[Terraform] Added note about V4 code snippets (#19497)

dcpena · kodster28 · commit a4e0688f7551 · 2025-01-30T11:20:50.000-06:00
* Added note about V4 code snippets

* Created partial for note

* Added note to additional pages

* Added notes above each additional terraform example
diff --git a/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx b/src/content/docs/terraform/additional-configurations/ddos-managed-rulesets.mdx
@@ -36,6 +36,8 @@ For more information on DDoS managed rulesets, refer to [Managed rulesets](/ddos
 
 This example configures the [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) managed ruleset for a zone using Terraform, changing the sensitivity level of rule with ID fdfdac75430c4c47a959592f0aa5e68a to `low`.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_level_http_ddos_config" {
   zone_id     = "<ZONE_ID>"
@@ -77,6 +79,8 @@ This example configures the [Network-layer DDoS Attack Protection](/ddos-protect
 
 :::
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_level_network_ddos_config" {
   account_id  = "<ACCOUNT_ID>"
@@ -126,6 +130,8 @@ The order of the rules is important: the rule with the highest sensitivity level
 
 :::
 
+<Render file="v4-code-snippets" />
+
 ```tf
 variable "zone_id" {
   default = "<ZONE_ID>"
diff --git a/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx b/src/content/docs/terraform/additional-configurations/rate-limiting-rules.mdx
@@ -35,6 +35,8 @@ For more information on configuring the previous version of rate limiting rules
 
 This example creates a rate limiting rule in zone with ID `<ZONE_ID>` blocking traffic that exceeds the configured rate:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_rl" {
   zone_id     = "<ZONE_ID>"
@@ -71,6 +73,8 @@ resource "cloudflare_ruleset" "zone_rl" {
 
 This example defines a [custom ruleset](/ruleset-engine/custom-rulesets/) with a single rate limiting rule in account with ID `<ACCOUNT_ID>` that blocks traffic for the `/api/` path exceeding the configured rate. The second `cloudflare_ruleset` resource defines an `execute` rule that deploys the custom ruleset for traffic addressed at `example.com`.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_rl" {
   account_id  = <ACCOUNT_ID>
@@ -125,6 +129,8 @@ This example creates a rate limiting rule in zone with ID `<ZONE_ID>` with:
 - A custom counting expression that includes a response field (`http.response.code`).
 - A custom JSON response for rate limited requests.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_rl_custom_response" {
   zone_id     = "<ZONE_ID>"
diff --git a/src/content/docs/terraform/additional-configurations/transform-rules.mdx b/src/content/docs/terraform/additional-configurations/transform-rules.mdx
@@ -33,6 +33,8 @@ For more information on Transform Rules, refer to [Transform Rules](/rules/trans
 
 The following example creates a Rewrite URL Rule that rewrites requests for `example.com/old-folder` to `example.com/new-folder`:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "transform_url_rewrite" {
   zone_id     = "<ZONE_ID>"
@@ -69,6 +71,8 @@ The following configuration example performs the following adjustments to HTTP r
 - Adds a `my-header-2` header to the request with a dynamic value defined by an expression.
 - Deletes the `existing-header` header from the request, if it exists.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "transform_modify_request_headers" {
   zone_id     = "<ZONE_ID>"
@@ -117,6 +121,8 @@ The following configuration example performs the following adjustments to HTTP r
 - Adds a `my-header-2` header to the response with a dynamic value defined by an expression.
 - Deletes the `existing-header` header from the response, if it exists.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "transform_modify_response_headers" {
   zone_id     = "<ZONE_ID>"
diff --git a/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx b/src/content/docs/terraform/additional-configurations/waf-custom-rules.mdx
@@ -40,6 +40,8 @@ For more information on custom rules, refer to [Custom rules](/waf/custom-rules/
 
 The following example configures a custom rule in the zone entry point ruleset for the `http_request_firewall_custom` phase for zone with ID `<ZONE_ID>`. The rule will block all traffic on non-standard HTTP(S) ports:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_custom_firewall" {
   zone_id     = "<ZONE_ID>"
@@ -67,6 +69,8 @@ For more information on enabling leaked credentials detection using Terraform, r
 
 This example adds a custom rule that challenges requests with leaked credentials by using one of the [leaked credentials fields](/waf/detections/leaked-credentials/#leaked-credentials-fields) in the rule expression.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_custom_firewall_leaked_creds" {
   zone_id     = "<ZONE_ID>"
@@ -94,6 +98,8 @@ For more information on enabling malicious uploads detection using Terraform, re
 
 This example adds a custom rule that blocks requests with one or more <GlossaryTooltip term="content object">content objects</GlossaryTooltip> considered malicious by using one of the [content scanning fields](/waf/detections/malicious-uploads/#content-scanning-fields) in the rule expression.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "zone_custom_firewall_malicious_uploads" {
   zone_id     = "<ZONE_ID>"
@@ -125,6 +131,8 @@ You can only create and deploy custom rulesets at the account level.
 
 The following configuration creates the custom ruleset with a single rule:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_firewall_custom_ruleset" {
   account_id  = "<ACCOUNT_ID>"
@@ -149,6 +157,8 @@ resource "cloudflare_ruleset" "account_firewall_custom_ruleset" {
 
 The following configuration deploys the custom ruleset at the account level. It defines a dependency on the `account_firewall_custom_ruleset` resource and uses the ID of the created custom ruleset in `action_parameters`:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_firewall_custom_entrypoint" {
   account_id  = "<ACCOUNT_ID>"
@@ -181,6 +191,8 @@ The following configuration creates a custom ruleset with a single rule that [ch
 
 You can only add exposed credential checks to rules in a custom ruleset (that is, a ruleset with `kind = "custom"`).
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_firewall_custom_ruleset_exposed_creds" {
   account_id  = "<ACCOUNT_ID>"
@@ -213,6 +225,8 @@ resource "cloudflare_ruleset" "account_firewall_custom_ruleset_exposed_creds" {
 
 The following configuration deploys the custom ruleset. It defines a dependency on the `account_firewall_custom_ruleset_exposed_creds` resource and obtains the ID of the created custom ruleset:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_firewall_custom_entrypoint" {
   account_id  = "<ACCOUNT_ID>"
diff --git a/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx b/src/content/docs/terraform/additional-configurations/waf-managed-rulesets.mdx
@@ -36,6 +36,8 @@ For more information on WAF Managed Rules, refer to [WAF Managed Rules](/waf/man
 
 The following example deploys two managed rulesets to the zone with ID `<ZONE_ID>` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 # Configure a ruleset at the zone level for the "http_request_firewall_managed" phase
 resource "cloudflare_ruleset" "zone_level_managed_waf" {
@@ -80,6 +82,8 @@ resource "cloudflare_ruleset" "zone_level_managed_waf" {
 
 The following example deploys two managed rulesets to the account with ID `<ACCOUNT_ID>` using Terraform, using a `cloudflare_ruleset` resource with two rules that execute the managed rulesets for two hostnames belonging to Enterprise zones.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_ruleset" "account_level_managed_waf" {
   account_id  = "<ACCOUNT_ID>"
@@ -123,6 +127,8 @@ The following example adds two [skip rules](/waf/managed-rules/waf-exceptions/)
 
 Add the two skip rules to the `cloudflare_ruleset` resource before the rule that deploys the Cloudflare Managed Ruleset:
 
+<Render file="v4-code-snippets" />
+
 ```tf null {4-13,15-27}
 resource "cloudflare_ruleset" "zone_level_managed_waf" {
   # (...)
@@ -184,6 +190,8 @@ The following example adds three [overrides](/ruleset-engine/managed-rulesets/ov
 
 The following configuration includes the three overrides in the rule that executes the Cloudflare Managed Ruleset:
 
+<Render file="v4-code-snippets" />
+
 ```tf null {9-24}
   # (...)
 
@@ -223,6 +231,8 @@ This example enables [payload logging](/waf/managed-rules/payload-logging/) for
 
 Building upon the rule that deploys the Cloudflare Managed Ruleset, the following rule configuration adds the `matched_data` object with the public key used to encrypt the payload:
 
+<Render file="v4-code-snippets" />
+
 ```tf null {9-11}
   # (...)
 
@@ -262,6 +272,8 @@ The following example rule of a `cloudflare_ruleset` Terraform resource performs
 - Sets the score threshold to `60` (_Low_).
 - Sets the ruleset action to `log`.
 
+<Render file="v4-code-snippets" />
+
 ```tf null {8-25}
   # (...)
 
diff --git a/src/content/docs/terraform/advanced-topics/import-cloudflare-resources.mdx b/src/content/docs/terraform/advanced-topics/import-cloudflare-resources.mdx
@@ -3,6 +3,8 @@ pcx_content_type: tutorial
 title: Import Cloudflare resources
 ---
 
+import { Render } from "~/components";
+
 An important point to understand about Terraform is that it can only manage configuration it created or was explicitly told about after the fact. The reason for this limitation is that Terraform expects to be authoritative for the resources it manages. It relies on two types of files to understand what resources it controls and what state they are in. Terraform determines when and how to make changes from the following:
 
 - A [configuration file](https://developer.hashicorp.com/terraform/language) (ending in `.tf`) that defines the configuration of resources for Terraform to manage. This is what you worked with in the tutorial steps.
@@ -54,6 +56,8 @@ To start managing existing Cloudflare resources in Terraform, for example, DNS r
 
 If you do not have a Terraform configuration file defined, you need the `provider` block defined as follows:
 
+<Render file="v4-code-snippets" />
+
 ```hcl
 provider 'cloudflare' {
  # Cloudflare email saved in $CLOUDFLARE_EMAIL
@@ -71,6 +75,8 @@ cf-terraforming generate --email $CLOUDFLARE_EMAIL --token $CLOUDFLARE_API_TOKEN
 
 If you had not redirected the output to the `importing-example.tf` file, the result displayed in the standard output (your terminal window) would look like the following:
 
+<Render file="v4-code-snippets" />
+
 ```tf
 resource "cloudflare_record" "terraform_managed_resource_3c0b456bc2aa443089c5f40f45f51b31" {
     name    = "@"
diff --git a/src/content/docs/terraform/advanced-topics/remote-backend.mdx b/src/content/docs/terraform/advanced-topics/remote-backend.mdx
@@ -38,6 +38,8 @@ After your token has been successfully created, review your **Secret Access Key*
 
 Update your [`cloudflare.tf`](/terraform/tutorial/initialize-terraform/) file to include a [backend](https://developer.hashicorp.com/terraform/language/settings/backends/configuration) for the `<YOUR_BUCKET_NAME>` bucket you created above.
 
+<Render file="v4-code-snippets" />
+
 ```tf
 terraform {
   backend "s3" {
diff --git a/src/content/docs/terraform/tutorial/add-page-rules.mdx b/src/content/docs/terraform/tutorial/add-page-rules.mdx
@@ -8,10 +8,14 @@ head:
     content: Add exceptions with Page Rules
 ---
 
+import { Render } from "~/components";
+
 In the [Configure HTTPS settings](/terraform/tutorial/configure-https-settings/) tutorial, you configured zone settings that apply to all incoming requests for `example.com`. In this tutorial, you will add an exception to these settings using [Page Rules](/rules/page-rules/).
 
 Specifically, you will increase the security level for a URL known to be expensive to render and cannot be cached: `https://www.example.com/expensive-db-call`. Additionally, you will add a redirect from the previous URL used to host this page.
 
+<Render file="v4-code-snippets" />
+
 ## 1. Create a new branch and append the page rule
 
 Create a new branch and append the configuration.
diff --git a/src/content/docs/terraform/tutorial/configure-https-settings.mdx b/src/content/docs/terraform/tutorial/configure-https-settings.mdx
@@ -8,10 +8,14 @@ head:
     content: Configure HTTPS settings
 ---
 
+import { Render } from "~/components";
+
 After proxying a basic website through Cloudflare, you can use Terraform to adjust zone settings. In this tutorial, you will configure some optional HTTPS settings and then push the updated configuration to GitHub for posterity.
 
 You will use a new Git branch for the changes and then merge it into the `master` branch before applying. On a team, you might consider using this step as an opportunity for others to review your change before merging and deploying it. You can also integrate Terraform into your CI/CD system to perform tests automatically using another Cloudflare domain.
 
+<Render file="v4-code-snippets" />
+
 ## 1. Create a new branch and append the new zone settings
 
 In this step, modify the Terraform configuration to enable the following settings:
diff --git a/src/content/docs/terraform/tutorial/initialize-terraform.mdx b/src/content/docs/terraform/tutorial/initialize-terraform.mdx
@@ -8,10 +8,14 @@ head:
     content: Introduction to Terraform init
 ---
 
+import { Render } from "~/components";
+
 This tutorial shows you how to get started with Terraform. The tutorial uses an example scenario where you have a web server for your domain, accessible on `203.0.113.10`, and you just signed up your domain (`example.com`) on Cloudflare to manage everything in Terraform.
 
 Before you begin, ensure you have [installed Terraform](/terraform/installing/). You will also need to [create an API Token](/fundamentals/api/get-started/create-token/) with permissions to edit resources for this tutorial.
 
+<Render file="v4-code-snippets" />
+
 ## 1. Define your first Terraform config file
 
 Create an initial Terraform config file, filling in your own values for the [API token](/fundamentals/api/get-started/create-token/), [zone ID](/fundamentals/setup/find-account-and-zone-ids/), [account ID](/fundamentals/setup/find-account-and-zone-ids/), and [domain](/fundamentals/setup/manage-domains/add-site/).
diff --git a/src/content/docs/terraform/tutorial/revert-configuration.mdx b/src/content/docs/terraform/tutorial/revert-configuration.mdx
@@ -8,10 +8,14 @@ head:
     content: Revert configuration
 ---
 
+import { Render } from "~/components";
+
 Sometimes, you may have to roll back configuration changes. For example, you might want to run performance tests on a new configuration or maybe you mistyped an IP address and brought your entire site down.
 
 To revert your configuration, check out the desired branch and ask Terraform to move your Cloudflare settings back in time. If you accidentally brought your site down, consider establishing a good strategy for peer reviewing pull requests rather than merging directly to `master` as done in the tutorials for brevity.
 
+<Render file="v4-code-snippets" />
+
 ## 1. Review your configuration history
 
 Before determining how far back to revert, review the versioned history:
diff --git a/src/content/docs/terraform/tutorial/track-history.mdx b/src/content/docs/terraform/tutorial/track-history.mdx
@@ -8,6 +8,8 @@ head:
     content: Track your history
 ---
 
+import { Render } from "~/components";
+
 In the [Initialize Terraform](/terraform/tutorial/initialize-terraform/) tutorial, you created and applied some basic Cloudflare configuration. Terraform applied this configuration to your zone because you provided your API token at the top of the `cloudflare.tf` file that has access to this zone.
 
 ```sh
@@ -19,6 +21,8 @@ provider "cloudflare" {
 
 In this tutorial, you will store your configuration in GitHub where it can be tracked, peer-reviewed, and rolled back to as needed. First, you will remove your credentials from the Terraform config file to prevent committing them to a repository.
 
+<Render file="v4-code-snippets" />:
+
 ## 1. Use environment variables for authentication
 
 As a good security practice, remove your Cloudflare credentials from anything that will be committed to a repository. The Cloudflare Terraform provider supports reading the credentials (and other configuration) [from environment variables](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs#schema), as in the following example:
diff --git a/src/content/docs/terraform/tutorial/use-load-balancing.mdx b/src/content/docs/terraform/tutorial/use-load-balancing.mdx
@@ -8,8 +8,12 @@ head:
     content: Improve performance and reliability
 ---
 
+import { Render } from "~/components";
+
 In this tutorial, you will add a second origin for some basic round robining, and then use the [Cloudflare Load Balancing](/load-balancing/) product to fail traffic over as needed. You will also enhance your load balancing configuration through the use of "geo steering" to serve results from an origin server that is geographically closest to your end users.
 
+<Render file="v4-code-snippets" />
+
 ## 1. Add another DNS record for `www`
 
 To get started, add a DNS record for a second web server, located in Asia. The IP address for this server is `198.51.100.15`.
diff --git a/src/content/partials/terraform/v4-code-snippets.mdx b/src/content/partials/terraform/v4-code-snippets.mdx
@@ -0,0 +1,8 @@
+---
+{}
+
+---
+
+:::note
+Terraform code snippets below refer to the v4 SDK only.
+:::
