cloudflare · nayaabahsan · Jan 19, 2021 · Dec 2, 2020 · Dec 2, 2020 · Dec 2, 2020
@@ -9,7 +9,7 @@ When Terraform makes calls to Cloudflare's API to create new resources as illust
 
 If you've configured Cloudflare through other means, e.g., by logging into the Cloudflare Dashboard or making `curl` calls to api.cloudflare.com, Terraform does not (yet) have these resource IDs in the state file. To manage this preexisting configuration you will need to first i) reproduce the configuration in your config file and; ii) import resources one-by-one by providing their IDs and resource names.
 
-## Introducing Cf-Teraforming
+## Introducing Cf-Terraforming
 
 To help with this process, we have published a library called [cf-terraforming](https://github.com/cloudflare/cf-terraforming). Our goal with cf-terraforming is to make it easy for existing Cloudflare customers to get going with Terraform. Currently, cf-terraforming helps to generate terraform config state by fetching all the resources of a specified type from the account and/or zone of your choosing. Let's try it out.
 
@@ -25,26 +25,26 @@ You can use `cf-terraforming` or `cf-terraforming -h` to view the help file, but
 
 The list of supported resources currently are:
 
-* [access_application](https://www.terraform.io/docs/providers/cloudflare/r/access_application.html)
-* [access_policy](https://www.terraform.io/docs/providers/cloudflare/r/access_policy.html)
-* [access_rule](https://www.terraform.io/docs/providers/cloudflare/r/access_rule.html)
-* [account_member](https://www.terraform.io/docs/providers/cloudflare/r/account_member.html)
-* [custom_pages](https://www.terraform.io/docs/providers/cloudflare/r/custom_pages.html)
-* [filter](https://www.terraform.io/docs/providers/cloudflare/r/filter.html)
-* [firewall_rule](https://www.terraform.io/docs/providers/cloudflare/r/firewall_rule.html)
-* [load_balancer](https://www.terraform.io/docs/providers/cloudflare/r/load_balancer.html)
-* [load_balancer_monitor](https://www.terraform.io/docs/providers/cloudflare/r/load_balancer_monitor.html)
-* [load_balancer_pool](https://www.terraform.io/docs/providers/cloudflare/r/load_balancer_pool.html)
-* [page_rule](https://www.terraform.io/docs/providers/cloudflare/r/page_rule.html)
-* [rate_limit](https://www.terraform.io/docs/providers/cloudflare/r/rate_limit.html)
-* [record](https://www.terraform.io/docs/providers/cloudflare/r/record.html)
-* [spectrum_application](https://www.terraform.io/docs/providers/cloudflare/r/spectrum_application.html)
-* [waf_rule](https://www.terraform.io/docs/providers/cloudflare/r/waf_rule.html)
-* [worker_route](https://www.terraform.io/docs/providers/cloudflare/r/worker_route.html)
-* [worker_script](https://www.terraform.io/docs/providers/cloudflare/r/worker_script.html)
-* [zone](https://www.terraform.io/docs/providers/cloudflare/r/zone.html)
-* [zone_lockdown](https://www.terraform.io/docs/providers/cloudflare/r/zone_lockdown.html)
-* [zone_settings_override](https://www.terraform.io/docs/providers/cloudflare/r/zone_settings_override.html)
+* [access_application](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/access_application)
+* [access_policy](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/access_policy)
+* [access_rule](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/access_rule)
+* [account_member](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/account_member)
+* [custom_pages](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/custom_pages)
+* [filter](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/filter)
+* [firewall_rule](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/firewall_rule)
+* [load_balancer](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/load_balancer)
+* [load_balancer_monitor](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/load_balancer_monitor)
+* [load_balancer_pool](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/load_balancer_pool)
+* [page_rule](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/page_rule)
+* [rate_limit](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/rate_limit)
+* [record](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record)
+* [spectrum_application](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/spectrum_application)
+* [waf_rule](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/waf_rule)
+* [worker_route](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/worker_route)
+* [worker_script](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/worker_script)
+* [zone](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zone)
+* [zone_lockdown](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zone_lockdown)
+* [zone_settings_override](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zone_settings_override)
 
 ## Importing existing Cloudflare resources
 
@@ -76,47 +76,39 @@ If output to standard out, the result would look like the below. In this case we
 
 ```tf
 resource "cloudflare_record" "mitigateddos_net_mitigateddos_net" {
-    domain = "mitigateddos.net"
-
-    name = "mitigateddos.net"
-    type = "A"
-    ttl = "1"
+    zone_id = var.zone_id
+    name    = "@"
+    type    = "A"
+    ttl     = "1"
     proxied = "true"
-
-    value = "1.2.3.4"
+    value   = "192.0.2.1"
 }
 
 resource "cloudflare_record" "mitigateddos_net_www_mitigateddos_net" {
-    domain = "mitigateddos.net"
-
-    name = "www.mitigateddos.net"
-    type = "CNAME"
-    ttl = "1"
+    zone_id = var.zone_id
+    name    = "www"
+    type    = "CNAME"
+    ttl     = "1"
     proxied = "true"
-
-    value = "mitigateddos.net"
+    value   = "mitigateddos.net"
 }
 
 resource "cloudflare_record" "mitigateddos_net_a123_mitigateddos_net" {
-    domain = "mitigateddos.net"
-
-    name = "a123.mitigateddos.net"
-    type = "NS"
-    ttl = "1"
+    zone_id = var.zone_id
+    name    = "a123"
+    type    = "NS"
+    ttl     = "300"
     proxied = "false"
-
-    value = "rafe.ns.cloudflare.com":50
+    value   = "rafe.ns.cloudflare.com"
 }
 
 resource "cloudflare_record" "mitigateddos_net_a123_mitigateddos_net_2" {
-    domain = "mitigateddos.net"
-
-    name = "a123.mitigateddos.net"
-    type = "NS"
-    ttl = "1"
+    zone_id = var.zone_id
+    name    = "a123"
+    type    = "NS"
+    ttl     = "300"
     proxied = "false"
-
-    value = "terin.ns.cloudflare.com"
+    value   = "terin.ns.cloudflare.com"
 }
 ```
 
@@ -147,7 +139,7 @@ Terraform will perform the following actions:
       name:        "a123.mitigateddos.net"
       proxiable:   <computed>
       proxied:     "false"
-      ttl:         "1"
+      ttl:         "300"
       type:        "NS"
       value:       "rafe.ns.cloudflare.com"
       zone_id:     <computed>
@@ -162,7 +154,7 @@ Terraform will perform the following actions:
       name:        "a123.mitigateddos.net"
       proxiable:   <computed>
       proxied:     "false"
-      ttl:         "1"
+      ttl:         "300"
       type:        "NS"
       value:       "terin.ns.cloudflare.com"
       zone_id:     <computed>
@@ -179,7 +171,7 @@ Terraform will perform the following actions:
       proxied:     "true"
       ttl:         "1"
       type:        "A"
-      value:       "185.59.204.191"
+      value:       "192.0.2.1"
       zone_id:     <computed>
 
   + cloudflare_record.mitigateddos_net_www_mitigateddos_net

@@ -22,6 +22,6 @@ See [Installing Terraform](/installing/).
 
 ## Issues
 
-Report Terraform config issues via [GitHub](https://github.com/terraform-providers/terraform-provider-cloudflare/issues).
+Report Terraform config issues via [GitHub](https://github.com/cloudflare/terraform-provider-cloudflare/issues/new/choose).
 
 </ContentColumn>
@@ -16,16 +16,20 @@ First we’ll create a initial Terraform config file. Any files ending in `.tf`
 ```sh
 $ cat > cloudflare.tf <<'EOF'
 provider "cloudflare" {
-  email = "you@example.com"
+  email   = "you@example.com"
   api_key = "your-api-key"
 }
 
+variable "zone_id" {
+  default = "e097e1136dc79bc1149e32a8a6bde5ef"
+}
+
 variable "domain" {
   default = "example.com"
 }
 
 resource "cloudflare_record" "www" {
-  domain  = var.domain
+  zone_id = var.zone_id
   name    = "www"
   value   = "203.0.113.10"
   type    = "A"
@@ -71,10 +75,10 @@ When you run terraform init, any plugins required, such as the Cloudflare Terraf
 ```sh
 $ find .terraform/
 .terraform/
-.terraform//plugins
-.terraform//plugins/darwin_amd64
-.terraform//plugins/darwin_amd64/lock.json
-.terraform//plugins/darwin_amd64/terraform-provider-cloudflare_v1.0.0_x4
+.terraform/plugins
+.terraform/plugins/darwin_amd64
+.terraform/plugins/darwin_amd64/lock.json
+.terraform/plugins/darwin_amd64/terraform-provider-cloudflare_v1.0.0_x4
 ```
 
 ## 3. Reviewing the execution plan
@@ -98,7 +102,7 @@ Terraform will perform the following actions:
   + cloudflare_record.www
       id:          <computed>
       created_on:  <computed>
-      domain:      "example.com"
+      domain:      <computed>
       hostname:    <computed>
       metadata.%:  <computed>
       modified_on: <computed>
@@ -108,7 +112,7 @@ Terraform will perform the following actions:
       ttl:         <computed>
       type:        "A"
       value:       "203.0.113.10"
-      zone_id:     <computed>
+      zone_id:     "e097e1136dc79bc1149e32a8a6bde5ef"
 
 
 Plan: 1 to add, 0 to change, 0 to destroy.
@@ -120,7 +124,7 @@ can’t guarantee that exactly these actions will be performed if
 "terraform apply" is subsequently run.
 ```
 
-As you can see in the above “execution plan”, Terraform is going to create a new DNS record, as requested. Values that you’ve explicitly specified are displayed, e.g., the value of the A record—203.0.113.10—while values that are derived based on other API calls, e.g., looking up the zone_id, or returned after the object is created, are displayed as `<computed>`.
+As you can see in the above “execution plan”, Terraform is going to create a new DNS record, as requested. Values that you’ve explicitly specified are displayed, e.g., the value of the A record—203.0.113.10—while values that are derived based on other API calls, e.g., looking up the `metadata`, or returned after the object is created, are displayed as `<computed>`.
 
 ## 4. Applying your changes
 
@@ -175,7 +179,7 @@ cloudflare_record.www:
   ttl = 1
   type = A
   value = 203.0.113.10
-  zone_id = e2e6391340be87a3726f91fc4148b122
+  zone_id = e097e1136dc79bc1149e32a8a6bde5ef
 ```
 
 ```sh

@@ -19,7 +19,7 @@ Switched to a new branch 'step5-loadbalance'
 
 $ cat >> cloudflare.tf <<'EOF'
 resource "cloudflare_record" "www-asia" {
-  domain  = "${var.domain}"
+  zone_id = var.zone_id
   name    = "www"
   value   = "198.51.100.15"
   type    = "A"
@@ -53,7 +53,7 @@ Resource actions are indicated with the following symbols:
 Terraform will perform the following actions:
 
   + cloudflare_record.www-asia
-      domain:      "example.com"
+      zone_id:     "e097e1136dc79bc1149e32a8a6bde5ef"
       name:        "www"
       proxied:     "true"
       type:        "A"
@@ -151,15 +151,15 @@ Switched to branch 'step5-loadbalance'
 
 $ cat >> cloudflare.tf <<'EOF'
 resource "cloudflare_load_balancer_monitor" "get-root-https" {
-  expected_body = "alive"
+  expected_body  = "alive"
   expected_codes = "200"
-  method = "GET"
-  timeout = 5
-  path = "/"
-  interval = 60
-  retries = 2
-  check_regions = ["WNAM", "ENAM", "WEU", "EEU", "SEAS", "NEAS"]
-  description = "GET / over HTTPS - expect 200"
+  method         = "GET"
+  timeout        = 5
+  path           = "/"
+  interval       = 60
+  retries        = 2
+  check_regions  = ["WNAM", "ENAM", "WEU", "EEU", "SEAS", "NEAS"]
+  description    = "GET / over HTTPS - expect 200"
 }
 EOF
 ```
@@ -173,37 +173,37 @@ Note that we reference the monitor we added in the last step. When applying this
 ```sh
 $ cat >> cloudflare.tf <<'EOF'
 resource "cloudflare_load_balancer_pool" "www-servers" {
-  name = "www-servers"
-  monitor = "${cloudflare_load_balancer_monitor.get-root-https.id}"
+  name    = "www-servers"
+  monitor = cloudflare_load_balancer_monitor.get-root-https.id
   origins {
-    name = "www-us"
+    name    = "www-us"
     address = "203.0.113.10"
   }
   origins {
-    name = "www-asia"
     address = "198.51.100.15"
+    name    = "www-asia"
   }
-  description = "www origins"
-  enabled = true
-  minimum_origins = 1
+  description        = "www origins"
+  enabled            = true
+  minimum_origins    = 1
   notification_email = "you@example.com"
 }
 EOF
 ```
 
 ### iii. Define and create the load balancer
 
-Note that when you create a load balancer (LB), it will [replace any existing DNS records with the same name](https://support.cloudflare.com/hc/en-us/articles/115004954407-How-Does-a-Load-Balancer-Interact-with-Existing-DNS-Records-). For example, when we create the "www.example.com" LB below, it will supersede the two www DNS records that you have previously defined. One benefit of  leaving this DNS records in place is that if you temporarily disable load balancing, connections to this hostname will still be possible as shown in Step #2 above.
+Note that when you create a load balancer (LB), it will [replace any existing DNS records with the same name](https://support.cloudflare.com/hc/en-us/articles/115004954407-How-Does-a-Load-Balancer-Interact-with-Existing-DNS-Records-). For example, when we create the "www.example.com" LB below, it will supersede the two www DNS records that you have previously defined. One benefit of leaving this DNS records in place is that if you temporarily disable load balancing, connections to this hostname will still be possible as shown in Step #2 above.
 
 ```sh
 $ cat >> cloudflare.tf <<'EOF'
 resource "cloudflare_load_balancer" "www-lb" {
-  zone = "example.com"
-  name = "www-lb"
-  default_pool_ids = ["${cloudflare_load_balancer_pool.www-servers.id}"]
-  fallback_pool_id = "${cloudflare_load_balancer_pool.www-servers.id}"
-  description = "example load balancer"
-  proxied = true
+  zone_id          = var.zone_id
+  name             = "www-lb"
+  default_pool_ids = [cloudflare_load_balancer_pool.www-servers.id]
+  fallback_pool_id = cloudflare_load_balancer_pool.www-servers.id
+  description      = "example load balancer"
+  proxied          = true
 }
 EOF
 ```
@@ -236,7 +236,7 @@ Terraform will perform the following actions:
       created_on:                 <computed>
       default_pool_ids.#:         <computed>
       description:                "example load balancer"
-      fallback_pool_id:           "${cloudflare_load_balancer_pool.www-servers.id}"
+      fallback_pool_id:           <computed>
       modified_on:                <computed>
       name:                       "www-lb"
       pop_pools.#:                <computed>
@@ -274,7 +274,7 @@ Terraform will perform the following actions:
       enabled:                    "true"
       minimum_origins:            "1"
       modified_on:                <computed>
-      monitor:                    "${cloudflare_load_balancer_monitor.get-root-https.id}"
+      monitor:                    <computed>
       name:                       "www-servers"
       notification_email:         "you@example.com"
       origins.#:                  "2"