Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloudflare API no longer seems to accept cloudflare_page_rule security_level parameter in 'action' block #4902

Closed
3 tasks done
mig5 opened this issue Jan 16, 2025 · 4 comments
Closed
3 tasks done

Cloudflare API no longer seems to accept cloudflare_page_rule security_level parameter in 'action' block #4902

mig5 opened this issue Jan 16, 2025 · 4 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/needs-information Indicates an issue needs more information in order to work on it.

Comments

@mig5
Copy link

mig5 commented Jan 16, 2025
edited
Loading

Confirmation

  • This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
  • I have searched the issue tracker and my issue isn't already found.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

OpenTofu v1.7.1

  • provider registry.opentofu.org/cloudflare/cloudflare v4.20.0

Affected resource(s)

cloudflare_page_rule

Terraform configuration files

resource "cloudflare_page_rule" "page_rule_name" {
  zone_id  = cloudflare_zone.example_com.id
  priority = 29
  target   = "example.com/path*"

  actions {
    disable_security = true
    browser_check    = "off"
    security_level   = "essentially_off"
  } 
}

Link to debug output

Sorry, didn't make one

Panic output

No response

Expected output

Didn't expect any change to this resource as I did not change it.

Actual output

  # cloudflare_page_rule.page_rule_name will be updated in-place
  ~ resource "cloudflare_page_rule" "page_rule_name" {
        id       = "8e3f98dadafa6cf52d19390ef4637d33"
        # (4 unchanged attributes hidden)

      ~ actions {
          + security_level      = "essentially_off"
            # (8 unchanged attributes hidden)
        }
    }


╷
│ Error: failed to update Cloudflare Page Rule: An invalid target or action was specified: Missing or unconfigured setting: 'security_level' (1005)
│ 
│   with cloudflare_page_rule.page_rule_name,
│   on example_com.tf line 928, in resource "cloudflare_page_rule" "page_rule_name":
│  928: resource "cloudflare_page_rule" "page_rule_name" {
│ 
╵

Steps to reproduce

Try to apply the above resource

Additional factoids

The fact that the state showed the attribute being re-added suggests that the resource had already 'lost' that attribute.

I've no problem removing the attribute from the action block (tofu is quite happy after that), but the Cloudflare TF provider says it is supported, and I wonder if it's just out of step with a change in the Cloudflare API (which I can't see mentioned at https://developers.cloudflare.com/fundamentals/changelog/)

I see that 'security level' is supported in Configuration Rules but in the UI for Page Rules I don't see it anymore.

References

No response
@mig5 mig5 added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 16, 2025
@github-actions GitHub Actions
Copy link
Contributor

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@github-actions GitHub Actions
Copy link
Contributor

Thank you for reporting this issue! For maintainers to dig into issues it is required that all issues include the entirety of TF_LOG=DEBUG output to be provided. The only parts that should be redacted are your user credentials in the X-Auth-Key, X-Auth-Email and Authorization HTTP headers. Details such as zone or account identifiers are not considered sensitive but can be redacted if you are very cautious. This log file provides additional context from Terraform, the provider and the Cloudflare API that helps in debugging issues. Without it, maintainers are very limited in what they can do and may hamper diagnosis efforts.

This issue has been marked with triage/needs-information and is unlikely to receive maintainer attention until the log file is provided making this a complete bug report.

@github-actions github-actions bot added triage/needs-information Indicates an issue needs more information in order to work on it. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 16, 2025
@ctang10x
Copy link

In the last hr, I see this issue too when trying to run unrelated code snippet.

@jacobbednarz
Copy link
Member

this was https://www.cloudflarestatus.com/incidents/m4s7nydr07tk. re-running the operations should have these values returning now.

@jacobbednarz jacobbednarz closed this as not planned Won't fix, can't repro, duplicate, stale Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/needs-information Indicates an issue needs more information in order to work on it.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mig5 @jacobbednarz @ctang10x