Transform Rules configuration using Terraform
This page provides examples of creating Transform Rules in a zone using Terraform. The examples cover the following scenarios:
- Create a Rewrite URL Rule
- Create an HTTP Request Header Modification Rule
- Create an HTTP Response Header Modification Rule
The Terraform configurations provided in this page need the zone ID (or account ID) of the zone/account where you will deploy rulesets.
- To retrieve the list of accounts you have access to, including their IDs, use the List accounts operation.
- To retrieve the list of zones you have access to, including their IDs, use the List zones operation.
Terraform assumes that it has complete control over account and zone rulesets. If you already have rulesets configured in your account or zone, do one of the following:
- Import existing rulesets to Terraform using the
cf-terraforming
tool. Recent versions of the tool can generate resource definitions for existing rulesets and import their configuration to Terraform state. - Start from scratch by deleting existing rulesets (account and zone rulesets with
"kind": "root"
and"kind": "zone"
, respectively) and then defining your rulesets configuration in Terraform.
The following example creates a Rewrite URL Rule that rewrites requests for example.com/old-folder
to example.com/new-folder
:
resource "cloudflare_ruleset" "transform_url_rewrite" { zone_id = "<ZONE_ID>" name = "Transform Rule performing a static URL rewrite" description = "" kind = "zone" phase = "http_request_transform"
rules { ref = "url_rewrite_old_folder" description = "Example Rewrite URL Rule" expression = "(http.host eq \"example.com\" and http.request.uri.path eq \"/old-folder\")" action = "rewrite" action_parameters { uri { path { value = "/new-folder" } } } }}
To create another Rewrite URL Rule, add a new rules
object to the same cloudflare_ruleset
resource.
For more information on rewriting URLs, refer to Rewrite URL Rules.
The following configuration example performs the following adjustments to HTTP request headers:
- Adds a
my-header-1
header to the request with a static value. - Adds a
my-header-2
header to the request with a dynamic value defined by an expression. - Deletes the
existing-header
header from the request, if it exists.
resource "cloudflare_ruleset" "transform_modify_request_headers" { zone_id = "<ZONE_ID>" name = "Transform Rule performing HTTP request header modifications" description = "" kind = "zone" phase = "http_request_late_transform"
rules { ref = "modify_request_headers" description = "Example HTTP Request Header Modification Rule" expression = "true" action = "rewrite" action_parameters { headers { name = "my-header-1" operation = "set" value = "Fixed value" } headers { name = "my-header-2" operation = "set" expression = "cf.zone.name" } headers { name = "existing-header" operation = "remove" } } }}
To create another Request Header Modification Rule, add a new rules
object to the same cloudflare_ruleset
resource.
For more information on modifying request headers, refer to HTTP Request Header Modification Rules.
The following configuration example performs the following adjustments to HTTP response headers:
- Adds a
my-header-1
header to the response with a static value. - Adds a
my-header-2
header to the response with a dynamic value defined by an expression. - Deletes the
existing-header
header from the response, if it exists.
resource "cloudflare_ruleset" "transform_modify_response_headers" { zone_id = "<ZONE_ID>" name = "Transform Rule performing HTTP response header modifications" description = "" kind = "zone" phase = "http_response_headers_transform"
rules { ref = "modify_response_headers" description = "Example HTTP Response Header Modification Rule" expression = "true" action = "rewrite" action_parameters { headers { name = "my-header-1" operation = "set" value = "Fixed value" } headers { name = "my-header-2" operation = "set" expression = "cf.zone.name" } headers { name = "existing-header" operation = "remove" } } }}
To create another Response Header Modification Rule, add a new rules
object to the same cloudflare_ruleset
resource.
For more information on modifying response headers, refer to HTTP Response Header Modification Rules.