chore(deps): update terraform cloudflare to v4

[slauger]

This PR contains the following updates:

Package	Type	Update	Change
cloudflare (source)	required_provider	major	2.27.0 -> 4.40.0

---

Release Notes

cloudflare/terraform-provider-cloudflare (cloudflare)

v4.40.0

Compare Source

NOTES:

• resource/cloudflare_access_application: deprecated in favour of cloudflare_zero_trust_access_application and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_ca_certificate: deprecated in favour of cloudflare_zero_trust_access_short_lived_certificate and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_custom_page: deprecated in favour of cloudflare_zero_trust_access_custom_page and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_group: deprecated in favour of cloudflare_zero_trust_access_group and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_identity_provider: deprecated in favour of cloudflare_zero_trust_access_identity_provider and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_keys_configuration: deprecated in favour of cloudflare_zero_trust_access_key_configuration and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_mutual_tls_certificate: deprecated in favour of cloudflare_zero_trust_access_mtls_certificate and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_mutual_tls_hostname_settings: deprecated in favour of cloudflare_zero_trust_access_mtls_hostname_settings and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_organization: deprecated in favour of cloudflare_zero_trust_organization and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_policy: deprecated in favour of cloudflare_zero_trust_access_policy and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_service_token: deprecated in favour of cloudflare_zero_trust_access_service_token and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_tag: deprecated in favour of cloudflare_zero_trust_access_tag and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_dex_test: deprecated in favour of cloudflare_zero_trust_dex_test and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_managed_networks: deprecated in favour of cloudflare_zero_trust_device_managed_networks and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_policy_certificates: deprecated in favour of cloudflare_zero_trust_device_certificates and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_posture_integration: deprecated in favour of cloudflare_zero_trust_device_posture_integration and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_posture_rule: deprecated in favour of cloudflare_zero_trust_device_posture_rule and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_settings_policy: deprecated in favour of cloudflare_zero_trust_device_profiles and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_custom_profile: deprecated in favour of cloudflare_zero_trust_dlp_custom_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_predefined_profile: deprecated in favour of cloudflare_zero_trust_dlp_predefined_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_profile: deprecated in favour of cloudflare_zero_trust_dlp_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_fallback_domain: deprecated in favour of cloudflare_zero_trust_local_domain_fallback and will be removed in the next major version. (#​3584)
• resource/cloudflare_gre_tunnel: deprecated in favour of cloudflare_magic_wan_gre_tunnel and will be removed in the next major version. (#​3584)
• resource/cloudflare_ipsec_tunnel: deprecated in favour of cloudflare_magic_wan_ipsec_tunnel and will be removed in the next major version. (#​3584)
• resource/cloudflare_record: fix a bug that prematurely removed the ability to set the deprecated value field. (#​3674)
• resource/cloudflare_risk_behavior: deprecated in favour of cloudflare_zero_trust_risk_behavior and will be removed in the next major version. (#​3584)
• resource/cloudflare_split_tunnel: deprecated in favour of cloudflare_zero_trust_split_tunnels and will be removed in the next major version. (#​3584)
• resource/cloudflare_static_route: deprecated in favour of cloudflare_magic_wan_static_route and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_account: deprecated in favour of cloudflare_zero_trust_gateway_settings and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_list: deprecated in favour of cloudflare_zero_trust_list and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_location: deprecated in favour of cloudflare_zero_trust_dns_location and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_proxy_endpoint: deprecated in favour of cloudflare_zero_trust_gateway_proxy_endpoint and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_rule: deprecated in favour of cloudflare_zero_trust_gateway_policy and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel: deprecated in favour of cloudflare_zero_trust_tunnel_cloudflared and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_config: deprecated in favour of cloudflare_zero_trust_tunnel_cloudflared_config and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_route: deprecated in favour of cloudflare_zero_trust_tunnel_route and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_virtual_network: deprecated in favour of cloudflare_zero_trust_tunnel_virtual_network and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_cron_trigger: deprecated in favour of cloudflare_workers_cron_trigger and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_domain: deprecated in favour of cloudflare_workers_custom_domain and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_script: deprecated in favour of cloudflare_workers_script and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_secret: deprecated in favour of cloudflare_workers_secret and will be removed in the next major version. (#​3584)
• resource/cloudflare_workers_for_platforms_namespace: deprecated in favour of cloudflare_workers_for_platforms_dispatch_namespace and will be removed in the next major version. (#​3584)

FEATURES:

• New Resource: cloudflare_magic_wan_gre_tunnel (#​3584)
• New Resource: cloudflare_magic_wan_ipsec_tunnel (#​3584)
• New Resource: cloudflare_magic_wan_static_route (#​3584)
• New Resource: cloudflare_workers_cron_trigger (#​3584)
• New Resource: cloudflare_workers_custom_domain (#​3584)
• New Resource: cloudflare_workers_for_platforms_dispatch_namespace (#​3584)
• New Resource: cloudflare_workers_script (#​3584)
• New Resource: cloudflare_workers_secret (#​3584)
• New Resource: cloudflare_zero_trust_access_application (#​3584)
• New Resource: cloudflare_zero_trust_access_custom_page (#​3584)
• New Resource: cloudflare_zero_trust_access_group (#​3584)
• New Resource: cloudflare_zero_trust_access_identity_provider (#​3584)
• New Resource: cloudflare_zero_trust_access_key_configuration (#​3584)
• New Resource: cloudflare_zero_trust_access_mtls_certificate (#​3584)
• New Resource: cloudflare_zero_trust_access_mtls_hostname_settings (#​3584)
• New Resource: cloudflare_zero_trust_access_policy (#​3584)
• New Resource: cloudflare_zero_trust_access_service_token (#​3584)
• New Resource: cloudflare_zero_trust_access_short_lived_certificate (#​3584)
• New Resource: cloudflare_zero_trust_access_tag (#​3584)
• New Resource: cloudflare_zero_trust_device_certificates (#​3584)
• New Resource: cloudflare_zero_trust_device_managed_networks (#​3584)
• New Resource: cloudflare_zero_trust_device_posture_integration (#​3584)
• New Resource: cloudflare_zero_trust_device_posture_rule (#​3584)
• New Resource: cloudflare_zero_trust_device_profiles (#​3584)
• New Resource: cloudflare_zero_trust_dex_test (#​3584)
• New Resource: cloudflare_zero_trust_dlp_custom_profile (#​3584)
• New Resource: cloudflare_zero_trust_dlp_predefined_profile (#​3584)
• New Resource: cloudflare_zero_trust_dlp_profile (#​3584)
• New Resource: cloudflare_zero_trust_dns_location (#​3584)
• New Resource: cloudflare_zero_trust_gateway_policy (#​3584)
• New Resource: cloudflare_zero_trust_gateway_proxy_endpoint (#​3584)
• New Resource: cloudflare_zero_trust_gateway_settings (#​3584)
• New Resource: cloudflare_zero_trust_list (#​3584)
• New Resource: cloudflare_zero_trust_local_domain_fallback (#​3584)
• New Resource: cloudflare_zero_trust_organization (#​3584)
• New Resource: cloudflare_zero_trust_risk_behavior (#​3584)
• New Resource: cloudflare_zero_trust_risk_score_integration (#​3563)
• New Resource: cloudflare_zero_trust_split_tunnels (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_cloudflared (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_cloudflared_config (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_route (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_virtual_network (#​3584)

ENHANCEMENTS:

• resource/cloudflare_device_posture_rule: add ability to create client_certificate_v2 posture rule (#​3512)
• resource/cloudflare_device_settings_policy: Add tunnel_protocol field for device policies (#​3513)

BUG FIXES:

• resource/cloudflare_access_policy: handle multiple okta idps in access policies (#​3579)
• resource/cloudflare_record: refactor validation to use ExactlyOneOf instead of custom logic (#​3699)

DEPENDENCIES:

• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.10.0 to 1.11.0 (#​3575)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.9.0 to 1.10.0 (#​3583)
• provider: bump golang.org/x/net from 0.27.0 to 0.28.0 (#​3576)

v4.39.0

Compare Source

NOTES:

• resource/cloudflare_access_policy: remove deprecation notice related to precedence (#​3556)
• resource/cloudflare_record: value is now deprecated in favour of content (#​3509)
• resource/cloudflare_worker_cron_trigger: deprecated in favour of cloudflare_workers_cron_trigger and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_domain: deprecated in favour of cloudflare_workers_domain and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_route: deprecated in favour of cloudflare_workers_route and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_script: deprecated in favour of cloudflare_workers_script and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_secret: deprecated in favour of cloudflare_workers_secret and will be removed in the next major version. (#​3500)
• resource/cloudflare_workers_for_platforms_namespace: deprecated in favour of cloudflare_workers_for_platforms_dispatch_namespace and will be removed in the next major version. (#​3500)
• resource/zone_settings_override: deprecate minify setting and include state migration to remove from local state. You should immediately remove the configuration from the resource to prevent permadiffs. Automatic migration of user configuration can be handled with Grit by running grit apply github.com/cloudflare/terraform-provider-cloudflare#cloudflare_zone_settings_override_remove_minify (#​3521)

FEATURES:

• New Data Source: cloudflare_gateway_app_types (#​3470)
• New Resource: cloudflare_workers_cron_trigger (#​3500)
• New Resource: cloudflare_workers_domain (#​3500)
• New Resource: cloudflare_workers_for_platforms_dispatch_namespace (#​3500)
• New Resource: cloudflare_workers_route (#​3500)
• New Resource: cloudflare_workers_script (#​3500)
• New Resource: cloudflare_workers_secret (#​3500)

ENHANCEMENTS:

• resource/access_application: add skip_app_launcher_login_page flag to skip the App Launcher landing page (#​3519)
• resource/cloudflare_device_posture_rules: added support for intune compliance_status values (#​3492)
• resource/cloudflare_teams_rule: Add disable_clipboard_redirection attribute to BISOAdminControls (#​3511)
• resource/hyperdrive_config: Add support for creating Hyperdrive over Access configs (#​3516)
• resource/hyperdrive_config: Add support for max_age and stale_while_revalidate in Hyperdrive Config caching settings (#​3516)

BUG FIXES:

• resource/cloudflare_list_item: handle overlapping hostname url_hostname (#​3515)
• resource/cloudflare_risk_behavior: fix bug where partial definition of risk behaviors resulted in a provider error (#​3463)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.2 to 1.58.3 in the aws group (#​3557)
• provider: bump github.com/cloudflare/cloudflare-go from 0.100.0 to 0.101.0 (#​3540)
• provider: bump github.com/cloudflare/cloudflare-go from 0.99.0 to 0.100.0 (#​3499)

v4.38.0

Compare Source

FEATURES:

• New Data Source: cloudflare_gateway_categories (#​3443)

ENHANCEMENTS:

• resource/cloudflare_teams_list: add support for descriptions on list items (#​3488)
• resource/cloudflare_teams_rules: add support for ignore_cname_category_matches (#​3473)

BUG FIXES:

• resource/cloudflare-access-application: fixes bug when updating self_hosted_domains (#​3468)
• resource/cloudflare_access_application: Fix bug that was not cleaning the API when removing all ids from the 'policies' list (#​3469)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.24 to 1.27.25 (#​3449)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.25 to 1.27.27 (#​3483)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.24 to 1.17.25 (#​3449)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.25 to 1.17.27 (#​3483)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.0 to 1.58.1 (#​3449)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.1 to 1.58.2 (#​3483)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.1 to 1.30.2 (#​3449)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.2 to 1.30.3 (#​3483)
• provider: bump github.com/cloudflare/cloudflare-go/v2 from 2.3.0 to 2.4.0 (#​3480)

v4.37.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_notification_policy: Add tunnel_name filter for Magic Health Checks (#​3417)

BUG FIXES:

• resource/cloudflare_r2_bucket: add validation to location hint to prevent invalid values from drifting (#​3441)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.21 to 1.27.22 (#​3404)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.22 to 1.27.23 (#​3412)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.23 to 1.27.24 (#​3437)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.21 to 1.17.22 (#​3404)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.22 to 1.17.23 (#​3412)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.23 to 1.17.24 (#​3437)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.56.1 to 1.57.0 (#​3404)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.57.0 to 1.57.1 (#​3412)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.0 to 1.30.1 (#​3412)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.57.1 to 1.58.0 in the aws group (#​3429)
• provider: bump github.com/cloudflare/cloudflare-go from 0.98.0 to 0.99.0 (#​3438)
• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.9.0 to 1.10.0 (#​3445)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.12.0 to 0.13.0 (#​3447)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.8.0 to 1.9.0 (#​3446)
• provider: bump golang.org/x/net from 0.26.0 to 0.27.0 (#​3442)

v4.36.0

Compare Source

NOTES:

• resource/zone_settings_override: deprecate mobile_redirect setting and include state migration to remove from local state. You should immediately remove the configuration from the resource to prevent permadiffs. (#​3337)

ENHANCEMENTS:

• resource/cloudflare_access_application: Support configuring OIDC SaaS access token lifetime (#​3353)

BUG FIXES:

• resource/cloudflare_list_item: fix crash when not using type = "redirect" due to attempting to compare nil (#​3368)
• resource/cloudflare_list_item: implement exact match for IP values to prevent overlapping IP prefixes from not being found (#​3368)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.18 to 1.27.19 (#​3360)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.19 to 1.27.20 (#​3362)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.20 to 1.27.21 (#​3364)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.18 to 1.17.19 (#​3360)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.19 to 1.17.20 (#​3362)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.20 to 1.17.21 (#​3364)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.55.1 to 1.55.2 (#​3360)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.55.2 to 1.56.0 (#​3362)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.56.0 to 1.56.1 (#​3364)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.27.2 to 1.28.0 (#​3360)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.28.0 to 1.29.0 (#​3362)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.29.0 to 1.30.0 (#​3364)
• provider: bump github.com/cloudflare/cloudflare-go from 0.97.0 to 0.98.0 (#​3365)
• provider: bump github.com/cloudflare/cloudflare-go/v2 from 2.2.0 to 2.3.0 (#​3363)
• provider: bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 in /tools (#​3395)

v4.35.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: Add Hybrid and Implicit flow support to OIDC SaaS Apps (#​3324)
• resource/cloudflare_access_organization: Fix 'name' being optional (#​3343)
• resource/cloudflare_load_balancer_pool: Add support for virtual_network_id (#​3333)
• resource/cloudflare_teams_account: add support for 'virtual_ip' (#​3321)
• resource/resource_cloudflare_zone: add support for 'vanity_name_servers' (#​3315)

BUG FIXES:

• resource/cloudflare_access_application: Fix bug requiring explicit account_id or zone_id (#​3352)
• resource/cloudflare_access_application: force recreation if SaaS app auth_type is changed (#​3332)
• resource/cloudflare_list_item: handle overlapping redirect source_url (#​3335)
• resource/cloudflare_logpush_job: Mirror API defaults for record_delimiter to include newline (#​3334)
• resource/cloudflare_waiting_room_event: fix panic when trying to import a resource (#​3351)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.16 to 1.27.17 (#​3339)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.17 to 1.27.18 (#​3350)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.16 to 1.17.17 (#​3339)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.17 to 1.17.18 (#​3350)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.54.3 to 1.54.4 (#​3339)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.55.0 to 1.55.1 (#​3350)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.27.0 to 1.27.1 (#​3339)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.27.1 to 1.27.2 (#​3350)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.54.4 to 1.55.0 in the aws group (#​3346)
• provider: bump github.com/cloudflare/cloudflare-go from 0.96.0 to 0.97.0 (#​3347)
• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.8.0 to 1.9.0 (#​3341)
• provider: bump golang.org/x/net from 0.25.0 to 0.26.0 (#​3342)
• provider: bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (#​3345)

v4.34.0

Compare Source

FEATURES:

• New Resource: cloudflare_risk_behavior (#​3307)

ENHANCEMENTS:

• resource/cloudflare_access_application: Add support for OIDC refresh tokens, allowing PKCE without client secret, custom claims, and specifying name_by_idp for custom attributes/claims (#​3306)
• resource/cloudflare_access_application: improve validation logic for zone level reusable policies (#​3325)
• resource/cloudflare_access_group: improve validation logic for zone level reusable policies (#​3325)
• resource/cloudflare_ruleset: add support for fonts and disable_rum action parameters (#​3261)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.13 to 1.27.14 (#​3310)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.14 to 1.27.15 (#​3313)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.15 to 1.27.16 (#​3326)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.13 to 1.17.14 (#​3310)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.14 to 1.17.15 (#​3313)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.15 to 1.17.16 (#​3326)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.54.0 to 1.54.1 (#​3310)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.54.1 to 1.54.2 (#​3313)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.54.2 to 1.54.3 (#​3326)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.26.1 to 1.26.2 (#​3310)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.26.2 to 1.27.0 (#​3313)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.2 to 1.54.0 in the aws group (#​3308)
• provider: bump github.com/cloudflare/cloudflare-go from 0.95.0 to 0.96.0 (#​3322)
• provider: bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.33.0 to 2.34.0 (#​3316)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.6.0 to 1.8.0 (#​3317)

v4.33.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: added support for 'policies' argument (#​3288)
• resource/cloudflare_access_policy: added support for reusable policies (#​3288)
• resource/cloudflare_zone_settings_override: add support for NEL (#​3305)

BUG FIXES:

• resource/cloudflare_list_item: retry list ID fetch operations for the identifiers (#​3303)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.11 to 1.27.12 (#​3295)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.12 to 1.27.13 (#​3301)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.11 to 1.17.12 (#​3295)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.12 to 1.17.13 (#​3301)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.53.2 (#​3295)
• provider: bump bflad/action-milestone-comment from 1 to 2 (#​3299)
• provider: bump github.com/cloudflare/cloudflare-go/v2 from 2.1.0 to 2.2.0 (#​3298)
• provider: bump github.com/hashicorp/terraform-plugin-mux from 0.15.0 to 0.16.0 (#​3296)
• provider: bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#​3302)

v4.32.0

Compare Source

NOTES:

• resource/cloudflare_rate_limit: This resource is being deprecated in favor of the cloudflare_rulesets resource (#​3279)

ENHANCEMENTS:

• resource/cloudflare_access_application: add support for SCIM provisioning configuration (#​3291)
• resource/cloudflare_access_group: Add the option for email_list to be used in require, include and exclude fields (#​3247)
• resource/cloudflare_device_posture_rules: added support for os_version_extra (#​3281)

BUG FIXES:

• resource/cloudflare_turnstile: Fix error handling corrupting state (#​3284)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.94.0 to 0.95.0 (#​3294)
• provider: bump github.com/hashicorp/terraform-plugin-go from 0.22.2 to 0.23.0 (#​3289)
• provider: bump golang.org/x/net from 0.24.0 to 0.25.0 (#​3290)
• provider: bump golangci/golangci-lint-action from 5 to 6 (#​3293)

v4.31.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: added support for options_preflight_bypass (#​3267)
• resource/cloudflare_dlp_profile: Added support for ocr_enabled field to profiles (#​3224)
• resource/cloudflare_notification_policy: add 'target_ip' atrribute to 'filter' nested block (#​3263)
• resource/cloudflare_teams_account: add custom_certificate setting support (#​3253)
• resource/cloudflare_teams_location: added ecs_support field (#​3264)

BUG FIXES:

• resource/cloudflare_hyperdrive_config: Fix 'HyperdriveID' not included in Update call (#​3251)
• resource/cloudflare_managed_headers: disable header if it is deleted from terraform state (#​3260)
• resource/cloudflare_worker_script: fix namespaced script delete trying to delete from account rather than the namespace (#​3238)

INTERNAL:

• provider: introduce a muxed client to support using cloudflare-go/v0 and cloudflare-go/v2 together (#​3262)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.93.0 to 0.94.0 (#​3265)
• provider: bump github.com/cloudflare/cloudflare-go/v2 from 2.0.0 to 2.1.0 (#​3274)
• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.5.0 to 1.8.0 (#​3255)
• provider: bump github.com/hashicorp/terraform-plugin-go from 0.21.0 to 0.22.2 (#​3254)
• provider: bump golang.org/x/net from 0.19.0 to 0.23.0 in /tools (#​3258)
• provider: bump golangci/golangci-lint-action from 4 to 5 (#​3271)

v4.30.0

Compare Source

ENHANCEMENTS:

• cloudflare/resource_logpush_job: Add support for page_shield_events (#​3237)
• resource/cloudflare_access_group: added support for common_names rule list type to allow for more than one common_name rule in a policy block (#​3229)
• resource/cloudflare_access_policy: added support for common_names rule list type to allow for more than one common_name rule in a policy block (#​3229)
• resource/cloudflare_ipsec_tunnel: added support for replay_protection (#​3249)

BUG FIXES:

• resource/cloudflare_email_routing_address: Make sure schema is correctly upgraded. (#​3245)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.10 to 1.27.11 (#​3232)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.10 to 1.17.11 (#​3232)
• provider: bump github.com/cloudflare/cloudflare-go from 0.92.0 to 0.93.0 (#​3239)
• provider: bump golang.org/x/net from 0.22.0 to 0.23.0 (#​3225)
• provider: bump golang.org/x/net from 0.23.0 to 0.24.0 (#​3230)

v4.29.0

Compare Source

BREAKING CHANGES:

• data_source/record: Remove locked flag which is always false (#​3220)

ENHANCEMENTS:

• datasource/cloudflare_tunnel: Add the option to filter deleted tunnels (#​3201)
• resource/cloudflare_teams_rule: Add support for resolver policies (#​3198)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.9 to 1.27.10 (#​3222)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.9 to 1.17.10 (#​3222)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.0 to 1.53.1 (#​3222)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.26.0 to 1.26.1 (#​3222)

v4.28.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: adds saml_attribute_transform_jsonata` to SaaS applications (#​3187)
• resource/cloudflare_device_posture_rule: update support for new fields for crowdstrike_s2s posture rule. (#​3216)
• resource/cloudflare_ipsec_tunnel: Adds IPsec tunnel health_check_direction & health_check_rate parameters (#​3112)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.8 to 1.27.9 (#​3207)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.8 to 1.17.9 (#​3207)
• provider: bump github.com/cloudflare/cloudflare-go from 0.90.0 to 0.91.0 (#​3208)
• provider: bump github.com/cloudflare/cloudflare-go from 0.91.0 to 0.92.0 (#​3218)

v4.27.0

Compare Source

FEATURES:

• New Resource: cloudflare_access_mutual_tls_hostname_settings (#​3173)
• New Resource: cloudflare_hyperdrive_config (#​3111)

ENHANCEMENTS:

• resource/cloudflare_dlp_profile: Added support for context_awareness field to profiles (#​3158)
• resource/cloudflare_logpush_job: Add output_options parameter (#​3171)
• resource/cloudflare_notification_policy: Implement the airport_code filter (#​3183)
• resource/cloudflare_worker_script: Add dispatch_namespace to support uploading to a Workers for Platforms namespace (#​3154)
• resource/cloudflare_worker_script: Add tags to support tagging Workers for Platforms Workers (#​3154)

BUG FIXES:

• resource/cloudflare_access_application: Add Sensitive to oidc client_secret and preserve client_secret across apply (#​3168)
• resource/cloudflare_list_item: fix id parsing for imports (#​3191)
• resource/cloudflare_logpush_job: only set the value in state when it is defined (#​3188)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.6 to 1.27.7 (#​3172)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.7 to 1.27.8 (#​3197)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.6 to 1.17.7 (#​3172)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.7 to 1.17.8 (#​3197)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.3 to 1.51.4 (#​3172)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.4 to 1.52.0 (#​3182)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.52.0 to 1.52.1 (#​3190)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.52.1 to 1.53.0 (#​3197)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.25.3 (#​3172)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.25.3 to 1.26.0 (#​3197)
• provider: bump github.com/cloudflare/cloudflare-go from 0.89.0 to 0.90.0 (#​3178)
• provider: bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /tools (#​3180)
• provider: bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#​3181)

v4.26.0

Compare Source

FEATURES:

• **New Dat

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[fwartner]

Any updates on this?

[slauger]

Currently i'm a bit busy. I guess we need to change some stuff. If anyone has time to look at it, I would be happy to accept a pull request with the required fixes.