v2.21.0

• New resource: cloudflare_device_posture_rule (#1058)
• New resource: cloudflare_teams_list (#1058)

Improvements

• provider: Update to terraform-plugin-sdk v1.17.1 (#1035, #1043)
• resource/cloudflare_logpush_job: Allow ownership_challenge to be optional to account for Datadog, Splunk or S3-Compatible endpoints (#1048)
• resource/cloudflare_access_group: Add support for login_method (#1066)
• resource/cloudflare_load_balancer: Add support for promixity based steering (#1072)
• resource/cloudflare_access_application: Prevent bad CORS configuration when credentials and all origins are permitted (#1073)
• resource/cloudflare_access_service_tokens: Allow configuration to manage automatic renewal when the threshold is crossed and Terraform operations are performed within the window (#1057)
• resource/cloudflare_load_balancer_pool: Allow support for Host header settings (#1042)

Fixes

• resource/cloudflare_access_policy: Allow empty slices in blocks when building policies (#1034)
• resource/cloudflare_load_balancer: Fix override attributes pop_pools and region_pools referencing incorrect values causing a panic (#1039)

v2.20.0

New resource: cloudflare_access_ca_certificate (#995)

Improvements

• resource/cloudflare_access_application: Improve documentation for Import usage (#1002)
• resource/cloudflare_logpush_job: Update documentation to reflect requirements for destination_conf to match across all uses (#1024)
• resource/cloudflare_custom_hostname_fallback: Better handle service lag when updating existing resources by attempting retries (#1014)
• resource/cloudflare_waf_group: Simplify error handling using inbuilt helpers (#1015)
• resource/cloudflare_waf_rule: Simplify error handling using inbuilt helpers (#1015)
• resource/cloudflare_waf_package: Simplify error handling using inbuilt helpers (#1015)
• resource/cloudflare_access_group: Add support for login_method (#1018)
• provider: Update to cloudflare-go v0.16.0 (#1018)
• provider: Update to terraform-plugin-sdk v1.16.1 (#1003)
• resource/cloudflare_load_balancer: Add support for rules (#1016)

v2.19.2

Fixes

• resource/cloudflare_record: Address regression from 2.19.1 by checking the API response instead of the schema output for Priority (#992)

v2.19.1

Fixes

• resource/cloudflare_record: Update Priority handling for MX parked records (#986)

v2.19.0

Fixes

• resource/cloudflare_access_group: Fix crash when constructing a GSuite group (#940)
• resource/cloudflare_access_policy: Make precedence required (#941)
• resource/cloudflare_access_group: Fix crash when constructing a SAML group (#948)
• resource/cloudflare_zone: Update Retry logic to look at an available field for passing conditions (#973)
• resource/cloudflare_page_rule: Allow ignoring/including all query string parameters for cache_key_fields (#975)

Improvements

• resource/cloudflare_access_policy: Enable zone and account level resources to be imported (#956)
• resource/cloudflare_origin_ca_certificate: Smoother import process with less recreation (#955)
• provider: Update internals to match cloudflare-go 0.14 for better error handling and context aware methods (#976)

v2.18.0

• New Resource: cloudflare_argo_tunnel (#905)
• New Resource: cloudflare_worker_cron_trigger (#926)

Fixes

• datasource/cloudflare_zones: Pagination is now correctly handled internally and will return more than the single page of results (cloudflare/cloudflare-go#534).
• resource/cloudflare_access_policy: Correctly handle transforming API responses to schema (#917)
• resource/cloudflare_access_group: Correctly handle transforming API responses to schema (#918)
• resource/cloudflare_ip_list: Ensure account ID is persisted during Import (#916)

Improvements

• resource/cloudflare_access_application: Allow any session_duration that is time.ParseDuration compatible (#910)
• resource/cloudflare_rate_limit: Add the ability to configure match.response.headers in rate limits (#911)
• resource/cloudflare_access_rule: Validate IP masks within schema (#921)

v2.17.0

New Resource: cloudflare_magic_firewall_ruleset (#884)

Fixes

• resource/cloudfare_api_token: Omitting conditions will no longer send empty arrays causing IP restriction issues and unusable tokens (#902)

v2.16.0

Improvements

• resource/cloudflare_access_application: Add support for custom_deny_message and custom_deny_url values (#895)
• resource/cloudflare_load_balancer_monitor: Add support for probe_zone for monitors (#903)

v2.15.0

Improvements

• resource/cloudflare_load_balancer: Add support for session_affinity_ttl (#882)
• resource/cloudflare_load_balancer: Add support for session_affinity_attributes (#883)

Fixes

• resource/cloudflare_page_rule: Fixed crash during update when using custom cache key (#894)

v2.14.0

• New Resource: cloudflare_api_token (#862)
• New Datasource: cloudflare_api_token_permission_groups (#862)
• New Resource: cloudflare_zone_dnssec (#852)
• New Datasource: cloudflare_zone_dnssec (#852)

Improvements

• resource/cloudflare_record: Add explicit fields for CAA records instead of relying on the map value (#866)
• resource/cloudflare_account_member: Swap schema role_ids to TypeSet to better handle internal ordering changes (#876)

Fixes

• datasource/cloudflare_waf_groups: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
• datasource/cloudflare_waf_packages: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
• datasource/cloudflare_waf_rules: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)
• datasource/cloudflare_zones: Make d.Id() a consistent string value to prevent Terraform thinking it requires an update (#869)