When using terraform import to import a cloudflare_zone (per documentation), there is a configuration mismatch between what the cloudposse module defines dynamically vs. what import actually imported.
Specifically, the configuration the cloudposse module generates lacks account_id (i.e. wants to remove it), and the module offers no way to set this parameter.
Important detail
I am aware that the official cloudflare provider labels the Account ID as optional. I suspect the provider determines the account ID based on the zone ID. Thus, I am not really sure who to report the bug to -- one could argue the cloudflare provider shouldn't need the account_id setting at all, but it's clear that at least as of cloudflare version 3.33.1, they store the data that the API returns.
I'm therefore left feeling that cloudposse/terraform-cloudflare-zone should try to be as compatible as possible with the data that the official provider pulls in.
If you feel differently, then we can close this ticket and I will open up a bug report with the folks who maintain the cloudflare provider, asking that account_id be removed from the data imported (for zones) altogether.
Example demonstration
Terraform configuration:
module "zone" {
source = "cloudposse/zone/cloudflare"
version = "0.3.0"
zone = "domain.com"
}
Import:
$ terraform import module.zone.cloudflare_zone.default[0] ZONEID
module.zone.cloudflare_zone.default[0]: Importing from ID "ZONEID"...
module.zone.cloudflare_zone.default[0]: Import prepared!
Prepared cloudflare_zone for import
module.zone.cloudflare_zone.default[0]: Refreshing state... [id=ZONEID]
Import successful!
Terraform state entry:
$ terraform state show 'module.zone.cloudflare_zone.default[0]'
# module.zone.cloudflare_zone.default[0]:
resource "cloudflare_zone" "default" {
account_id = "ACCOUNTID"
id = "ZONEID"
meta = {
"phishing_detected" = false
"wildcard_proxiable" = false
}
name_servers = [
"cory.ns.cloudflare.com",
"kim.ns.cloudflare.com",
]
paused = false
plan = "free"
status = "active"
type = "full"
vanity_name_servers = []
zone = "domain.com"
}
Terraform plan:
Terraform will perform the following actions:
# module.zone.cloudflare_zone.default[0] will be updated in-place
~ resource "cloudflare_zone" "default" {
- account_id = "ACCOUNTID" -> null
id = "ZONEID"
+ jump_start = false
# (8 unchanged attributes hidden)
}
Environment
Anything that will help us triage the bug will help. Here are some ideas:
Found a bug? Maybe our Slack Community can help.
Describe the Bug
When using
terraform importto import acloudflare_zone(per documentation), there is a configuration mismatch between what the cloudposse module defines dynamically vs. whatimportactually imported.Specifically, the configuration the cloudposse module generates lacks
account_id(i.e. wants to remove it), and the module offers no way to set this parameter.Important detail
I am aware that the official
cloudflareprovider labels the Account ID as optional. I suspect the provider determines the account ID based on the zone ID. Thus, I am not really sure who to report the bug to -- one could argue thecloudflareprovider shouldn't need theaccount_idsetting at all, but it's clear that at least as of cloudflare version 3.33.1, they store the data that the API returns.I'm therefore left feeling that
cloudposse/terraform-cloudflare-zoneshould try to be as compatible as possible with the data that the official provider pulls in.If you feel differently, then we can close this ticket and I will open up a bug report with the folks who maintain the
cloudflareprovider, asking thataccount_idbe removed from the data imported (for zones) altogether.Example demonstration
Terraform configuration:
Import:
Terraform state entry:
Terraform plan:
Environment
Anything that will help us triage the bug will help. Here are some ideas: