Create a Zero Trust organization
To start using Zero Trust features, create a Zero Trust organization in your Cloudflare account.
To create a Zero Trust organization:
-
On your Account Home in the Cloudflare dashboard ↗, select the Zero Trust icon.
-
On the onboarding screen, choose a team name. The team name is a unique, internal identifier for your Zero Trust organization. Users will enter this team name when they enroll their device manually, and it will be the subdomain for your App Launcher (as relevant). Your business name is the typical entry.
-
Complete your onboarding by selecting a subscription plan and entering your payment details. If you chose the Zero Trust Free plan, this step is still needed but you will not be charged.
You can use the Cloudflare Terraform provider ↗ to manage your Zero Trust organization alongside your other IT infrastructure. To get started with Terraform, refer to our Terraform tutorial series.
Zero Trust organizations cannot be created through Terraform. You must sign up for Zero Trust on the Cloudflare dashboard and then import the resource into your Terraform configuration.
To import your Zero Trust organization:
-
Add the following permission to your
cloudflare_api_token
↗:Access: Organizations, Identity Providers, and Groups Write
-
Add the
cloudflare_zero_trust_access_organization
↗ resource:resource "cloudflare_zero_trust_access_organization" "<your-team-name>" {account_id = var.cloudflare_account_idname = "Acme Corporation"auth_domain = "<your-team-name>.cloudflareaccess.com"}Replace
<your-team-name
with the Zero Trust organization name selected during onboarding. You can also view your team name on Zero Trust ↗ under Settings > Custom Pages. -
In a terminal, run:
Terminal window terraform import cloudflare_zero_trust_access_organization.<your-team-name> <cloudflare_account_id>`
You can now update the Zero Trust organization using Terraform.