chore(deps): update terraform cloudflare

[renovate]

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
cloudflare (source)	required_provider	minor	4.8.0 -> 4.52.5
cloudflare		major	==3.1.0 -> ==4.3.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cloudflare/terraform-provider-cloudflare (cloudflare)

v4.52.5

Compare Source

BUG FIXES:

• internal/framework/service/list/resource_test.go: list items are cleared when no nested item block defined

v4.52.4

Compare Source

BUG FIXES:

• internal/sdkv2provider/schema_cloudflare_access_service_tokens.go: Remove ForceNew from client_id and client_secret

v4.52.3

Compare Source

BUG FIXES:

• internal/sdkv2provider/schema_cloudflare_access_service_tokens.go: Mark access_service_token.client_secret as computed when client_secret_version changes

v4.52.2

Compare Source

ENHANCEMENTS:

• internal/sdkv2provider/schema_cloudflare_access_service_tokens.go: Add graceful rotation support for client secrets
• internal/sdkv2provider/resource_cloudflare_access_service_tokens_test.go: Add graceful rotation support for client secrets
• internal/sdkv2provider/resource_cloudflare_access_service_tokens.go: Add graceful rotation support for client secrets

v4.52.1

Compare Source

4.52.1 (July 22th, 2025)

ENHANCEMENTS:

• internal/sdkv2provider/schema_cloudflare_load_balancer.go: remove "Computed" primitive from user configurable properties (#​5621)

v4.52.0

Compare Source

[!NOTE]
This is the last regular release in the 4.x line. 4.x is no longer under active development.

ENHANCEMENTS:

• resource/cloudflare_waiting_room: add support for Turnstile fields (#​4952)
• resource/cloudflare_zero_trust_gateway_policy: allow configuring isolate rules with BISO admin control V2 settings (#​4962)
• resource/snippets-rules: make terraform consistent with the API and do not require "enabled" and "description" fields
• resource/snippets: use list instead of set
• resource/cloud_connector_rules: use list instead of set (#​4787)

BUG FIXES:

• resource/cloudflare_device_posture_integration: fix bug where custom_s2s and tanium_s2s was not included in the type validation for s2s posture integrations. (#​4933)

DEPENDENCIES:

• provider: bump github.com/hashicorp/terraform-plugin-go from 0.25.0 to 0.26.0 (#​4928)
• provider: bump github.com/hashicorp/terraform-plugin-mux from 0.17.0 to 0.18.0 (#​4934)

v4.51.0

Compare Source

NOTES:

• resource/cloudflare_ruleset: remove deprecated http_request_sbfm phase (#​4860)

ENHANCEMENTS:

• resource/cloudflare_access_application: add private destination fields to access application (#​4892)
• resource/cloudflare_zero_trust_gateway_policy: allow configuring resolver rules with internal DNS (#​4918)

BUG FIXES:

• resource/cloudflare_api_shield_operation: fixed a bug when using variable names other than var1 ... varN in endpoint definitions causing these resources to be recreated when nothing has changed.
  If this affects you, after upgrading to this version, the resource has to be recreated once more to fix the state, after which the bug is fixed. (#​4894)
• resource/cloudflare_teams_location: Fix import failures on teams locations (#​4859)
• resource/cloudflare_zero_trust_device_posture_rule: Fix 'last_seen' not being written to the state file (#​4855)

INTERNAL:

• resource/cloudflare_api_shield_operation: migrated to the terraform-plugin-framework. (#​4894)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.113.0 to 0.114.0 (#​4893)
• provider: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.13.0 in /tools (#​4903)

v4.50.0

Compare Source

ENHANCEMENTS:

• cloudflare_teams_location: support endpoints + BYOIPv6 + DNS IPv4 destinations (#​4805)
• resource/cloudflare_zone_settings_override: Add support for aegis (#​4820)
• resource/cloudflare_zone_settings_override: add support for ssl_automatic_mode (#​4465)

BUG FIXES:

• resource/cloudflare_access_application: Fix access application saas apps attributes crashing provider when no changes were made to those (#​4843)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.112.0 to 0.113.0 (#​4826)
• provider: bump golang.org/x/net from 0.33.0 to 0.34.0 (#​4837)

v4.49.1

Compare Source

Functionally the same as v4.49.0 but retagged to fix the Terraform Registry having a bad checksum due to a failed build asset being used.

v4.49.0

Compare Source

• resource/cloudflare_teams_location: remove unusable policy_ids attribute (#​4817)

FEATURES:

• New Resource: cloudflare_content_scanning_expression (#​4734)
• New Resource: cloudflare_content_scanning (#​4719)

ENHANCEMENTS:

• resource/access_application: support multi-valued + Access service token authentication for SCIM provisioning to Access applications (#​4743)

BUG FIXES:

• resource/cloudflare_ruleset: handle when disable_stale_while_updating is an empty object but not nil (#​4814)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.111.0 to 0.112.0 (#​4803)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.15.0 to 0.16.0 (#​4762)
• provider: bump golang.org/x/crypto from 0.21.0 to 0.31.0 in /tools (#​4755)
• provider: bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#​4756)
• provider: bump golang.org/x/net from 0.32.0 to 0.33.0 (#​4802)

v4.48.0

Compare Source

NOTES:

• resource/cloudflare_ruleset: rules must now be given an explicit ref to avoid their IDs changing across ruleset updates, see https://developers.cloudflare.com/terraform/troubleshooting/rule-id-changes/ (#​4697)

FEATURES:

• New Resource: cloudflare_leaked_credential_check (#​4674)
• New Resource: cloudflare_leaked_credential_check_rule (#​4676)
• New Resource: cloudflare_snippet (#​4565)
• New Resource: cloudflare_snippet_rules (#​4565)

ENHANCEMENTS:

• resource/access_application: add support for destinations and domain_type (#​4661)
• resource/access_identity_provider: document scim_config fields (#​4721)
• resource/cloudflare_access_policy: adds support for Access infrastructure allow_email_alias connection rule flag (#​4665)
• resource/cloudflare_ruleset: improve diffs when only some rules are changed (#​4697)
• resource/cloudflare_teams_list: use PUT call to update list items (#​4737)
• resource/cloudflare_zero_trust_access_policy: adds support for Access infrastructure allow_email_alias connection rule flag (#​4665)

BUG FIXES:

• resource/cloudflare_authenticated_origin_pulls: Fix issue where resources are disabled instead of being destroyed on tf destroy (#​4649)
• resource/cloudflare_leaked_credential_check_rule: Fix bug in update method (#​4741)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.110.0 to 0.111.0 (#​4709)
• provider: bump golang.org/x/net from 0.31.0 to 0.32.0 (#​4718)

v4.47.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: support SCIM schema strictness setting for outbound provisioning (#​4419)
• resource/cloudflare_access_identity_provider: Adds identity update behavior field in SCIM configuration (#​4602)
• resource/cloudflare_notification_policy: Added support for D1 in the cloudflare_notification_policy resource and data source. (#​4615)
• resource/cloudflare_notification_policy: add support for image_resizing_notification alert type (#​4588)
• resource/cloudflare_r2_bucket: Added support for Oceania region in location hints. (#​4660)

BUG FIXES:

• resource/cloudflare_logpush_job: add dlp_forensic_copies to allowed dataset values (#​4598)
• resource/cloudflare_zero_trust_access_policy: make gsuite parameters required (#​4597)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.109.0 to 0.110.0 (#​4632)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.10.0 to 1.11.0 (#​4613)
• provider: bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#​4663)

v4.46.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_waiting_room: add "bg-BG", "hr-HR", "cs-CZ", "da-DK", "fi-FI", "lt-LT", "ms-MY", "nb-NO", "ro-RO", "el-GR", "he-IL" "hi-IN", "hu-HU", "sr-BA", "sk-SK", "sl-SI", "sv-SE", "tl-PH", "th-TH", "uk-UA", and "vi-VN" to default_template_language field (#​4509)

BUG FIXES:

• resource/cloudflare_certificate_pack: Fix importing existing resources issue due to 3 ignored required fields in importer (#​4544)
• resource/cloudflare_list: Don't read list items if there are none configured (#​4511)
• resource/cloudflare_zero_trust_list: Consider items_with_description when updating a ZT list (#​4477)
• resource/turnstile: Force recreate on region update (#​4496)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.108.0 to 0.109.0 (#​4523)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.14.0 to 0.15.0 (#​4492)
• provider: bump github.com/hashicorp/terraform-plugin-go from 0.24.0 to 0.25.0 (#​4483)
• provider: bump github.com/hashicorp/terraform-plugin-mux from 0.16.0 to 0.17.0 (#​4484)
• provider: bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.34.0 to 2.35.0 (#​4491)
• provider: bump golang.org/x/net from 0.30.0 to 0.31.0 (#​4541)
• provider: bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (#​4531)

v4.45.0

Compare Source

NOTES:

• datasource/cloudflare_infrastructure_access_targets: deprecated in favour of cloudflare_zero_trust_infrastructure_access_targets and will be removed in the next major version. (#​4403)
• resource/cloudflare_infrastructure_access_target: deprecated in favour of cloudflare_zero_trust_infrastructure_access_target and will be removed in the next major version. (#​4403)

FEATURES:

• New Resource: cloudflare_zero_trust_infrastructure_access_target (#​4403)

ENHANCEMENTS:

• resource/cloudflare_ruleset: add support for zstd compression in the compress_response action (#​4300)

BUG FIXES:

• resource/cloudflare_workers_cron_trigger: fix incorrectly reported deprecated resource (#​4295)
• resource/cloudflare_zero_trust_dlp_profile: Include more fields in entry set hash function (#​4464)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.107.0 to 0.108.0 (#​4394)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.13.0 to 0.14.0 (#​4313)

v4.44.0

Compare Source

NOTES:

• cloudflare_list has been migrated to the terraform-plugin-framework in doing so addresses issues with the internal representation of zero values. A downside to this is that to get the full benefits, you will need to remove the resource from your Terraform state (terraform state rm ...) and then import the resource back into your state. (#​4228)

ENHANCEMENTS:

• resource/cloudflare_certificate_pack: Add SSL.com as valid certificate authority (#​4267)
• resource/cloudflare_device_posture_rule: Add support for SentinelOne posture check operational_state field (#​4200)

BUG FIXES:

• resource/cloudflare_device_posture_rule: fix bug where locations were not parsed correctly for client_certificate_v2 posture rules (#​4168)
• resource/cloudflare_teams_rule: start persisting rule settings, wo rules may not stuck in plan cycle (#​4261)
• resource/cloudflare_zone: When changing type to or from partial the verification_key attribute will properly show that it will receive a new value. (#​4019)

INTERNAL:

• resource/cloudflare_list: migrate from SDKv2 to terraform-plugin-framework (#​4228)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.106.0 to 0.107.0 (#​4251)
• provider: bump golang.org/x/net from 0.29.0 to 0.30.0 (#​4213)

v4.43.0

Compare Source

FEATURES:

• New Resource: cloudflare_infrastructure_access_target (#​4077)

ENHANCEMENTS:

• resource/cloudflare_access_application: added target contexts support for access application type infrastructure (#​4128)
• resource/cloudflare_access_policy: added infrastructure connection rule support for access policy (#​4128)
• resource/cloudflare_device_posture_integration: add support for managing custom_s2s third party posture provider. (#​3917)
• resource/cloudflare_device_posture_rule: add ability to create custom_s2s posture rule (#​3917)
• resource/cloudflare_zone_settings_override: add support for Speed Brain (#​4113)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.34 to 1.27.37 (#​4124)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.37 to 1.27.38 (#​4127)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.32 to 1.17.35 (#​4124)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.35 to 1.17.36 (#​4127)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.61.2 to 1.63.1 (#​4124)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.63.1 to 1.63.2 (#​4127)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.5 to 1.31.0 (#​4124)
• provider: bump actions/checkout from 3 to 4 (#​4101)
• provider: bump github.com/cloudflare/cloudflare-go from 0.104.0 to 0.105.0 (#​4125)
• provider: bump github.com/cloudflare/cloudflare-go from 0.105.0 to 0.106.0 (#​4137)
• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.11.0 to 1.12.0 (#​4061)
• provider: bump github.com/hashicorp/terraform-plugin-go from 0.23.0 to 0.24.0 (#​4060)

v4.42.0

Compare Source

FEATURES:

• New Resource: cloudflare_zero_trust_gateway_certificate (#​3547)

ENHANCEMENTS:

• resource/cloudflare_notification_policy: add support for image_notification alert type (#​3981)
• resource/cloudflare_access_group: Added description strings to all rule types (#​3792)
• resource/cloudflare_bot_management: Add support for ai_bots_protection settings (#​3960)
• resource/cloudflare_record: remove internal references to deprecated ZoneID and ZoneName fields (#​4018)
• resource/cloudflare_workers_script: Add support for hyperdrive binding type (#​3821)
• resource/cloudflare_zone_settings_override: Add optional setting replace_insecure_js (#​3602)
• resource/rulesets: add cache_reserve terraform support and fix typo (#​3923)
• resource/zero_trust_gateway_settings: Add missing disable_for_time example field (#​3931)

BUG FIXES:

• resource/cloudflare_access_application: fix the name of the new resource to use when upgrading (#​4044)
• resource/cloudflare_access_application: reconcile access application custom attributes logic (#​3987)
• resource/cloudflare_hyperdrive_config: fix bug when calling passing Hyperdrive config ID to update method (#​4042)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.31 to 1.27.32 (#​3892)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.32 to 1.27.33 (#​3901)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.30 to 1.17.31 (#​3892)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.31 to 1.17.32 (#​3901)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.61.0 to 1.61.1 (#​3892)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.61.1 to 1.61.2 (#​3901)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.4 to 1.30.5 (#​3892)
• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.33 to 1.27.34 in the aws group (#​4020)
• provider: bump github.com/cloudflare/cloudflare-go from 0.103.0 to 0.104.0 (#​3974)
• provider: bump golang.org/x/net from 0.28.0 to 0.29.0 (#​3911)

v4.41.0

Compare Source

NOTES:

• resource/cloudflare_logpush_job: Deprecate frequency in favour of max_upload_interval_seconds (#​3745)
• resource/cloudflare_record: remove deprecated zone_name field (#​3855)

FEATURES:

• New Data Source: cloudflare_dcv_delegation (#​3885)
• New Resource: cloudflare_cloud_connector_rules (#​3622)

ENHANCEMENTS:

• resource/cloudflare_device_posture_rule: Modify Tanium's eid_last_seen field to be relative instead of a timestamp value (#​3764)
• resource/cloudflare_teams_account: Add disable_for_time attribute (#​3526)
• resource/cloudflare_waiting_room: Add enabled_origin_commands field. (#​3805)
• resource/rulesets: add "contains" support to custom cache key headers (#​3820)

BUG FIXES:

• resource/cloudflare_access_mutual_tls_certificate: change associated hostnames to a set (#​3498)
• resource/cloudflare_access_policy: Fix forcing new access policies when account id is not set through import (#​3358)
• resource/cloudflare_record: Suppress matching ipv6 dns record (#​3888)
• resource/cloudflare_record: handle scenarios where content and value are both being set in state and erroneously always thinking the content field is the source of truth (#​3776)
• resource/cloudflare_zero_trust_access_group: Fix false deprecation warnings (#​3740)
• resource/cloudflare_zone_settings_override: fix migration process with nil initial_settings (#​3829)
• resource/hyperdrive_config: use hyperdrive_config id when updating resource (#​3704)

DEPENDENCIES:

• provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.27 to 1.27.31 (#​3801)
• provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.27 to 1.17.30 (#​3801)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.3 to 1.60.1 (#​3801)
• provider: bump github.com/aws/aws-sdk-go-v2 from 1.30.3 to 1.30.4 (#​3801)
• provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.60.1 to 1.61.0 in the aws group (#​3823)
• provider: bump github.com/cloudflare/cloudflare-go from 0.101.0 to 0.102.0 (#​3713)
• provider: bump github.com/cloudflare/cloudflare-go from 0.102.0 to 0.103.0 (#​3824)

v4.40.0

Compare Source

NOTES:

• resource/cloudflare_access_application: deprecated in favour of cloudflare_zero_trust_access_application and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_ca_certificate: deprecated in favour of cloudflare_zero_trust_access_short_lived_certificate and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_custom_page: deprecated in favour of cloudflare_zero_trust_access_custom_page and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_group: deprecated in favour of cloudflare_zero_trust_access_group and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_identity_provider: deprecated in favour of cloudflare_zero_trust_access_identity_provider and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_keys_configuration: deprecated in favour of cloudflare_zero_trust_access_key_configuration and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_mutual_tls_certificate: deprecated in favour of cloudflare_zero_trust_access_mtls_certificate and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_mutual_tls_hostname_settings: deprecated in favour of cloudflare_zero_trust_access_mtls_hostname_settings and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_organization: deprecated in favour of cloudflare_zero_trust_organization and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_policy: deprecated in favour of cloudflare_zero_trust_access_policy and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_service_token: deprecated in favour of cloudflare_zero_trust_access_service_token and will be removed in the next major version. (#​3584)
• resource/cloudflare_access_tag: deprecated in favour of cloudflare_zero_trust_access_tag and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_dex_test: deprecated in favour of cloudflare_zero_trust_dex_test and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_managed_networks: deprecated in favour of cloudflare_zero_trust_device_managed_networks and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_policy_certificates: deprecated in favour of cloudflare_zero_trust_device_certificates and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_posture_integration: deprecated in favour of cloudflare_zero_trust_device_posture_integration and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_posture_rule: deprecated in favour of cloudflare_zero_trust_device_posture_rule and will be removed in the next major version. (#​3584)
• resource/cloudflare_device_settings_policy: deprecated in favour of cloudflare_zero_trust_device_profiles and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_custom_profile: deprecated in favour of cloudflare_zero_trust_dlp_custom_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_predefined_profile: deprecated in favour of cloudflare_zero_trust_dlp_predefined_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_dlp_profile: deprecated in favour of cloudflare_zero_trust_dlp_profile and will be removed in the next major version. (#​3584)
• resource/cloudflare_fallback_domain: deprecated in favour of cloudflare_zero_trust_local_domain_fallback and will be removed in the next major version. (#​3584)
• resource/cloudflare_gre_tunnel: deprecated in favour of cloudflare_magic_wan_gre_tunnel and will be removed in the next major version. (#​3584)
• resource/cloudflare_ipsec_tunnel: deprecated in favour of cloudflare_magic_wan_ipsec_tunnel and will be removed in the next major version. (#​3584)
• resource/cloudflare_record: fix a bug that prematurely removed the ability to set the deprecated value field. (#​3674)
• resource/cloudflare_risk_behavior: deprecated in favour of cloudflare_zero_trust_risk_behavior and will be removed in the next major version. (#​3584)
• resource/cloudflare_split_tunnel: deprecated in favour of cloudflare_zero_trust_split_tunnels and will be removed in the next major version. (#​3584)
• resource/cloudflare_static_route: deprecated in favour of cloudflare_magic_wan_static_route and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_account: deprecated in favour of cloudflare_zero_trust_gateway_settings and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_list: deprecated in favour of cloudflare_zero_trust_list and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_location: deprecated in favour of cloudflare_zero_trust_dns_location and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_proxy_endpoint: deprecated in favour of cloudflare_zero_trust_gateway_proxy_endpoint and will be removed in the next major version. (#​3584)
• resource/cloudflare_teams_rule: deprecated in favour of cloudflare_zero_trust_gateway_policy and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel: deprecated in favour of cloudflare_zero_trust_tunnel_cloudflared and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_config: deprecated in favour of cloudflare_zero_trust_tunnel_cloudflared_config and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_route: deprecated in favour of cloudflare_zero_trust_tunnel_route and will be removed in the next major version. (#​3584)
• resource/cloudflare_tunnel_virtual_network: deprecated in favour of cloudflare_zero_trust_tunnel_virtual_network and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_cron_trigger: deprecated in favour of cloudflare_workers_cron_trigger and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_domain: deprecated in favour of cloudflare_workers_custom_domain and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_script: deprecated in favour of cloudflare_workers_script and will be removed in the next major version. (#​3584)
• resource/cloudflare_worker_secret: deprecated in favour of cloudflare_workers_secret and will be removed in the next major version. (#​3584)
• resource/cloudflare_workers_for_platforms_namespace: deprecated in favour of cloudflare_workers_for_platforms_dispatch_namespace and will be removed in the next major version. (#​3584)

FEATURES:

• New Resource: cloudflare_magic_wan_gre_tunnel (#​3584)
• New Resource: cloudflare_magic_wan_ipsec_tunnel (#​3584)
• New Resource: cloudflare_magic_wan_static_route (#​3584)
• New Resource: cloudflare_workers_cron_trigger (#​3584)
• New Resource: cloudflare_workers_custom_domain (#​3584)
• New Resource: cloudflare_workers_for_platforms_dispatch_namespace (#​3584)
• New Resource: cloudflare_workers_script (#​3584)
• New Resource: cloudflare_workers_secret (#​3584)
• New Resource: cloudflare_zero_trust_access_application (#​3584)
• New Resource: cloudflare_zero_trust_access_custom_page (#​3584)
• New Resource: cloudflare_zero_trust_access_group (#​3584)
• New Resource: cloudflare_zero_trust_access_identity_provider (#​3584)
• New Resource: cloudflare_zero_trust_access_key_configuration (#​3584)
• New Resource: cloudflare_zero_trust_access_mtls_certificate (#​3584)
• New Resource: cloudflare_zero_trust_access_mtls_hostname_settings (#​3584)
• New Resource: cloudflare_zero_trust_access_policy (#​3584)
• New Resource: cloudflare_zero_trust_access_service_token (#​3584)
• New Resource: cloudflare_zero_trust_access_short_lived_certificate (#​3584)
• New Resource: cloudflare_zero_trust_access_tag (#​3584)
• New Resource: cloudflare_zero_trust_device_certificates (#​3584)
• New Resource: cloudflare_zero_trust_device_managed_networks (#​3584)
• New Resource: cloudflare_zero_trust_device_posture_integration (#​3584)
• New Resource: cloudflare_zero_trust_device_posture_rule (#​3584)
• New Resource: cloudflare_zero_trust_device_profiles (#​3584)
• New Resource: cloudflare_zero_trust_dex_test (#​3584)
• New Resource: cloudflare_zero_trust_dlp_custom_profile (#​3584)
• New Resource: cloudflare_zero_trust_dlp_predefined_profile (#​3584)
• New Resource: cloudflare_zero_trust_dlp_profile (#​3584)
• New Resource: cloudflare_zero_trust_dns_location (#​3584)
• New Resource: cloudflare_zero_trust_gateway_policy (#​3584)
• New Resource: cloudflare_zero_trust_gateway_proxy_endpoint (#​3584)
• New Resource: cloudflare_zero_trust_gateway_settings (#​3584)
• New Resource: cloudflare_zero_trust_list (#​3584)
• New Resource: cloudflare_zero_trust_local_domain_fallback (#​3584)
• New Resource: cloudflare_zero_trust_organization (#​3584)
• New Resource: cloudflare_zero_trust_risk_behavior (#​3584)
• New Resource: cloudflare_zero_trust_risk_score_integration (#​3563)
• New Resource: cloudflare_zero_trust_split_tunnels (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_cloudflared (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_cloudflared_config (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_route (#​3584)
• New Resource: cloudflare_zero_trust_tunnel_virtual_network (#​3584)

ENHANCEMENTS:

• resource/cloudflare_device_posture_rule: add ability to create client_certificate_v2 posture rule (#​3512)
• resource/cloudflare_device_settings_policy: Add tunnel_protocol field for device policies (#​3513)

BUG FIXES:

• resource/cloudflare_access_policy: handle multiple okta idps in access policies (#​3579)
• resource/cloudflare_record: refactor validation to use ExactlyOneOf instead of custom logic (#​3699)

DEPENDENCIES:

• provider: bump github.com/hashicorp/terraform-plugin-framework from 1.10.0 to 1.11.0 (#​3575)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.9.0 to 1.10.0 (#​3583)
• provider: bump golang.org/x/net from 0.27.0 to 0.28.0 (#​3576)

v4.39.0

Compare Source

NOTES:

• resource/cloudflare_access_policy: remove deprecation notice related to precedence (#​3556)
• resource/cloudflare_record: value is now deprecated in favour of content (#​3509)
• resource/cloudflare_worker_cron_trigger: deprecated in favour of cloudflare_workers_cron_trigger and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_domain: deprecated in favour of cloudflare_workers_domain and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_route: deprecated in favour of cloudflare_workers_route and will be removed in the next major version. (#​3500)
• resource/cloudflare_worker_script: deprecated in favour of cloudflare_workers_script and

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.