Skip to content

Commit 38eddbd

Browse files
tamas-jozsatamas-jozsa
authored
feat(zero_trust_access_mtls_certificate): v4 to v5 migration (#79)
* feat(zero_trust_access_mtls_certificate): v4 to v5 migration * fix(zero_trust_access_policy): fix v4 to v5 migrator
1 parent eff2c0b commit 38eddbd

File tree

15 files changed

+2377
-6
lines changed

15 files changed

+2377
-6
lines changed

integration/v4_to_v5/testdata/zero_trust_access_mtls_certificate/expected/terraform.tfstate

Lines changed: 271 additions & 0 deletions
Large diffs are not rendered by default.

integration/v4_to_v5/testdata/zero_trust_access_mtls_certificate/expected/terraform_e2e.tfstate

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
{
2+
"version": 4,
3+
"terraform_version": "1.5.0",
4+
"serial": 1,
5+
"lineage": "test-zero-trust-access-mtls-certificate-e2e-lineage",
6+
"outputs": {},
7+
"resources": [
8+
{
9+
"mode": "managed",
10+
"type": "cloudflare_zero_trust_access_mtls_certificate",
11+
"name": "e2e_basic",
12+
"provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
13+
"instances": [
14+
{
15+
"attributes": {
16+
"id": "e2e-cert-basic-id",
17+
"account_id": "f037e56e89293a057740de681ac9abbe",
18+
"name": "cftftest-e2e-basic",
19+
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDvTCCAqWgAwIBAgIEaUWyljANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJV\nUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoT\nEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRlc3QuZXhh\nbXBsZS5jb20wHhcNMjUxMjE5MjAxNjIyWhcNMjYxMjE5MjAxNjIyWjB0MQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAX\nBgNVBAoTEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRl\nc3QuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF\nMxiaTyz/XpDiUdF07ObHkTQIlYjAW7phHnSzznvEWl2Tn3J77lNl7XQVeoPyIXDn\ns1j93wj4Tf7UrgarBWxmDWD2nfgE6hROVhuYWhmNnNFqPIAV31KJZt4scE3sq1M+\ndVttBTu5ItShdntt7QrE2E51lQobJME6yHIlaOQLiAaJTmsTR3ziNnSlR3y+/MDY\nSqvLKEQYkLx5Y3GE2D34knWkgjDy7TL6N1bXutu/7clLRGUXsIpqVgv8VT2tkYzD\nKsmRTO3S4tZlAXNjY40j4Y1zVfjDN9soiS5u0wLbNQq0hJF4p8FEZqiQTUR7gwDf\nXwKjc3c2j9DoWdAOAK+HAgMBAAGjVzBVMA4GA1UdDwEB/wQEAwICpDATBgNVHSUE\nDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRo5vWci6AQ\nstsJGT/PyNfUglwsrzANBgkqhkiG9w0BAQsFAAOCAQEAfRid4vB6DhxkAdNMGn0I\naVpe1IP0cnsfrI4f8yShbwa7syEfpGbsdPmePmUnoTnXW/SZZ86ndT7uzYa2WIyE\nPTQkcyScRVTGyU+Ze0T4S+tFm10QvjL7NmQrlKX/fDqho5RX+yP5li+adgBClowo\njIYvMgrg2SBKuLCR/JEragdGNBZTOkXT7vxA4ldzH70iBZLr/ODHVCFfCI+7mlaV\n9jlPBN58LSZypTWBNraO1849fuYKVEGMafDVuFUGWwQQXE0zzUHyd1mNBQ/aRBmI\nULHVVSsA1PCbJ0Iq+Cnserb2j6EgZQqSlGo1D5mMPflWffjQQpgpbaq9xfNRt7gI\nAg==\n-----END CERTIFICATE-----",
20+
"associated_hostnames": [
21+
"e2e-basic.cf-tf-test.com"
22+
],
23+
"fingerprint": "e2e-fingerprint-1",
24+
"zone_id": null
25+
}
26+
}
27+
]
28+
},
29+
{
30+
"mode": "managed",
31+
"type": "cloudflare_zero_trust_access_mtls_certificate",
32+
"name": "e2e_zone",
33+
"provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
34+
"instances": [
35+
{
36+
"attributes": {
37+
"id": "e2e-cert-zone-id",
38+
"zone_id": "0da42c8d2132a9ddaf714f9e7c920711",
39+
"name": "cftftest-e2e-zone",
40+
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDvTCCAqWgAwIBAgIEaUWylzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJV\nUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoT\nEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRlc3QuZXhh\nbXBsZS5jb20wHhcNMjUxMjE5MjAxNjIzWhcNMjYxMjE5MjAxNjIzWjB0MQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAX\nBgNVBAoTEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRl\nc3QuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs\n7VjWTxDB3qTrgAUFZ9lkI4jueQs4rO/spuRYrDqWjNXregux24YI6q4AbAG6m92Y\nIIX7JzjHebHjX9RrxvkF6crhu0X5QrCgTgpZtfywBmURSPFq8VCGH0mQmsQFQW9K\nXPX7056uoVsFCmXR8raF8pqg1XHtnmDKq5Dzj6HLwBzZR+oD3PG9tsQCITRloIGK\n6cf5ndqv9AjdrqDOqWcIcAg9eD/G6eMzYqLNi/U8bY1BCqugqy8zlxyh9vVhGew1\n0DxejH53QiHgdsRwJXo9Z2NO2laCLz+Pnoz+bGUY2UuwCL3e0poJ6+GHabEAhbYB\nUj+dgQIjbJLUFJXy5sSDAgMBAAGjVzBVMA4GA1UdDwEB/wQEAwICpDATBgNVHSUE\nDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS8QTh7p+OK\n0nz36FgxG1kjP2EKiDANBgkqhkiG9w0BAQsFAAOCAQEARAYVxpQtovXiptpEjaV3\nF+lzdXCqV5lwZbkpdbdlys/KhKiBT9uVIJR1RUFdqB2jXPfeQy+MQkqvQyc0veM1\nSa4lyiN7vmRwnqMN9A0ZZnlN6JHZ93pFZ4ZvyBr4v4mkmHQLemYXHzaTohBPdE12\np/8Ck/T8mtcIYFxFjZC6xTdzt1EECllGYB0vZ1EFvceY+0Gevqy3ha8iB0c5KR1X\n/llZVVCZN5vtOSwxnmxlct0OE7FNLuliijooXHqzVjCXxX7qpts5a6qJ8gg0RNoh\nIIh3Hm55M4F2vvDlzAlOGxv6i2l1RvCXnlB7Jps2uphkfsO2xFv5YFKkaChYELLq\nlg==\n-----END CERTIFICATE-----",
41+
"associated_hostnames": [
42+
"e2e-zone.cf-tf-test.com"
43+
],
44+
"fingerprint": "e2e-fingerprint-2",
45+
"account_id": null
46+
}
47+
}
48+
]
49+
},
50+
{
51+
"mode": "managed",
52+
"type": "cloudflare_zero_trust_access_mtls_certificate",
53+
"name": "e2e_foreach",
54+
"provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
55+
"instances": [
56+
{
57+
"index_key": "env1",
58+
"attributes": {
59+
"id": "e2e-cert-foreach-env1-id",
60+
"account_id": "f037e56e89293a057740de681ac9abbe",
61+
"name": "cftftest-e2e-foreach-env1",
62+
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDvTCCAqWgAwIBAgIEaUWymDANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJV\nUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoT\nEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRlc3QuZXhh\nbXBsZS5jb20wHhcNMjUxMjE5MjAxNjI0WhcNMjYxMjE5MjAxNjI0WjB0MQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAX\nBgNVBAoTEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRl\nc3QuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG\n3n+ATbARsi34DniDSKyX+UyqE8SaaSvbhAjdtzpzkbLMmWnKXtAGQsJUj+sXr+qq\nvlirL1BX5Wl1TCnV3+M5LJbFSdspfs0xjGmduNmHiXw+BGq1Kn5Q3RUpgrH0j08M\nWWBon2r+R5wLYEFWh7H2/+diSbGGRSGcayop8Dx4YpddaIHN91b+nbU9UUvOVKwH\nhJr+uDrupQW9GqcXfQNJcq4Hj3THtH8Gmlo9UT8lDLCd0ZNK/8UsF1OTBvHd4u6a\n0L2jVRyxP9UVW2lxd6K19Lp5VOdQAMiBGcB6kKZQLMizLxgCZ3fR7m6VJrivjBBr\nPIyeZcw0UzftCZyBQFmDAgMBAAGjVzBVMA4GA1UdDwEB/wQEAwICpDATBgNVHSUE\nDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBREqIZCU4NC\nrf6JGwrVlJS5AJLBZTANBgkqhkiG9w0BAQsFAAOCAQEAe4pT7qla+kcKnHT4DYyd\nv0ifzQJhtTxNgS8Y7kFrC0/OAWIeYt/9lplwCZzl+X9ep7iIfZ3t+PlypBktb7gu\nqnQaQxbi7UdgY0sJpepvilV08tA59o2pXMVWm0VIpGFYbDC5oTeSnp4riaQAPlUl\n2FOVWGgpvG54KrEwrb6ha6gWuHpNESpsOR4iIj2LgSStGUbxZ2tYz4lkk5ZdOrlX\nIGK2ayvoffXWLvSvFt6TAwhh8fjtp4QGtk3uPf2VoLO3PWjre3lP0MvsGrK32tYO\nrvi1xUmOwefZCE4cEt9jFR2n/5Z7Ml7Q3upuAdfcJoKN2v2ZnxujiiWVE/Irz//T\nEw==\n-----END CERTIFICATE-----",
63+
"associated_hostnames": [
64+
"env1.cf-tf-test.com"
65+
],
66+
"fingerprint": "e2e-fingerprint-3",
67+
"zone_id": null
68+
}
69+
}
70+
]
71+
}
72+
]
73+
}

integration/v4_to_v5/testdata/zero_trust_access_mtls_certificate/expected/zero_trust_access_mtls_certificate.tf

Lines changed: 306 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,306 @@
1+
# Comprehensive Integration Tests for zero_trust_access_mtls_certificate
2+
# This file tests v4 to v5 migration with all Terraform patterns
3+
4+
# Variables for DRY configuration
5+
variable "cloudflare_account_id" {
6+
type = string
7+
default = "f037e56e89293a057740de681ac9abbe"
8+
}
9+
10+
variable "cloudflare_zone_id" {
11+
type = string
12+
default = "0da42c8d2132a9ddaf714f9e7c920711"
13+
}
14+
15+
# Locals for naming consistency
16+
locals {
17+
name_prefix = "cftftest"
18+
test_cert = "-----BEGIN CERTIFICATE-----\nMIIDvTCCAqWgAwIBAgIEaUWrAzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJV\nUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoT\nEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRlc3QuZXhh\nbXBsZS5jb20wHhcNMjUxMjE5MTk0NDAzWhcNMjYxMjE5MTk0NDAzWjB0MQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAX\nBgNVBAoTEFRlc3QtSW50ZWdyYXRpb24xJTAjBgNVBAMTHGludGVncmF0aW9uLXRl\nc3QuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa\ndyRoc6ALweI82g5JaoXsaPAnTve5VlL1iFE1Pa6qiJFhVMT+n5+Jr2LaHrcegme6\nBxZOeGDTSaxNRLMYcaozyHoEjwqOs3TGq+wp9ifB5F0eQQpkflEi6XU7rGYaZ8d7\nyaqr55avCQl215tNoZTlFo11g9NhT1EdsAMVKzS3cpPLmNV7/p6GJywuOOmb+uQN\nYC0hT+YKUz4XusIaseGW3zJ6piF4sRvZsFpLqcKLeXvwJkI+MPJOhtuEeEXVUBeZ\n2EUI5aonLkTxnW1wIf43wqB8xwMy7KbuLI+Z2blQeqYgPiCc5AznUEpL50Ktwn/1\nPNA5AxZUGGxrKL7zBi6/AgMBAAGjVzBVMA4GA1UdDwEB/wQEAwICpDATBgNVHSUE\nDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQTeUKqmzM8\nxWP9aa9Mm9C3LiqP7zANBgkqhkiG9w0BAQsFAAOCAQEA0qks6Gjv927SbcC5lJcI\nZqA/S77uB+/7dBv96ILT0s6FWWQ2FaCgf8fsGmG3SLzqRrKRo8FD5D2Hwr8P5r8b\nlbquFs/2LvQ3c6xnjaO4HyhzWJTNL1Zamxjr57TKpPF/2OyEPb7UPIyiiC7XmD1G\nqQRCgFaYHlcOXASE7PN/bHyg6aOWW3kyGJ1lP6HvpVOMC7+jQA5a/RB3ImsUKctD\n2x4RufuaDGiNAi2Taz7WzMYPA27dAQGT/W2ghbXpJ8DyPAg8ezCxFVlZ1GhBGcKF\nz1xxE+EquZ1beVurcP4LGGVq5knDBIFdRYFjzZxKtJJXj/cBKvwckeJuRioL/0ns\nZA==\n-----END CERTIFICATE-----"
19+
20+
# Certificate names for different environments
21+
cert_names = {
22+
prod = "${local.name_prefix}-prod-cert"
23+
staging = "${local.name_prefix}-staging-cert"
24+
dev = "${local.name_prefix}-dev-cert"
25+
}
26+
27+
# Hostnames for different applications
28+
app_hostnames = toset([
29+
"app1.cf-tf-test.com",
30+
"app2.cf-tf-test.com",
31+
"api.cf-tf-test.com"
32+
])
33+
}
34+
35+
##########################
36+
# 1. BASIC RESOURCES
37+
##########################
38+
39+
# Basic certificate with account_id and all fields
40+
resource "cloudflare_zero_trust_access_mtls_certificate" "basic_account" {
41+
account_id = var.cloudflare_account_id
42+
name = "${local.name_prefix}-basic-account"
43+
certificate = local.test_cert
44+
associated_hostnames = [
45+
"basic.cf-tf-test.com",
46+
"www.basic.cf-tf-test.com"
47+
]
48+
}
49+
50+
# Basic certificate with zone_id
51+
resource "cloudflare_zero_trust_access_mtls_certificate" "basic_zone" {
52+
zone_id = var.cloudflare_zone_id
53+
name = "${local.name_prefix}-basic-zone"
54+
certificate = local.test_cert
55+
associated_hostnames = [
56+
"zone.cf-tf-test.com"
57+
]
58+
}
59+
60+
# Minimal certificate - only required fields
61+
resource "cloudflare_zero_trust_access_mtls_certificate" "minimal" {
62+
account_id = var.cloudflare_account_id
63+
name = "${local.name_prefix}-minimal"
64+
certificate = local.test_cert
65+
}
66+
67+
# Certificate with empty associated_hostnames
68+
resource "cloudflare_zero_trust_access_mtls_certificate" "empty_hostnames" {
69+
account_id = var.cloudflare_account_id
70+
name = "${local.name_prefix}-empty-hostnames"
71+
certificate = local.test_cert
72+
associated_hostnames = []
73+
}
74+
75+
# Certificate with single hostname
76+
resource "cloudflare_zero_trust_access_mtls_certificate" "single_hostname" {
77+
account_id = var.cloudflare_account_id
78+
name = "${local.name_prefix}-single"
79+
certificate = local.test_cert
80+
associated_hostnames = ["single.cf-tf-test.com"]
81+
}
82+
83+
# Certificate with many hostnames
84+
resource "cloudflare_zero_trust_access_mtls_certificate" "many_hostnames" {
85+
account_id = var.cloudflare_account_id
86+
name = "${local.name_prefix}-many-hostnames"
87+
certificate = local.test_cert
88+
associated_hostnames = [
89+
"host1.cf-tf-test.com",
90+
"host2.cf-tf-test.com",
91+
"host3.cf-tf-test.com",
92+
"host4.cf-tf-test.com",
93+
"host5.cf-tf-test.com"
94+
]
95+
}
96+
97+
##########################
98+
# 2. FOR_EACH PATTERNS
99+
##########################
100+
101+
# for_each with map - different environments
102+
resource "cloudflare_zero_trust_access_mtls_certificate" "environments" {
103+
for_each = local.cert_names
104+
105+
account_id = var.cloudflare_account_id
106+
name = each.value
107+
certificate = local.test_cert
108+
associated_hostnames = ["${each.key}.cf-tf-test.com"]
109+
}
110+
111+
# for_each with set - application hostnames
112+
resource "cloudflare_zero_trust_access_mtls_certificate" "apps" {
113+
for_each = local.app_hostnames
114+
115+
account_id = var.cloudflare_account_id
116+
name = "${local.name_prefix}-${replace(each.value, ".", "-")}"
117+
certificate = local.test_cert
118+
associated_hostnames = [each.value]
119+
}
120+
121+
# for_each with explicit map
122+
resource "cloudflare_zero_trust_access_mtls_certificate" "regions" {
123+
for_each = {
124+
us-east = "us-east-1"
125+
us-west = "us-west-2"
126+
eu = "eu-central-1"
127+
}
128+
129+
account_id = var.cloudflare_account_id
130+
name = "${local.name_prefix}-region-${each.key}"
131+
certificate = local.test_cert
132+
associated_hostnames = ["${each.value}.cf-tf-test.com"]
133+
}
134+
135+
##########################
136+
# 3. COUNT PATTERN
137+
##########################
138+
139+
# count-based resources
140+
resource "cloudflare_zero_trust_access_mtls_certificate" "counted" {
141+
count = 3
142+
143+
account_id = var.cloudflare_account_id
144+
name = "${local.name_prefix}-counted-${count.index}"
145+
certificate = local.test_cert
146+
associated_hostnames = [
147+
"counted-${count.index}.cf-tf-test.com"
148+
]
149+
}
150+
151+
##########################
152+
# 4. CONDITIONAL RESOURCES
153+
##########################
154+
155+
variable "enable_backup_cert" {
156+
type = bool
157+
default = true
158+
}
159+
160+
# Conditional resource using count
161+
resource "cloudflare_zero_trust_access_mtls_certificate" "conditional" {
162+
count = var.enable_backup_cert ? 1 : 0
163+
164+
account_id = var.cloudflare_account_id
165+
name = "${local.name_prefix}-conditional"
166+
certificate = local.test_cert
167+
associated_hostnames = ["conditional.cf-tf-test.com"]
168+
}
169+
170+
##########################
171+
# 5. VARIABLE REFERENCES
172+
##########################
173+
174+
# Using variables for all values
175+
resource "cloudflare_zero_trust_access_mtls_certificate" "variable_ref" {
176+
account_id = var.cloudflare_account_id
177+
name = "${local.name_prefix}-variable-ref"
178+
certificate = local.test_cert
179+
associated_hostnames = ["${local.name_prefix}.cf-tf-test.com"]
180+
}
181+
182+
##########################
183+
# 6. TERRAFORM FUNCTIONS
184+
##########################
185+
186+
# Using join() function
187+
resource "cloudflare_zero_trust_access_mtls_certificate" "with_join" {
188+
account_id = var.cloudflare_account_id
189+
name = join("-", [local.name_prefix, "joined", "cert"])
190+
certificate = local.test_cert
191+
associated_hostnames = [
192+
join(".", ["subdomain", "cf-tf-test", "com"])
193+
]
194+
}
195+
196+
# Using format() function
197+
resource "cloudflare_zero_trust_access_mtls_certificate" "with_format" {
198+
account_id = var.cloudflare_account_id
199+
name = format("%s-formatted-%02d", local.name_prefix, 1)
200+
certificate = local.test_cert
201+
associated_hostnames = [format("app%02d.cf-tf-test.com", 1)]
202+
}
203+
204+
##########################
205+
# 7. CROSS-RESOURCE REFERENCES
206+
##########################
207+
208+
# These would reference other resources in real scenarios
209+
# For integration tests, we use hardcoded values
210+
resource "cloudflare_zero_trust_access_mtls_certificate" "app_cert" {
211+
account_id = var.cloudflare_account_id
212+
name = "${local.name_prefix}-app-cert"
213+
certificate = local.test_cert
214+
associated_hostnames = ["app.cf-tf-test.com", "api.cf-tf-test.com"]
215+
}
216+
217+
resource "cloudflare_zero_trust_access_mtls_certificate" "backend_cert" {
218+
account_id = var.cloudflare_account_id
219+
name = "${local.name_prefix}-backend-cert"
220+
certificate = local.test_cert
221+
# Reference the same hostnames as app_cert would in real scenario
222+
associated_hostnames = ["backend.cf-tf-test.com"]
223+
}
224+
225+
##########################
226+
# 8. EDGE CASES
227+
##########################
228+
229+
# Very long certificate name
230+
resource "cloudflare_zero_trust_access_mtls_certificate" "long_name" {
231+
account_id = var.cloudflare_account_id
232+
name = "${local.name_prefix}-very-long-descriptive-certificate-name-for-testing-limits"
233+
certificate = local.test_cert
234+
}
235+
236+
# Special characters in name
237+
resource "cloudflare_zero_trust_access_mtls_certificate" "special_chars" {
238+
account_id = var.cloudflare_account_id
239+
name = "${local.name_prefix}-cert_with-special.chars"
240+
certificate = local.test_cert
241+
associated_hostnames = ["special-chars.cf-tf-test.com"]
242+
}
243+
244+
# Using zone_id for variety
245+
resource "cloudflare_zero_trust_access_mtls_certificate" "zone_scoped" {
246+
zone_id = var.cloudflare_zone_id
247+
name = "${local.name_prefix}-zone-scoped"
248+
certificate = local.test_cert
249+
associated_hostnames = ["zone-scoped.cf-tf-test.com"]
250+
}
251+
252+
##########################
253+
# 9. LIFECYCLE META-ARGUMENTS
254+
##########################
255+
256+
# Certificate with create_before_destroy
257+
resource "cloudflare_zero_trust_access_mtls_certificate" "with_lifecycle" {
258+
account_id = var.cloudflare_account_id
259+
name = "${local.name_prefix}-lifecycle"
260+
certificate = local.test_cert
261+
262+
lifecycle {
263+
create_before_destroy = true
264+
}
265+
}
266+
267+
# Certificate with ignore_changes
268+
resource "cloudflare_zero_trust_access_mtls_certificate" "ignore_changes" {
269+
account_id = var.cloudflare_account_id
270+
name = "${local.name_prefix}-ignore-changes"
271+
certificate = local.test_cert
272+
associated_hostnames = ["ignore.cf-tf-test.com"]
273+
274+
lifecycle {
275+
ignore_changes = [associated_hostnames]
276+
}
277+
}
278+
279+
##########################
280+
# 10. DEPENDS_ON
281+
##########################
282+
283+
# Certificate with explicit dependency
284+
resource "cloudflare_zero_trust_access_mtls_certificate" "dependent" {
285+
account_id = var.cloudflare_account_id
286+
name = "${local.name_prefix}-dependent"
287+
certificate = local.test_cert
288+
associated_hostnames = ["dependent.cf-tf-test.com"]
289+
290+
depends_on = [
291+
cloudflare_zero_trust_access_mtls_certificate.basic_account
292+
]
293+
}
294+
295+
# Summary: This file contains 30+ resource instances covering:
296+
# - Basic configurations (6 resources)
297+
# - for_each patterns with maps and sets (9 resources)
298+
# - count patterns (3 resources)
299+
# - Conditional resources (1 resource)
300+
# - Variable references (1 resource)
301+
# - Terraform functions (2 resources)
302+
# - Cross-resource references (2 resources)
303+
# - Edge cases (3 resources)
304+
# - Lifecycle meta-arguments (2 resources)
305+
# - Dependencies (1 resource)
306+
# Total: 30 resource instances

0 commit comments

Comments
 (0)