Terraform (AWS)
You must generate an Access Key before getting started. All examples will utilize access_key_id
and access_key_secret
variables which represent the Access Key ID and Secret Access Key values you generated.
This example shows how to configure R2 with Terraform using the AWS provider ↗.
With terraform
↗ installed:
- Create
main.tf
file, or edit your existing Terraform configuration - Populate the endpoint URL at
endpoints.s3
with your Cloudflare account ID - Populate
access_key
andsecret_key
with the corresponding R2 API credentials. - Ensure that
skip_region_validation = true
,skip_requesting_account_id = true
, andskip_credentials_validation = true
are set in the provider configuration.
terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5" } }}
provider "aws" { region = "us-east-1"
access_key = <R2 Access Key> secret_key = <R2 Secret Key>
# Required for R2. # These options disable S3-specific validation on the client (Terraform) side. skip_credentials_validation = true skip_region_validation = true skip_requesting_account_id = true
endpoints { s3 = "https://<account id>.r2.cloudflarestorage.com" }}
resource "aws_s3_bucket" "default" { bucket = "<org>-test"}
resource "aws_s3_bucket_cors_configuration" "default" { bucket = aws_s3_bucket.default.id
cors_rule { allowed_methods = ["GET"] allowed_origins = ["*"] }}
resource "aws_s3_bucket_lifecycle_configuration" "default" { bucket = aws_s3_bucket.default.id
rule { id = "expire-bucket" status = "Enabled" expiration { days = 1 } }
rule { id = "abort-multipart-upload" status = "Enabled" abort_incomplete_multipart_upload { days_after_initiation = 1 } }}
You can then use terraform plan
to view the changes and terraform apply
to apply changes.