Feature Request: Support cloudflare_secrets_store and cloudflare_secrets_store_secret resource types

[trafgals]

Summary

The Cloudflare Terraform provider should support cloudflare_secrets_store and cloudflare_secrets_store_secret resource types to allow managing Secrets Store resources via Terraform, similar to how cloudflare_workers_secret worked before it was removed in v5.

Use Case

Managing worker secrets via Terraform for CI/CD pipelines. Currently, teams must use the Workers Secrets API directly (via wrangler or curl) or use secret_text bindings on cloudflare_workers_script, but this doesn't provide a centralized secrets management approach.

Example Configuration (Currently Not Working)

resource "cloudflare_secrets_store" "worker" {
  name = "my-app-secrets-\${terraform.workspace}"
}

resource "cloudflare_secrets_store_secret" "api_key" {
  store_id    = cloudflare_secrets_store.worker.id
  secret_name = "API_KEY"
  secret_text = var.api_key
}

This results in error: The provider cloudflare/cloudflare does not support resource type "cloudflare_secrets_store".

Expected Behavior

Terraform should be able to:

1. Create a Secrets Store (POST /accounts/{account_id}/secrets_stores)
2. Add secrets to the store (PUT /accounts/{account_id}/secrets_stores/{name}/secrets/{secret_name})
3. Support bindings via cloudflare_workers_script resource with secrets_store_secret binding type

References

• Cloudflare Secrets Store Beta: https://blog.cloudflare.com/secrets-store-beta/
• Workers Secrets API: https://developers.cloudflare.com/api/resources/workers/subresources/scripts/subresources/secrets/
• Migration guide mentioning Secrets Store as replacement for cloudflare_workers_secret: https://github.com/cloudflare/terraform-provider-cloudflare/blob/main/docs/guides/version-5-migration.md

Alternative Approaches Considered

1. Using wrangler secret put - Works but requires CI pipeline changes to call wrangler instead of using Terraform
2. Using secret_text bindings - Works but doesn't provide centralized secret management
3. Using Workers Secrets API directly - Works but requires custom scripting

The Terraform-native approach would be preferred for teams using Terraform as their IaC tool.

[KaydeeDee]

Thank you for submitting an issue! This issue has been flagged for an internal Cloudflare team to take a look. If this is urgently blocking your development or deployment, please open a support case so we can serve you faster.

[trafgals]

I created this issue and then found PR #6940 (#6940) which implements exactly what's needed. The implementation looks complete and addresses all three requirements:

1. Create a Secrets Store (cloudflare_secrets_store resource)
2. Add secrets to the store (cloudflare_secrets_store_secret resource)
3. Support bindings via cloudflare_workers_script with secrets_store_secret binding type

This PR would resolve this feature request. Is there anything I can do to help get it reviewed and merged?