5..0000000000 --- a/examples/data-sources/cloudflare_infrastructure_access_target/data-source.tf +++ /dev/null @@ -1,11 +0,0 @@ -data "cloudflare_infrastructure_access_targets" "example" { - account_id = "f037e56e89293a057740de681ac9abbe" - # Query parameters - hostname_contains = "example" - ipv4 = "210.26.29.230" -} - -# output the list of targets the data source contains -output "targets" { - value = data.cloudflare_infrastructure_access_targets.example.targets -} diff --git a/examples/data-sources/cloudflare_infrastructure_access_targets/data-source.tf b/examples/data-sources/cloudflare_infrastructure_access_targets/data-source.tf new file mode 100644 index 0000000000..04c2654afe --- /dev/null +++ b/examples/data-sources/cloudflare_infrastructure_access_targets/data-source.tf @@ -0,0 +1,10 @@ +data "cloudflare_infrastructure_access_targets" "example" { + account_id = "f037e56e89293a057740de681ac9abbe" + hostname_contains = "example" + ipv4 = "198.51.100.1" +} + +# output the list of targets the data source contains +output "targets" { + value = data.cloudflare_infrastructure_access_targets.example.targets +} diff --git a/examples/resources/cloudflare_access_application/resource.tf b/examples/resources/cloudflare_access_application/resource.tf index 80eff6e3e0..db6539320c 100644 --- a/examples/resources/cloudflare_access_application/resource.tf +++ b/examples/resources/cloudflare_access_application/resource.tf @@ -5,9 +5,9 @@ resource "cloudflare_access_application" "staging_app" { type = "self_hosted" session_duration = "24h" auto_redirect_to_identity = false - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] } @@ -18,9 +18,9 @@ resource "cloudflare_access_application" "staging_app" { domain = "staging.example.com" type = "self_hosted" session_duration = "24h" - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] cors_headers { allowed_methods = ["GET", "POST", "OPTIONS"] @@ -32,15 +32,15 @@ resource "cloudflare_access_application" "staging_app" { # Infrastructure application configuration resource "cloudflare_zero_trust_access_application" "infra-app-example" { - account_id = "0da42c8d2132a9ddaf714f9e7c920711" + account_id = "f037e56e89293a057740de681ac9abbe" name = "infra-app" type = "infrastructure" - + target_criteria { port = 22 protocol = "SSH" target_attributes { - name = "hostname" + name = "hostname" values = ["tfgo-tests-useast", "tfgo-tests-uswest"] } } diff --git a/examples/resources/cloudflare_access_policy/resource.tf b/examples/resources/cloudflare_access_policy/resource.tf index 2ec5d95add..4a3d00850f 100644 --- a/examples/resources/cloudflare_access_policy/resource.tf +++ b/examples/resources/cloudflare_access_policy/resource.tf @@ -1,8 +1,8 @@ # Allowing access to `test@example.com` email address only resource "cloudflare_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -16,9 +16,9 @@ resource "cloudflare_access_policy" "test_policy" { # Allowing `test@example.com` to access but only when coming from a # specific IP. resource "cloudflare_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -32,10 +32,10 @@ resource "cloudflare_access_policy" "test_policy" { # Access policy for an infrastructure application resource "cloudflare_access_policy" "infra-app-example-allow" { application_id = cloudflare_zero_trust_access_application.infra-app-example.id - account_id = "0da42c8d2132a9ddaf714f9e7c920711" - name = "infra-app-example-allow" - decision = "allow" - precedence = 1 + account_id = "f037e56e89293a057740de681ac9abbe" + name = "infra-app-example-allow" + decision = "allow" + precedence = 1 include { email = ["devuser@gmail.com"] @@ -50,15 +50,15 @@ resource "cloudflare_access_policy" "infra-app-example-allow" { # Infrastructure application configuration for infra-app-example-allow resource "cloudflare_zero_trust_access_application" "infra-app-example" { - account_id = "0da42c8d2132a9ddaf714f9e7c920711" + account_id = "f037e56e89293a057740de681ac9abbe" name = "infra-app" type = "infrastructure" - + target_criteria { port = 22 protocol = "SSH" target_attributes { - name = "hostname" + name = "hostname" values = ["tfgo-tests-useast", "tfgo-tests-uswest"] } } diff --git a/examples/resources/cloudflare_healthcheck/resource.tf b/examples/resources/cloudflare_healthcheck/resource.tf index 85637211b5..a273abfe20 100644 --- a/examples/resources/cloudflare_healthcheck/resource.tf +++ b/examples/resources/cloudflare_healthcheck/resource.tf @@ -1,53 +1,53 @@ # HTTPS Healthcheck resource "cloudflare_healthcheck" "http_health_check" { - zone_id = var.cloudflare_zone_id - name = "http-health-check" + zone_id = var.cloudflare_zone_id + name = "http-health-check" description = "example http health check" - address = "example.com" - suspended = false + address = "example.com" + suspended = false check_regions = [ "WEU", "EEU" ] - type = "HTTPS" - port = 443 - method = "GET" - path = "/health" + type = "HTTPS" + port = 443 + method = "GET" + path = "/health" expected_body = "alive" expected_codes = [ "2xx", "301" ] follow_redirects = true - allow_insecure = false + allow_insecure = false header { header = "Host" values = ["example.com"] } - timeout = 10 - retries = 2 - interval = 60 - consecutive_fails = 3 + timeout = 10 + retries = 2 + interval = 60 + consecutive_fails = 3 consecutive_successes = 2 } # TCP Healthcheck resource "cloudflare_healthcheck" "tcp_health_check" { - zone_id = var.cloudflare_zone_id - name = "tcp-health-check" + zone_id = var.cloudflare_zone_id + name = "tcp-health-check" description = "example tcp health check" - address = "example.com" - suspended = false + address = "example.com" + suspended = false check_regions = [ "WEU", "EEU" ] - type = "TCP" - port = 22 - method = "connection_established" - timeout = 10 - retries = 2 - interval = 60 - consecutive_fails = 3 + type = "TCP" + port = 22 + method = "connection_established" + timeout = 10 + retries = 2 + interval = 60 + consecutive_fails = 3 consecutive_successes = 2 } diff --git a/examples/resources/cloudflare_infrastructure_access_target/resource.tf b/examples/resources/cloudflare_infrastructure_access_target/resource.tf index fe533cf51c..ab1ed1303f 100644 --- a/examples/resources/cloudflare_infrastructure_access_target/resource.tf +++ b/examples/resources/cloudflare_infrastructure_access_target/resource.tf @@ -1,25 +1,25 @@ resource "cloudflare_infrastructure_access_target" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - hostname = "example-target" - ip = { - ipv4 = { - ip_addr = "210.26.29.230" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - ipv6 = { - ip_addr = "24c0:64e8:f0b4:8dbf:7104:72b0:ef8f:f5e0" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - } + hostname = "example-target" + ip = { + ipv4 = { + ip_addr = "198.51.100.1" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + ipv6 = { + ip_addr = "2001:db8::" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + } } resource "cloudflare_infrastructure_access_target" "ipv4_only_example" { account_id = "f037e56e89293a057740de681ac9abbe" - hostname = "example-ipv4-only" - ip = { - ipv4 = { - ip_addr = "210.26.29.230" - virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" - } - } + hostname = "example-ipv4-only" + ip = { + ipv4 = { + ip_addr = "198.51.100.1" + virtual_network_id = "238dccd1-149b-463d-8228-560ab83a54fd" + } + } } diff --git a/examples/resources/cloudflare_list/resource.tf b/examples/resources/cloudflare_list/resource.tf index 631ed9fd47..ddc92620ea 100644 --- a/examples/resources/cloudflare_list/resource.tf +++ b/examples/resources/cloudflare_list/resource.tf @@ -69,7 +69,7 @@ resource "cloudflare_list" "example" { item { value { - asn = 989 + asn = 989 } comment = "two" } diff --git a/examples/resources/cloudflare_list_item/resource.tf b/examples/resources/cloudflare_list_item/resource.tf index c4a3115677..a4b6a1da48 100644 --- a/examples/resources/cloudflare_list_item/resource.tf +++ b/examples/resources/cloudflare_list_item/resource.tf @@ -47,7 +47,7 @@ resource "cloudflare_list_item" "example_asn_item" { account_id = "f037e56e89293a057740de681ac9abbe" list_id = cloudflare_list.example_asn_list.id comment = "List Item Comment" - asn = 6789 + asn = 6789 } # Hostname List diff --git a/examples/resources/cloudflare_observatory_scheduled_test/resource.tf b/examples/resources/cloudflare_observatory_scheduled_test/resource.tf index ff37357363..efc5d246b6 100644 --- a/examples/resources/cloudflare_observatory_scheduled_test/resource.tf +++ b/examples/resources/cloudflare_observatory_scheduled_test/resource.tf @@ -1,7 +1,7 @@ resource "cloudflare_observatory_scheduled_test" "example" { - zone_id = "0da42c8d2132a9ddaf714f9e7c920711" - url = "example.com" - region = "us-central1" + zone_id = "0da42c8d2132a9ddaf714f9e7c920711" + url = "example.com" + region = "us-central1" frequency = "WEEKLY" } diff --git a/examples/resources/cloudflare_ruleset/resource.tf b/examples/resources/cloudflare_ruleset/resource.tf index 789d4ef365..fbed325d81 100644 --- a/examples/resources/cloudflare_ruleset/resource.tf +++ b/examples/resources/cloudflare_ruleset/resource.tf @@ -275,7 +275,7 @@ resource "cloudflare_ruleset" "cache_settings_example" { include = ["habc", "hdef"] check_presence = ["habc_t", "hdef_t"] exclude_origin = true - contains = { + contains = { "accept" = ["image/webp", "image/png"] "accept-encoding" = ["br", "zstd"] "some-header" = ["some-value", "some-other-value"] @@ -295,7 +295,7 @@ resource "cloudflare_ruleset" "cache_settings_example" { } } cache_reserve = { - eligible = true + eligible = true minimum_file_size = 100000 } origin_error_page_passthru = false diff --git a/examples/resources/cloudflare_teams_account/resource.tf b/examples/resources/cloudflare_teams_account/resource.tf index 093e49b91a..badbb91c09 100644 --- a/examples/resources/cloudflare_teams_account/resource.tf +++ b/examples/resources/cloudflare_teams_account/resource.tf @@ -30,10 +30,10 @@ resource "cloudflare_teams_account" "example" { } proxy { - tcp = true - udp = true - root_ca = true - virtual_ip = false + tcp = true + udp = true + root_ca = true + virtual_ip = false disable_for_time = 3600 } diff --git a/examples/resources/cloudflare_tunnel_virtual_network/resource.tf b/examples/resources/cloudflare_tunnel_virtual_network/resource.tf index ad0f35790f..bf92251106 100644 --- a/examples/resources/cloudflare_tunnel_virtual_network/resource.tf +++ b/examples/resources/cloudflare_tunnel_virtual_network/resource.tf @@ -1,5 +1,5 @@ resource "cloudflare_tunnel_virtual_network" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - name = "vnet-for-documentation" - comment = "New tunnel virtual network for documentation" + name = "vnet-for-documentation" + comment = "New tunnel virtual network for documentation" } \ No newline at end of file diff --git a/examples/resources/cloudflare_waiting_room/resource.tf b/examples/resources/cloudflare_waiting_room/resource.tf index f2c87dc46d..c02d85ea0b 100644 --- a/examples/resources/cloudflare_waiting_room/resource.tf +++ b/examples/resources/cloudflare_waiting_room/resource.tf @@ -17,7 +17,7 @@ resource "cloudflare_waiting_room" "example" { host = "shop2.example.com" } - queueing_status_code = 200 + queueing_status_code = 200 enabled_origin_commands = ["revoke"] } diff --git a/examples/resources/cloudflare_waiting_room_event/resource.tf b/examples/resources/cloudflare_waiting_room_event/resource.tf index f71fa93c7f..a6d27c4c2c 100644 --- a/examples/resources/cloudflare_waiting_room_event/resource.tf +++ b/examples/resources/cloudflare_waiting_room_event/resource.tf @@ -1,8 +1,8 @@ # Waiting Room Event resource "cloudflare_waiting_room_event" "example" { - zone_id = "0da42c8d2132a9ddaf714f9e7c920711" - waiting_room_id = "d41d8cd98f00b204e9800998ecf8427e" - name = "foo" - event_start_time = "2006-01-02T15:04:05Z" - event_end_time = "2006-01-02T20:04:05Z" + zone_id = "0da42c8d2132a9ddaf714f9e7c920711" + waiting_room_id = "d41d8cd98f00b204e9800998ecf8427e" + name = "foo" + event_start_time = "2006-01-02T15:04:05Z" + event_end_time = "2006-01-02T20:04:05Z" } \ No newline at end of file diff --git a/examples/resources/cloudflare_zero_trust_access_application/resource.tf b/examples/resources/cloudflare_zero_trust_access_application/resource.tf index c78fb8160c..9899a308eb 100644 --- a/examples/resources/cloudflare_zero_trust_access_application/resource.tf +++ b/examples/resources/cloudflare_zero_trust_access_application/resource.tf @@ -5,9 +5,9 @@ resource "cloudflare_zero_trust_access_application" "staging_app" { type = "self_hosted" session_duration = "24h" auto_redirect_to_identity = false - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] } @@ -18,9 +18,9 @@ resource "cloudflare_zero_trust_access_application" "staging_app" { domain = "staging.example.com" type = "self_hosted" session_duration = "24h" - policies = [ - cloudflare_access_policy.example_1.id, - cloudflare_access_policy.example_2.id + policies = [ + cloudflare_access_policy.example_1.id, + cloudflare_access_policy.example_2.id ] cors_headers { allowed_methods = ["GET", "POST", "OPTIONS"] diff --git a/examples/resources/cloudflare_zero_trust_access_policy/resource.tf b/examples/resources/cloudflare_zero_trust_access_policy/resource.tf index 08f6477bdd..0267f5a98f 100644 --- a/examples/resources/cloudflare_zero_trust_access_policy/resource.tf +++ b/examples/resources/cloudflare_zero_trust_access_policy/resource.tf @@ -1,8 +1,8 @@ # Allowing access to `test@example.com` email address only resource "cloudflare_zero_trust_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] @@ -16,9 +16,9 @@ resource "cloudflare_zero_trust_access_policy" "test_policy" { # Allowing `test@example.com` to access but only when coming from a # specific IP. resource "cloudflare_zero_trust_access_policy" "test_policy" { - account_id = "f037e56e89293a057740de681ac9abbe" - name = "staging policy" - decision = "allow" + account_id = "f037e56e89293a057740de681ac9abbe" + name = "staging policy" + decision = "allow" include { email = ["test@example.com"] diff --git a/examples/resources/cloudflare_zero_trust_gateway_settings/resource.tf b/examples/resources/cloudflare_zero_trust_gateway_settings/resource.tf index 5638bb46f0..d3c06acc05 100644 --- a/examples/resources/cloudflare_zero_trust_gateway_settings/resource.tf +++ b/examples/resources/cloudflare_zero_trust_gateway_settings/resource.tf @@ -30,10 +30,10 @@ resource "cloudflare_zero_trust_gateway_settings" "example" { } proxy { - tcp = true - udp = true - root_ca = true - virtual_ip = false + tcp = true + udp = true + root_ca = true + virtual_ip = false disable_for_time = 3600 } diff --git a/examples/resources/cloudflare_zero_trust_tunnel_virtual_network/resource.tf b/examples/resources/cloudflare_zero_trust_tunnel_virtual_network/resource.tf index 8902165b37..a768cc2811 100644 --- a/examples/resources/cloudflare_zero_trust_tunnel_virtual_network/resource.tf +++ b/examples/resources/cloudflare_zero_trust_tunnel_virtual_network/resource.tf @@ -1,5 +1,5 @@ resource "cloudflare_zero_trust_tunnel_virtual_network" "example" { account_id = "f037e56e89293a057740de681ac9abbe" - name = "vnet-for-documentation" - comment = "New tunnel virtual network for documentation" + name = "vnet-for-documentation" + comment = "New tunnel virtual network for documentation" } \ No newline at end of file diff --git a/internal/framework/service/dcv_delegation/data_source_test.go b/internal/framework/service/dcv_delegation/data_source_test.go index 9753a2b444..a6b6e9b380 100644 --- a/internal/framework/service/dcv_delegation/data_source_test.go +++ b/internal/framework/service/dcv_delegation/data_source_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -21,7 +22,7 @@ func TestAccCloudflareDCVDelegationDataSource(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.cloudflare_dcv_delegation.test", "id"), resource.TestCheckResourceAttrSet("data.cloudflare_dcv_delegation.test", "hostname"), - resource.TestCheckResourceAttrSet("data.cloudflare_dcv_delegation.test", "zone_id"), + resource.TestCheckResourceAttrSet("data.cloudflare_dcv_delegation.test", consts.ZoneIDSchemaKey), ), }, }, diff --git a/internal/framework/service/dlp_datasets/data_source_test.go b/internal/framework/service/dlp_datasets/data_source_test.go index cf698ca482..cce6dc1825 100644 --- a/internal/framework/service/dlp_datasets/data_source_test.go +++ b/internal/framework/service/dlp_datasets/data_source_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -19,7 +20,7 @@ func TestAccCloudflareDLPDatasets_DataSource(t *testing.T) { { Config: testAccCheckCloudflareDlpDatasetsDataSourceConfig(accountID), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet("data.cloudflare_dlp_datasets.my_datasets", "account_id"), + resource.TestCheckResourceAttrSet("data.cloudflare_dlp_datasets.my_datasets", consts.AccountIDSchemaKey), ), }, }, diff --git a/internal/framework/service/gateway_app_types/data_source_test.go b/internal/framework/service/gateway_app_types/data_source_test.go index 132419ec37..f1d788f949 100644 --- a/internal/framework/service/gateway_app_types/data_source_test.go +++ b/internal/framework/service/gateway_app_types/data_source_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -19,7 +20,7 @@ func TestAccCloudflareGatewayAppTypes_DataSource(t *testing.T) { { Config: testAccCheckCloudflareGatewayAppTypesDataSourceConfig(accountID), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet("data.cloudflare_gateway_app_types.my_app_types", "account_id"), + resource.TestCheckResourceAttrSet("data.cloudflare_gateway_app_types.my_app_types", consts.AccountIDSchemaKey), resource.TestCheckResourceAttrSet("data.cloudflare_gateway_app_types.my_app_types", "app_types.#"), ), }, diff --git a/internal/framework/service/gateway_categories/data_source_test.go b/internal/framework/service/gateway_categories/data_source_test.go index e8cf0919b2..8d6320cb8d 100644 --- a/internal/framework/service/gateway_categories/data_source_test.go +++ b/internal/framework/service/gateway_categories/data_source_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -23,7 +24,7 @@ func TestAccCloudflareGatewayCategories_DataSource(t *testing.T) { { Config: testAccCheckCloudflareGatewayCategoriesDataSourceConfig(accountID), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet("data.cloudflare_gateway_categories.my_categories", "account_id"), + resource.TestCheckResourceAttrSet("data.cloudflare_gateway_categories.my_categories", consts.AccountIDSchemaKey), resource.TestCheckResourceAttrSet("data.cloudflare_gateway_categories.my_categories", "categories.#"), ), }, diff --git a/internal/framework/service/hyperdrive_config/resource_test.go b/internal/framework/service/hyperdrive_config/resource_test.go index 7da932433a..e4e6c41a0e 100644 --- a/internal/framework/service/hyperdrive_config/resource_test.go +++ b/internal/framework/service/hyperdrive_config/resource_test.go @@ -9,6 +9,7 @@ import ( cfv1 "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/cloudflare/terraform-provider-cloudflare/internal/utils" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-plugin-testing/helper/resource" @@ -113,7 +114,7 @@ func TestAccCloudflareHyperdriveConfig_Basic(t *testing.T) { return nil }, resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckResourceAttr(resourceName, "origin.port", databasePort), @@ -146,7 +147,7 @@ func TestAccCloudflareHyperdriveConfig_Basic(t *testing.T) { ), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", updatedName), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckResourceAttr(resourceName, "origin.port", databasePort), @@ -207,7 +208,7 @@ func TestAccCloudflareHyperdriveConfig_CachingSettings(t *testing.T) { ), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckResourceAttr(resourceName, "origin.port", databasePort), @@ -293,7 +294,7 @@ func TestAccCloudflareHyperdriveConfig_HyperdriveOverAccess(t *testing.T) { return nil }, resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckNoResourceAttr(resourceName, "origin.port"), @@ -324,7 +325,7 @@ func TestAccCloudflareHyperdriveConfig_HyperdriveOverAccess(t *testing.T) { ), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", updatedName), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckNoResourceAttr(resourceName, "origin.port"), @@ -378,7 +379,7 @@ func TestAccCloudflareHyperdriveConfig_Minimum(t *testing.T) { ), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "origin.database", databaseName), resource.TestCheckResourceAttr(resourceName, "origin.host", databaseHostname), resource.TestCheckResourceAttr(resourceName, "origin.port", databasePort), diff --git a/internal/framework/service/infrastructure_access_target/data_source_test.go b/internal/framework/service/infrastructure_access_target/data_source_test.go index 878363bf81..b84c8c122d 100644 --- a/internal/framework/service/infrastructure_access_target/data_source_test.go +++ b/internal/framework/service/infrastructure_access_target/data_source_test.go @@ -24,7 +24,7 @@ func TestAccCloudflareInfrastructureAccessTarget_DataSource(t *testing.T) { resource.TestCheckNoResourceAttr("data.cloudflare_infrastructure_access_targets."+rnd1, "ip.ipv6"), resource.TestCheckResourceAttr("cloudflare_infrastructure_access_target."+rnd1, "hostname", rnd1), - resource.TestCheckResourceAttr("cloudflare_infrastructure_access_target."+rnd1, "ip.ipv4.ip_addr", "250.26.29.250"), + resource.TestCheckResourceAttr("cloudflare_infrastructure_access_target."+rnd1, "ip.ipv4.ip_addr", "198.51.100.1"), resource.TestCheckResourceAttr("cloudflare_infrastructure_access_target."+rnd1, "ip.ipv4.virtual_network_id", "b9c90134-52de-4903-81e8-004a3a06b435"), ), }, @@ -40,7 +40,7 @@ resource "cloudflare_infrastructure_access_target" "%[2]s" { hostname = "%[2]s" ip = { ipv4 = { - ip_addr = "250.26.29.250", + ip_addr = "198.51.100.1", virtual_network_id = "b9c90134-52de-4903-81e8-004a3a06b435" } } diff --git a/internal/framework/service/infrastructure_access_target/resource_test.go b/internal/framework/service/infrastructure_access_target/resource_test.go index 9904d366f9..aeb40c3815 100644 --- a/internal/framework/service/infrastructure_access_target/resource_test.go +++ b/internal/framework/service/infrastructure_access_target/resource_test.go @@ -59,7 +59,7 @@ func TestAccCloudflareInfrastructureAccessTarget_Basic(t *testing.T) { Config: testAccCloudflareInfrastructureAccessTargetCreate(accID, rnd), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "hostname", rnd), - resource.TestCheckResourceAttr(resourceName, "ip.ipv4.ip_addr", "250.26.29.250"), + resource.TestCheckResourceAttr(resourceName, "ip.ipv4.ip_addr", "198.51.100.1"), resource.TestCheckNoResourceAttr(resourceName, "ip.ipv6"), ), }, @@ -68,8 +68,8 @@ func TestAccCloudflareInfrastructureAccessTarget_Basic(t *testing.T) { Config: testAccCloudflareInfrastructureAccessTargetUpdate(accID, rnd), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "hostname", rnd+"-updated"), - resource.TestCheckResourceAttr(resourceName, "ip.ipv4.ip_addr", "250.26.29.250"), - resource.TestCheckResourceAttr(resourceName, "ip.ipv6.ip_addr", "64c0:64e8:f0b4:8dbf:7104:72b0:ec8f:f5e0"), + resource.TestCheckResourceAttr(resourceName, "ip.ipv4.ip_addr", "198.51.100.1"), + resource.TestCheckResourceAttr(resourceName, "ip.ipv6.ip_addr", "2001:db8::"), resource.TestCheckResourceAttr(resourceName, "ip.ipv6.virtual_network_id", "01920a8c-dc14-7bb2-b67b-14c858494a54"), ), }, @@ -84,7 +84,7 @@ resource "cloudflare_infrastructure_access_target" "%[2]s" { hostname = "%[2]s" ip = { ipv4 = { - ip_addr = "250.26.29.250" + ip_addr = "198.51.100.1" virtual_network_id = "01920a8c-dc14-7bb2-b67b-14c858494a54" } } @@ -98,11 +98,11 @@ resource "cloudflare_infrastructure_access_target" "%[2]s" { hostname = "%[2]s-updated" ip = { ipv4 = { - ip_addr = "250.26.29.250" + ip_addr = "198.51.100.1" virtual_network_id = "01920a8c-dc14-7bb2-b67b-14c858494a54" }, ipv6 = { - ip_addr = "64c0:64e8:f0b4:8dbf:7104:72b0:ec8f:f5e0" + ip_addr = "2001:db8::" virtual_network_id = "01920a8c-dc14-7bb2-b67b-14c858494a54" } } diff --git a/internal/framework/service/infrastructure_access_target/schema.go b/internal/framework/service/infrastructure_access_target/schema.go index 6a281a4609..4606a6708a 100644 --- a/internal/framework/service/infrastructure_access_target/schema.go +++ b/internal/framework/service/infrastructure_access_target/schema.go @@ -98,23 +98,23 @@ func (d *InfrastructureAccessTargetDataSource) Schema(ctx context.Context, req d }, "hostname": dschema.StringAttribute{ Optional: true, - Description: "The name of the app type.", + Description: "The hostname of the target.", }, "hostname_contains": dschema.StringAttribute{ Optional: true, - Description: "The name of the app type.", + Description: "Partial match to the hostname of a target", }, "ipv4": dschema.StringAttribute{ Optional: true, - Description: "The name of the app type.", + Description: "The target's IPv4 address.", }, "ipv6": dschema.StringAttribute{ Optional: true, - Description: "The name of the app type.", + Description: "The target's IPv6 address.", }, "virtual_network_id": dschema.StringAttribute{ Optional: true, - Description: "The name of the app type.", + Description: "The private virtual network identifier for the target.", }, "created_after": dschema.StringAttribute{ Optional: true, diff --git a/internal/framework/service/list_item/schema.go b/internal/framework/service/list_item/schema.go index dc3514f277..bc7b0de2d9 100644 --- a/internal/framework/service/list_item/schema.go +++ b/internal/framework/service/list_item/schema.go @@ -3,6 +3,7 @@ package list_item import ( "context" "fmt" + "github.com/MakeNowJust/heredoc/v2" "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/cloudflare/terraform-provider-cloudflare/internal/utils" diff --git a/internal/framework/service/turnstile/resource_test.go b/internal/framework/service/turnstile/resource_test.go index 94dc63f334..f476c9a434 100644 --- a/internal/framework/service/turnstile/resource_test.go +++ b/internal/framework/service/turnstile/resource_test.go @@ -8,6 +8,7 @@ import ( cfv1 "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/cloudflare/terraform-provider-cloudflare/internal/utils" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -58,7 +59,7 @@ func TestAccCloudflareTurnstileWidget_Basic(t *testing.T) { Config: testAccCheckCloudflareTurnstileWidgetBasic(rnd, accountID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "bot_fight_mode", "false"), resource.TestCheckResourceAttr(resourceName, "domains.#", "1"), resource.TestCheckResourceAttr(resourceName, "domains.0", "example.com"), @@ -90,7 +91,7 @@ func TestAccCloudflareTurnstileWidget_Minimum(t *testing.T) { Config: testAccCheckCloudflareTurnstileWidgetMinimum(rnd, accountID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "bot_fight_mode", "false"), resource.TestCheckResourceAttr(resourceName, "domains.#", "1"), resource.TestCheckResourceAttr(resourceName, "domains.0", "example.com"), @@ -122,7 +123,7 @@ func TestAccCloudflareTurnstileWidget_NoDomains(t *testing.T) { Config: testAccCheckCloudflareTurnstileWidgetNoDomains(rnd, accountID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "bot_fight_mode", "false"), resource.TestCheckResourceAttr(resourceName, "domains.#", "0"), resource.TestCheckResourceAttr(resourceName, "mode", "managed"), diff --git a/internal/framework/service/user/data_source_test.go b/internal/framework/service/user/data_source_test.go index 54f0de29cb..9ee84c9d99 100644 --- a/internal/framework/service/user/data_source_test.go +++ b/internal/framework/service/user/data_source_test.go @@ -1,10 +1,11 @@ package user_test import ( - "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" - "github.com/hashicorp/terraform-plugin-testing/helper/resource" "os" "testing" + + "github.com/cloudflare/terraform-provider-cloudflare/internal/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) func TestAccCloudflareUserDataSource(t *testing.T) { diff --git a/internal/framework/service/user/schema.go b/internal/framework/service/user/schema.go index efd3351bf4..c14e23faa0 100644 --- a/internal/framework/service/user/schema.go +++ b/internal/framework/service/user/schema.go @@ -2,6 +2,7 @@ package user import ( "context" + "github.com/hashicorp/terraform-plugin-framework/datasource" "github.com/hashicorp/terraform-plugin-framework/datasource/schema" ) diff --git a/internal/sdkv2provider/resource_cloudflare_access_identity_provider_test.go b/internal/sdkv2provider/resource_cloudflare_access_identity_provider_test.go index f05e857024..27b3b692ba 100644 --- a/internal/sdkv2provider/resource_cloudflare_access_identity_provider_test.go +++ b/internal/sdkv2provider/resource_cloudflare_access_identity_provider_test.go @@ -220,7 +220,7 @@ func TestAccCloudflareAccessIdentityProvider_AzureAD(t *testing.T) { { Config: testAccCheckCloudflareAccessIdentityProviderAzureAD(accountID, rnd), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(resourceName, "name", rnd), resource.TestCheckResourceAttr(resourceName, "type", "azureAD"), resource.TestCheckResourceAttr(resourceName, "config.0.client_id", "test"), diff --git a/internal/sdkv2provider/resource_cloudflare_account_member_test.go b/internal/sdkv2provider/resource_cloudflare_account_member_test.go index c42e2f7f78..87367dc0ab 100644 --- a/internal/sdkv2provider/resource_cloudflare_account_member_test.go +++ b/internal/sdkv2provider/resource_cloudflare_account_member_test.go @@ -65,7 +65,7 @@ func TestAccCloudflareAccountMember_DirectAdd(t *testing.T) { { Config: testCloudflareAccountMemberDirectAdd(rnd, "millie@cloudflare.com", accountID), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "email_address", "millie@cloudflare.com"), resource.TestCheckResourceAttr(name, "role_ids.#", "1"), resource.TestCheckResourceAttr(name, "role_ids.0", "05784afa30c1afe1440e79d9351c7430"), diff --git a/internal/sdkv2provider/resource_cloudflare_api_shield_operation.go b/internal/sdkv2provider/resource_cloudflare_api_shield_operation.go index c91eac158a..8f81ebc43d 100644 --- a/internal/sdkv2provider/resource_cloudflare_api_shield_operation.go +++ b/internal/sdkv2provider/resource_cloudflare_api_shield_operation.go @@ -3,6 +3,7 @@ package sdkv2provider import ( "context" "fmt" + "github.com/pkg/errors" "github.com/MakeNowJust/heredoc/v2" diff --git a/internal/sdkv2provider/resource_cloudflare_device_dex_tests_test.go b/internal/sdkv2provider/resource_cloudflare_device_dex_tests_test.go index 98022be182..2390f65eaf 100644 --- a/internal/sdkv2provider/resource_cloudflare_device_dex_tests_test.go +++ b/internal/sdkv2provider/resource_cloudflare_device_dex_tests_test.go @@ -4,6 +4,7 @@ import ( "fmt" "testing" + "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" "github.com/hashicorp/terraform-plugin-testing/helper/resource" ) @@ -20,7 +21,7 @@ func TestAccCloudflareDeviceDexTest_Traceroute(t *testing.T) { { Config: testAccCloudflareDeviceDexTestsTraceroute(accountID, rnd), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "name", rnd), resource.TestCheckResourceAttr(name, "description", rnd), resource.TestCheckResourceAttr(name, "interval", "0h30m0s"), @@ -46,7 +47,7 @@ func TestAccCloudflareDeviceDexTest_TracerouteIPv4(t *testing.T) { { Config: testAccCloudflareDeviceDexTestsTracerouteIpv4(accountID, rnd), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "name", rnd), resource.TestCheckResourceAttr(name, "description", rnd), resource.TestCheckResourceAttr(name, "interval", "0h30m0s"), @@ -72,7 +73,7 @@ func TestAccCloudflareDeviceDexTest_HTTP(t *testing.T) { { Config: testAccCloudflareDeviceDexTestsHttp(accountID, rnd), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "name", rnd), resource.TestCheckResourceAttr(name, "description", rnd), resource.TestCheckResourceAttr(name, "interval", "0h30m0s"), diff --git a/internal/sdkv2provider/resource_cloudflare_dlp_profile_test.go b/internal/sdkv2provider/resource_cloudflare_dlp_profile_test.go index 438ff2cd01..101346ba38 100644 --- a/internal/sdkv2provider/resource_cloudflare_dlp_profile_test.go +++ b/internal/sdkv2provider/resource_cloudflare_dlp_profile_test.go @@ -92,7 +92,7 @@ func TestAccCloudflareDLPProfile_CustomWithAllowedMatchCount(t *testing.T) { { Config: testAccCloudflareDLPProfileConfigCustomWithAllowedMatchCount(accountID, rnd, "custom profile", 42), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "name", rnd), resource.TestCheckResourceAttr(name, "description", "custom profile"), resource.TestCheckResourceAttr(name, "allowed_match_count", "42"), @@ -120,7 +120,7 @@ func TestAccCloudflareDLPProfile_CustomWithOCREnabled(t *testing.T) { { Config: testAccCloudflareDLPProfileConfigCustomWithOCREnabled(accountID, rnd, "custom profile", true), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(name, "account_id", accountID), + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), resource.TestCheckResourceAttr(name, "name", rnd), resource.TestCheckResourceAttr(name, "description", "custom profile"), resource.TestCheckResourceAttr(name, "allowed_match_count", "0"), diff --git a/internal/sdkv2provider/resource_cloudflare_queue_test.go b/internal/sdkv2provider/resource_cloudflare_queue_test.go index 7e4425784f..0e456bc794 100644 --- a/internal/sdkv2provider/resource_cloudflare_queue_test.go +++ b/internal/sdkv2provider/resource_cloudflare_queue_test.go @@ -60,14 +60,14 @@ func TestAccCloudflareQueue_Basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckCloudflareQueueExists(rnd, &queue), resource.TestCheckResourceAttr(resourceName, "name", rnd), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), ), }, { Config: testAccCheckCloudflareQueue(rnd, accountID, rnd+"-updated"), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", rnd+"-updated"), - resource.TestCheckResourceAttr(resourceName, "account_id", accountID), + resource.TestCheckResourceAttr(resourceName, consts.AccountIDSchemaKey, accountID), ), }, { diff --git a/internal/sdkv2provider/resource_cloudflare_regional_hostname.go b/internal/sdkv2provider/resource_cloudflare_regional_hostname.go index 80ca31b5a7..af463bb89c 100644 --- a/internal/sdkv2provider/resource_cloudflare_regional_hostname.go +++ b/internal/sdkv2provider/resource_cloudflare_regional_hostname.go @@ -3,10 +3,11 @@ package sdkv2provider import ( "context" "errors" + "time" + "github.com/MakeNowJust/heredoc/v2" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/terraform-provider-cloudflare/internal/consts" - "time" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" diff --git a/internal/sdkv2provider/schema_cloudflare_access_application.go b/internal/sdkv2provider/schema_cloudflare_access_application.go index f89487b0b2..e73632b2f9 100644 --- a/internal/sdkv2provider/schema_cloudflare_access_application.go +++ b/internal/sdkv2provider/schema_cloudflare_access_application.go @@ -416,7 +416,7 @@ func resourceCloudflareAccessApplicationSchema() map[string]*schema.Schema { "target_criteria": { Type: schema.TypeList, Optional: true, - Description: "A list of mappings to apply to SCIM resources before provisioning them in this application. These can transform or filter the resources to be provisioned.", + Description: "The payload for an infrastructure application which defines the port, protocol, and target attributes. Only applicable to Infrastructure Applications, in which case this field is required.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "port": { diff --git a/internal/sdkv2provider/schema_cloudflare_access_policy.go b/internal/sdkv2provider/schema_cloudflare_access_policy.go index 787d009719..328748e168 100644 --- a/internal/sdkv2provider/schema_cloudflare_access_policy.go +++ b/internal/sdkv2provider/schema_cloudflare_access_policy.go @@ -107,7 +107,7 @@ func resourceCloudflareAccessPolicySchema() map[string]*schema.Schema { Type: schema.TypeList, Optional: true, MaxItems: 1, - Description: "The rules that define how users may connect to the targets secured by your application.", + Description: "The rules that define how users may connect to the targets secured by your application. Only applicable to Infrastructure Applications, in which case this field is required.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "ssh": {