From fa512e3621f7adf675844317c7f08bd048a526e2 Mon Sep 17 00:00:00 2001 From: Philip Skinner Date: Fri, 22 Nov 2024 10:41:23 +0000 Subject: [PATCH] According to the documentation the enabled flag must be set to null (or nil) in order for the association to be destroyed. Setting this to false keeps the association in a disabled state instead of destroying the resource. Documentation on this API endpoint can be found here: https://developers.cloudflare.com/api/operations/per-hostname-authenticated-origin-pull-enable-or-disable-a-hostname-for-client-authentication Referencing issue raised on provider: https://github.com/cloudflare/terraform-provider-cloudflare/issues/4648 --- .changelog/4649.txt | 3 +++ .../resource_cloudflare_authenticated_origin_pulls.go | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 .changelog/4649.txt diff --git a/.changelog/4649.txt b/.changelog/4649.txt new file mode 100644 index 0000000000..ca3f4f6e58 --- /dev/null +++ b/.changelog/4649.txt @@ -0,0 +1,3 @@ +```release-note:bug +resource/cloudflare_authenticated_origin_pulls: Fix issue where resources are disabled instead of being destroyed on `tf destroy` +``` diff --git a/internal/sdkv2provider/resource_cloudflare_authenticated_origin_pulls.go b/internal/sdkv2provider/resource_cloudflare_authenticated_origin_pulls.go index 5adc00ed8e..b969ec9dbc 100644 --- a/internal/sdkv2provider/resource_cloudflare_authenticated_origin_pulls.go +++ b/internal/sdkv2provider/resource_cloudflare_authenticated_origin_pulls.go @@ -123,7 +123,7 @@ func resourceCloudflareAuthenticatedOriginPullsDelete(ctx context.Context, d *sc conf := []cloudflare.PerHostnameAuthenticatedOriginPullsConfig{{ CertID: aopCert, Hostname: hostname, - Enabled: false, + Enabled: nil, }} _, err := client.EditPerHostnameAuthenticatedOriginPullsConfig(ctx, zoneID, conf) if err != nil {