cloudflare
diff --git a/‎integration/v4_to_v5/integration_test.go‎
Lines changed: 2 additions & 1 deletion b/‎integration/v4_to_v5/integration_test.go‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎integration/v4_to_v5/testdata/.DS_Store‎
8 KB b/‎integration/v4_to_v5/testdata/.DS_Store‎
8 KB
diff --git a/‎integration/v4_to_v5/testdata/zero_trust_access_policy/expected/terraform.tfstate‎
Lines changed: 257 additions & 0 deletions b/‎integration/v4_to_v5/testdata/zero_trust_access_policy/expected/terraform.tfstate‎
Lines changed: 257 additions & 0 deletions
@@ -25,8 +25,9 @@ import (
 	_ "github.com/cloudflare/tf-migrate/internal/resources/workers_kv_namespace"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/workers_script"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_access_group"
-	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_access_service_token"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_access_identity_provider"
+	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_access_policy"
+	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_access_service_token"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_dlp_custom_profile"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_gateway_policy"
 	_ "github.com/cloudflare/tf-migrate/internal/resources/zero_trust_list"
 
@@ -0,0 +1,257 @@
+{
+  "lineage": "test-zero-trust-access-policy-lineage",
+  "outputs": {},
+  "resources": [
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-minimal-id",
+            "name": "Minimal Policy",
+            "decision": "allow",
+            "include": [{"everyone": true}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "minimal",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-deprecated-id",
+            "name": "Policy with Deprecated Fields",
+            "decision": "allow",
+            "include": [{"everyone": true}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "with_deprecated_fields",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-email-id",
+            "name": "Email Array Expansion",
+            "decision": "allow",
+            "include": [{"email": ["alice@example.com", "bob@example.com"]}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "email_expansion",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-group-id",
+            "name": "Group Array Expansion",
+            "decision": "allow",
+            "include": [{"group": ["group-id-1", "group-id-2"]}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "group_expansion",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-mixed-id",
+            "name": "Mixed Conditions",
+            "decision": "allow",
+            "include": [{"everyone": true, "email": ["admin@example.com"], "group": ["admins"]}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "mixed_conditions",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-github-id",
+            "name": "GitHub Teams",
+            "decision": "allow",
+            "include": [{"github": [{"name": "my-org", "teams": ["engineering", "devops"], "identity_provider_id": "provider-123"}]}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "github_teams",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-exclude-id",
+            "name": "Exclude and Require",
+            "decision": "allow",
+            "include": [{"email": ["allowed@example.com"]}],
+            "exclude": [{"geo": ["CN", "RU"]}],
+            "require": [{"certificate": true}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "exclude_require",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-ip-id",
+            "name": "IP and Email Domain",
+            "decision": "allow",
+            "include": [{"ip": ["192.168.1.0/24", "10.0.0.0/8"], "email_domain": ["example.com", "company.org"]}],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "ip_email_domain",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-approval-id",
+            "name": "Policy with Approval Group",
+            "decision": "allow",
+            "include": [{"everyone": true}],
+            "approval_groups": [{
+              "approvals_needed": 2.0,
+              "email_addresses": ["manager@example.com", "director@example.com"]
+            }],
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "with_approval_group",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-ssh-id",
+            "name": "SSH Policy with Connection Rules",
+            "decision": "allow",
+            "include": [{"everyone": true}],
+            "connection_rules": {
+              "ssh": {
+                "usernames": ["admin", "deploy"],
+                "allow_email_alias": true
+              }
+            },
+            "session_duration": "24h"
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "with_connection_rules",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    },
+    {
+      "instances": [
+        {
+          "attributes": {
+            "account_id": "test-account-id",
+            "id": "policy-complex-id",
+            "name": "Complex Policy",
+            "decision": "allow",
+            "session_duration": "12h",
+            "include": [{
+              "everyone": true,
+              "email": ["user1@example.com", "user2@example.com"],
+              "group": ["group-1", "group-2"],
+              "github": [{
+                "name": "acme-corp",
+                "teams": ["platform", "security", "devops"],
+                "identity_provider_id": "idp-123"
+              }]
+            }],
+            "exclude": [{
+              "email_domain": ["competitor.com"],
+              "geo": ["CN"]
+            }],
+            "require": [{
+              "certificate": true,
+              "group": ["mfa-enabled"]
+            }],
+            "approval_groups": [{
+              "approvals_needed": 3.0,
+              "email_addresses": ["ceo@example.com", "cto@example.com"]
+            }],
+            "connection_rules": {
+              "ssh": {
+                "usernames": ["root", "admin"],
+                "allow_email_alias": true
+              }
+            }
+          },
+          "schema_version": 0
+        }
+      ],
+      "mode": "managed",
+      "name": "complex",
+      "provider": "provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
+      "type": "cloudflare_zero_trust_access_policy"
+    }
+  ],
+  "serial": 1,
+  "terraform_version": "1.5.0",
+  "version": 4
+}