Tokens

resource cloudflare_api_token

required Expand Collapse

Token name.

policies: List[Attributes]

List of access policies assigned to the token.

id: String

Policy identifier.

effect: String

Allow or deny operations against the resources.

permission_groups: List[Attributes]

A set of permission groups that are specified to the policy.

id: String

Identifier of the permission group.

meta?: Attributes

Attributes associated to the permission group.

key?: String

value?: String

Name of the permission group.

resources: Map[String]

A list of resource names that the policy applies to.

optional Expand Collapse

expires_on?: Time

The expiration time on or after which the JWT MUST NOT be accepted for processing.

not_before?: Time

The time before which the token MUST NOT be accepted for processing.

condition?: Attributes

request_ip?: Attributes

Client IP restrictions.

in?: List[String]

List of IPv4/IPv6 CIDR addresses.

not_in?: List[String]

List of IPv4/IPv6 CIDR addresses.

status?: String

Status of the token.

computed Expand Collapse

id: String

Token identifier tag.

issued_on: Time

The time on which the token was created.

last_used_on: Time

Last time the token was used.

modified_on: Time

Last time the token was modified.

value: String

The token value.

cloudflare_api_token

resource "cloudflare_api_token" "example_api_token" {
  name = "readonly token"
  policies = [{
    effect = "allow"
    permission_groups = [{
      id = "c8fed203ed3043cba015a93ad1616f1f"
      meta = {
        key = "key"
        value = "value"
      }
    }, {
      id = "82e64a83756745bbbb1c9c2701bf816b"
      meta = {
        key = "key"
        value = "value"
      }
    }]
    resources = {
      foo = "string"
    }
  }]
  condition = {
    request_ip = {
      in = ["123.123.123.0/24", "2606:4700::/32"]
      not_in = ["123.123.123.100/24", "2606:4700:4700::/48"]
    }
  }
  expires_on = "2020-01-01T00:00:00Z"
  not_before = "2018-07-01T05:20:00Z"
}

data cloudflare_api_token

optional Expand Collapse

token_id?: String

Token identifier tag.

filter?: Attributes

direction?: String

Direction to order results.

computed Expand Collapse

id: String

Token identifier tag.

expires_on: Time

The expiration time on or after which the JWT MUST NOT be accepted for processing.

issued_on: Time

The time on which the token was created.

last_used_on: Time

Last time the token was used.

modified_on: Time

Last time the token was modified.

Token name.

not_before: Time

The time before which the token MUST NOT be accepted for processing.

status: String

Status of the token.

condition: Attributes

request_ip: Attributes

Client IP restrictions.

in: List[String]

List of IPv4/IPv6 CIDR addresses.

not_in: List[String]

List of IPv4/IPv6 CIDR addresses.

policies: List[Attributes]

List of access policies assigned to the token.

id: String

Policy identifier.

effect: String

Allow or deny operations against the resources.

permission_groups: List[Attributes]

A set of permission groups that are specified to the policy.

id: String

Identifier of the permission group.

meta: Attributes

Attributes associated to the permission group.

key: String

value: String

Name of the permission group.

resources: Map[String]

A list of resource names that the policy applies to.

cloudflare_api_token

data "cloudflare_api_token" "example_api_token" {
  token_id = "ed17574386854bf78a67040be0a770b0"
}

data cloudflare_api_tokens

optional Expand Collapse

direction?: String

Direction to order results.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Token identifier tag.

condition: Attributes

request_ip: Attributes

Client IP restrictions.

in: List[String]

List of IPv4/IPv6 CIDR addresses.

not_in: List[String]

List of IPv4/IPv6 CIDR addresses.

expires_on: Time

The expiration time on or after which the JWT MUST NOT be accepted for processing.

issued_on: Time

The time on which the token was created.

last_used_on: Time

Last time the token was used.

modified_on: Time

Last time the token was modified.

Token name.

not_before: Time

The time before which the token MUST NOT be accepted for processing.

policies: List[Attributes]

List of access policies assigned to the token.

id: String

Policy identifier.

effect: String

Allow or deny operations against the resources.

permission_groups: List[Attributes]

A set of permission groups that are specified to the policy.

id: String

Identifier of the permission group.

meta: Attributes

Attributes associated to the permission group.

key: String

value: String

Name of the permission group.

resources: Map[String]

A list of resource names that the policy applies to.

status: String

Status of the token.

cloudflare_api_tokens

data "cloudflare_api_tokens" "example_api_tokens" {
  direction = "desc"
}

TokensPermission Groups

data cloudflare_api_token_permission_groups_list

optional Expand Collapse

name?: String

Filter by the name of the permission group. The value must be URL-encoded.

scope?: String

Filter by the scope of the permission group. The value must be URL-encoded.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Public ID.

Permission Group Name

scopes: List[String]

Resources to which the Permission Group is scoped

cloudflare_api_token_permission_groups_list

data "cloudflare_api_token_permission_groups_list" "example_api_token_permission_groups_list" {
  name = "Account%20Settings%20Write"
  scope = "com.cloudflare.api.account.zone"
}