Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add TTL option to cloudflare_api_token #1603

Closed
abulfat-m opened this issue May 9, 2022 · 2 comments · Fixed by #1792
Closed

Add TTL option to cloudflare_api_token #1603

abulfat-m opened this issue May 9, 2022 · 2 comments · Fixed by #1792
Labels
kind/enhancement Categorizes issue or PR as related to improving an existing feature. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Milestone
v3.20.0

Comments

@abulfat-m
Copy link

Current Terraform and Cloudflare provider version

v1.0.10, 3.8.0

Description

API tokens have TTL option available via Dash and API. Please make this option available via Terraform as well.

Use cases

Security generally requires TTL on API tokens to be defined as part of rotation policy.

Potential Terraform configuration

resource "cloudflare_api_token" "api_token_create" {
  name = "api_token_create"

  policy {
    permission_groups = [
      data.cloudflare_api_token_permission_groups.all.permissions["API Tokens Write"],
    ]
    resources = {
      "com.cloudflare.api.user.${var.user_id}" = "*"
    }
  }

  condition {
    request_ip {
      in     = ["192.0.2.1/32"]
      not_in = ["198.51.100.1/32"]
    }
    ttl { 
      not_before = "2018-07-01T05:20:00Z"
      expires_on = "2019-07-01T05:20:00Z"
    }
  }
}

References

No response
@abulfat-m abulfat-m added kind/enhancement Categorizes issue or PR as related to improving an existing feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels May 9, 2022
@jacobbednarz jacobbednarz added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels May 9, 2022
@ekostjuk
Copy link

Would be great to have short lived narrow scoped tokens auto-generated to hide away complexity of generating these via UI/API from users/system.

@Cyb3r-Jak3 Cyb3r-Jak3 mentioned this issue Jul 20, 2022
Merged
@github-actions github-actions bot added this to the v3.20.0 milestone Jul 20, 2022
@github-actions
Copy link
Contributor

This functionality has been released in v3.20.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement Categorizes issue or PR as related to improving an existing feature. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
v3.20.0
Development

Successfully merging a pull request may close this issue.

Adds API Token TTL Cyb3r-Jak3/terraform-provider-cloudflare
3 participants
@jacobbednarz @ekostjuk @abulfat-m