cloudflare_access_application: terraform import does not populate cors_header and self_hosted_domains field in state file

[hhkumar]

Confirmation

• [X] This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
• [X] I have searched the issue tracker and my issue isn't already found.
• [X] I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.6.2 on darwin_arm64

• provider registry.terraform.io/cloudflare/cloudflare v4.17.0

Affected resource(s)

cloudflare_access_application

Terraform configuration files

resource "cloudflare_access_application" "terraform_managed_resource_..." {
  ...
  domain                     = "<domain_name>"
  ...
  self_hosted_domains        = ["<domain_name>", "<domain_1>", "<domain_2>"]
  type                       = "self_hosted"
  ...
  cors_headers {
    allow_all_headers = true
    allow_all_methods = true
    allow_credentials = true
    allowed_methods   = ["PATCH", "DELETE", "GET", "HEAD", "TRACE", "OPTIONS", "PUT", "POST", "CONNECT"]
    allowed_origins   = ["..."]
    max_age           = 60
  }
}

Link to debug output

https://gist.github.com/hhkumar/7dafa782af7a8f02a67cbcb5a09b3e61

Panic output

No response

Expected output

cors_header and self_hosted_domains field to be present in the terraform state file for the resource

Actual output

self_hosted_domains and cors_header fields are not set in the state file even though they exist in cloudflare UI

            "cors_headers": [],
            "enable_binding_cookie": false,
            "http_only_cookie_attribute": false,
             ...
            "self_hosted_domains": null,

Steps to reproduce

1. Create a cloudflare access application with self_hosted_domains and cors_headers in the UI
2. Run terraform import on the resource
3. Check state file to see if the fields are populated

Additional factoids

No response

References

No response

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[github-actions[bot]]

Terraform debug log detected :white_check_mark:

[jacobbednarz]

two things to help triage this one:

1) can you provide the debug log for when you've imported this resource? 2) i don't recommend using --refresh=false, it doesn't make any remote calls to the API to evaluate the true diff and will be misleading in some cases.

[hhkumar]

@jacobbednarz thanks for your response!

Debug logs for when I imported this resource: https://gist.github.com/hhkumar/1d81dfafa99ce48e50f38fe5115eb01d I am seeing the same outcome with and without the refresh flag set to false. Let me know if you want me to upload the terraform plan output as well

[bromeara]

I have also run into this issue as well as gotten the same results with cloudflare_access_application and cloudflare_zero_trust_access_application. I can produce logs if they're required but just wanted to add that the new application interface has the same behavior.