CD
Cloudflare Developers2mo ago
thinmint90

How do I create a Hostname origin_tls_client_auth via the Terraform provider?

Hello, I am using the 5.8.2 Terrafrom provider to set up Authenticated Origin Pull for a specific hostname. From what I can tell, the cloudflare_authenticated_origin_pulls_certificate object no longer supports type. This means that all certs created are for the zone and not for the host. Pulling the zone certs 
curl https://api.cloudflare.com/client/v4/zones/{ZoneID}/origin_tls_client_auth \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2502    0  2502    0     0   5153      0 --:--:-- --:--:-- --:--:--  5158
{
  "success": true,
  "result": [
    {
      "id": "{ID}",
      "status": "active",
      {CERT INFO}
    }
}
curl https://api.cloudflare.com/client/v4/zones/{ZoneID}/origin_tls_client_auth \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2502    0  2502    0     0   5153      0 --:--:-- --:--:-- --:--:--  5158
{
  "success": true,
  "result": [
    {
      "id": "{ID}",
      "status": "active",
      {CERT INFO}
    }
}
Pull the hostname certs. Since I am implementing hostname-based AOP, I need a cert list at this endpoint. 
 curl https://api.cloudflare.com/client/v4/zones/{zone id}/origin_tls_client_auth/hostnames/certificates \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119    0   119    0     0    374      0 --:--:-- --:--:-- --:--:--   375
{
  "success": true,
  "errors": [],
  "messages": [],
  "result": [],
}
 curl https://api.cloudflare.com/client/v4/zones/{zone id}/origin_tls_client_auth/hostnames/certificates \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119    0   119    0     0    374      0 --:--:-- --:--:-- --:--:--   375
{
  "success": true,
  "errors": [],
  "messages": [],
  "result": [],
}
TF object in question: https://registry.terraform.io/providers/cloudflare/cloudflare/5.8.2/docs/resources/authenticated_origin_pulls_certificate In the 4.x version of the provider, there was a notion of type. It seems like this was missed when moving to 5.x 
type (String) The form of Authenticated Origin Pulls to upload the certificate to. Available values: per-zone, per-hostname. Modifying this attribute will force creation of a new resource.
type (String) The form of Authenticated Origin Pulls to upload the certificate to. Available values: per-zone, per-hostname. Modifying this attribute will force creation of a new resource.
What do I need to do to have the 5.x version work with hostname-based AOP?
Terraform Registry
0 Replies
No replies yetBe the first to reply to this messageJoin

Did you find this page helpful?