chore(deps): update terraform cloudflare to v5

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
cloudflare (source)	required_provider	major	4.23.0 -> 5.3.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cloudflare/terraform-provider-cloudflare (cloudflare)

v5.3.0

Compare Source

Full Changelog: v5.2.0...v5.3.0

Features

• access_policy: remove invalid defaults (#​5417) (5f6bec0)
• add script to build without optimisations (#​5436) (d1a4f49)
• api: Add workers telemetry routes (828b20e)
• api: api update (13ab544)
• api: api update (38b779c)
• api: api update (35e5ee6)
• api: api update (f8f6637)
• api: api update (e00cc2f)
• api: api update (c077795)
• api: api update (3b8d719)
• api: api update (0497567)
• api: api update (a5b6d28)
• api: api update (85ca5b6)
• api: api update (119ea92)
• api: api update (b5b0a8c)
• api: api update (1d07b70)
• api: api update (72a9f83)
• api: api update (c4180b7)
• api: api update (cff25d6)
• api: api update (72d3824)
• api: api update (664cb3c)
• api: api update (44a8c6b)
• api: api update (92919cb)
• api: api update (ac6ab4b)
• api: api update (759abb8)
• api: api update (32c8ef6)
• api: api update (dabc087)
• api: api update (8611b80)
• api: api update (7053012)
• api: api update (45b4ae6)
• api: api update (e959fe3)
• api: api update (be9ae70)
• api: api update (37e7245)
• api: api update (b3f3126)
• api: api update (80ac5b7)
• api: api update (f281c3f)
• api: api update (761a96f)
• api: api update (2bb8703)
• api: api update (69ead96)
• api: api update (e3871a2)
• api: api update (09e6236)
• api: api update (0be6b20)
• api: api update (2e1e307)
• api: api update (78f2553)
• api: api update (67496e3)
• api: api update (#​5372) (b940618)
• api: api update (#​5375) (a8ea03c)
• api: api update (#​5384) (d24be4d)
• api: api update (#​5396) (92c6897)
• api: api update (#​5408) (e6b94c8)
• api: api update (#​5426) (bf1eec3)
• api: api update (#​5430) (990d99f)
• api: api update (#​5438) (205c1a1)
• api: api update (#​5442) (bcb6b61)
• api: api update (#​5444) (0c62078)
• api: api update (#​5447) (3518fb9)
• api: api update (#​5449) (a018ca5)
• api: api update (#​5453) (e914374)
• api: api update (#​5457) (369b4be)
• api: api update (#​5464) (10dae6c)
• api: api update (#​5465) (a432bdb)
• api: api update (#​5467) (0aee40f)
• api: api update (#​5468) (95d34e2)
• api: api update (#​5469) (d96661d)
• api: api update (#​5470) (96ea789)
• api: api update (#​5473) (f21aa4e)
• api: api update (#​5477) (7f1a73f)
• api: api update (#​5478) (e2e5502)
• api: api update (#​5479) (1daafb7)
• api: display deprecation messages on resources and attributes (#​5425) (4a0554e)
• api: manual updates (02da0fd)
• api: manual updates (dc58a0f)
• api: manual updates (abd45b1)
• api: manual updates (b18b48b)
• api: manual updates (27e8929)
• api: manual updates (b92b2d7)
• api: manual updates (2f2436d)
• api: Update workers telemetry route methods (2b4db81)
• devices: add registrations support (05bc7a9)
• docs: add secrets store to navigation (b5be043)
• pipelines: add support (5068d66)
• secret_store: add support (aa76038)
• secrets_store: remove incorrect bulk edit endpoint (a8e9411)

Bug Fixes

• access_policy: remove invalid defaults (#​5416) (daaceff)
• account_token: handle unordered policies (#​5433) (3f36851)
• add deserialization annotations to synthetic ID properties (#​5376) (754df3f)
• api_token: handle value across updates (#​5414) (1db1294)
• api: better support for environment variables as provider properties (#​5377) (a6e7785)
• api: skip generation of update endpoint when only a create endpoint exists (#​5397) (9b588cb)
• dns_record: don't include defaults for data (#​5461) (8a5e8ce)
• hostnames: define correct path parameter for updates (#​5428) (c54a6a0)
• logpush: remove empty default value (#​5401) (0659e1f)
• origin_ca_certificate: persist values across reads (#​5415) (1e6d072)
• r2_custom_domain: add jurisdiction into the schema (#​5404) (7d2b266)
• ruleset: handle stricter marshaling (#​5391) (b9f0292)
• workers_cron_trigger: remove duplicate struct (#​5435) (7a54b42)
• workers_for_platforms_script_secret: correctly update resource name (#​5459) (e52e4db)
• workers_script: cleanup placement duplication (#​5437) (3ac96b6)
• zero_trust_tunnel_cloudflared_virtual_networ: persist is_default write only value (#​5434) (368ab5d)
• zero_trust_tunnel_cloudflared: persist write only values (#​5432) (7d62813)

Chores

• build: scripts/format should not fail if generate-docs fails (#​5466) (56b6feb)
• deps: bump terraform-plugin-docs (#​5399) (ed4e092)
• deps: fix indirect updates (#​5402) (12d9433)
• internal: codegen related update (0d15cfe)
• internal: codegen related update (#​5441) (ec3412b)
• internal: codegen related update (#​5443) (a82d949)
• internal: codegen related update (#​5463) (d3d4be5)
• remove unnecessary toListParams methods in singular data sources (#​5371) (495ae4c)
• tests: improve enum examples (#​5476) (225ac31)
• update dependencies (#​5387) (b3bff1d)

Documentation

• generate (#​5400) (ecf3561)
• generate (#​5429) (8428f6a)
• generate (#​5462) (80b2588)
• generate (#​5480) (d7e3b84)

v5.2.0

Compare Source

Full Changelog: v5.1.0...v5.2.0

Features

• add docs generation to format script (#​5294) (a199683)
• add SKIP_BREW env var to ./scripts/bootstrap (#​5274) (45090a9)
• api: api update (#​5243) (7d287a7)
• api: api update (#​5249) (9f253d5)
• api: api update (#​5257) (220adc9)
• api: api update (#​5265) (fc3045a)
• api: api update (#​5267) (c7198d8)
• api: api update (#​5269) (3f44f89)
• api: api update (#​5270) (56c1da3)
• api: api update (#​5271) (b6c093a)
• api: api update (#​5293) (941a30a)
• api: api update (#​5295) (86e4e4e)
• api: api update (#​5299) (fe8c29d)
• api: api update (#​5300) (0abdfcf)
• api: api update (#​5302) (063348c)
• api: api update (#​5309) (b8674a5)
• api: api update (#​5325) (9a65852)
• api: api update (#​5326) (5cc7f58)
• api: api update (#​5332) (f16b95e)
• api: api update (#​5338) (6ae5427)
• api: api update (#​5354) (98b1ec9)
• api: api update (#​5355) (0fb620e)
• api: api update (#​5356) (9ca6737)
• api: api update (#​5357) (2324e79)
• api: api update (#​5359) (5b1c190)
• api: manual updates (#​5314) (2660117)
• custom_pages: add resource (#​5343) (57d76e2)
• custom_pages: mark identifier as id (#​5344) (9705e1b)
• custom_pages: mark identifier as id (#​5345) (5d1afaa)
• custom_pages: reintroduce endpoints (#​5312) (4653c96)
• dns_settings: fix hierarchy (#​5291) (cb5bee3)
• dns: split account and zone DNS settings (#​5283) (3c9e05e)
• dns: split account and zone DNS settings (#​5285) (d669e8f)
• internal: add HA and IO to initialisms (#​5276) (ead063a)
• internal: bump cloudflare-go to 4.2.0 (#​5341) (559850d)
• internal: revert HA and IO to initialisms (#​5279) (8cce7e4)
• waiting_rooms: add account level list API (#​5310) (915f6f7)
• workers: add in secrets endpoints (#​5329) (0d8f363)
• zero_trust_device_*_profile: mark include and exclude as mutually exclusive (2db548c)

Bug Fixes

• accoun_token: mark meta as read only (84e8c23)
• account_token: fix missing model change (fff0f2c)
• account_token: handle value write only field (4cbb4b5)
• account: remove recreation on tenant unit (76fbb98)
• api: avoid spurious replacement plans for computed ID properties (#​5244) (37baea6)
• api: remove min and max validations in mismatched union variants (#​5263) (b5f51a0)
• authenticated_origin_pulls_certificate: handle private_key write only field (78b9ff1)
• authenticated_origin_pulls_certificate: populate certificate_id from the id (2b53245)
• dns_record: relax constraint for overlapping unions (ac79ff8)
• find-by style data source attributes should share models with plural data sources (#​5251) (d488159)
• r2_custom_domain: remove duplicated domain value (e062813)
• r2_custom_domain: update path placeholders to de-duplicate internal values (#​5281) (5ef949d)
• rulesets: remove unused fields (dcab45f)
• waiting_rooms: comment out broken struct for now (3f89aef)
• workers_script: re-resolve the correct schemas (05b25ba)

Chores

• internal: codegen related update (#​5286) (1e603a0)

Documentation

• generate (e13aae0)
• generate (9ce87fa)
• generate (b33529e)
• generate (771eaed)

v5.1.0

Compare Source

Full Changelog: v5.0.0...v5.1.0

Features

• api: disable zero_trust_tunnel_cloudflared_token (#​5128) (df2c3bc)
• api: enable zero_trust_tunnel_cloudflared_token (#​5127) (1bd200e)
• grit: add more support for dns_record attributes (3dbe899)
• various codegen changes (d91aee1)

Bug Fixes

• grit: handle inner objects within the object for records (e7b7bb1)
• grit: handle inner objects within the object for records (c9a5257)
• grit: handle inner objects within the object for records (ae22af5)
• grit: make pattern names consistent (0b2ba12)
• update migration guide to use source, not stdlib (9d208d6)
• use correct name for Grit patterns (2f8d522)

Documentation

• clean out previously set schema_versions (fba939d)
• handle cloudflare_record data migration (9eb450b)
• regenerate (bbf53bf)
• update deprecation dates (7a8b7d2)
• update page_rules migration guidance (45e30b1)

v5.0.0

Compare Source

[!WARNING]
v5.x of this provider is a ground-up rewrite of the SDK, using code generation from our OpenAPI spec.

There are backwards incompatible changes which are documented and outlined in the migration guide
however, we offer codemods to assist as well as the manual steps if you prefer.

[!NOTE]
v4.x will no longer be in active development per our support policy and all feature
development and improvements will land in v5.x.

Migration guide (including changelog)

https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/guides/version-5-upgrade

v4.52.0

Compare Source

[!NOTE]
This is the last regular release in the 4.x line. 4.x is no longer under active development.

ENHANCEMENTS:

• resource/cloudflare_waiting_room: add support for Turnstile fields (#​4952)
• resource/cloudflare_zero_trust_gateway_policy: allow configuring isolate rules with BISO admin control V2 settings (#​4962)
• resource/snippets-rules: make terraform consistent with the API and do not require "enabled" and "description" fields
• resource/snippets: use list instead of set
• resource/cloud_connector_rules: use list instead of set (#​4787)

BUG FIXES:

• resource/cloudflare_device_posture_integration: fix bug where custom_s2s and tanium_s2s was not included in the type validation for s2s posture integrations. (#​4933)

DEPENDENCIES:

• provider: bump github.com/hashicorp/terraform-plugin-go from 0.25.0 to 0.26.0 (#​4928)
• provider: bump github.com/hashicorp/terraform-plugin-mux from 0.17.0 to 0.18.0 (#​4934)

v4.51.0

Compare Source

NOTES:

• resource/cloudflare_ruleset: remove deprecated http_request_sbfm phase (#​4860)

ENHANCEMENTS:

• resource/cloudflare_access_application: add private destination fields to access application (#​4892)
• resource/cloudflare_zero_trust_gateway_policy: allow configuring resolver rules with internal DNS (#​4918)

BUG FIXES:

• resource/cloudflare_api_shield_operation: fixed a bug when using variable names other than var1 ... varN in endpoint definitions causing these resources to be recreated when nothing has changed.
  If this affects you, after upgrading to this version, the resource has to be recreated once more to fix the state, after which the bug is fixed. (#​4894)
• resource/cloudflare_teams_location: Fix import failures on teams locations (#​4859)
• resource/cloudflare_zero_trust_device_posture_rule: Fix 'last_seen' not being written to the state file (#​4855)

INTERNAL:

• resource/cloudflare_api_shield_operation: migrated to the terraform-plugin-framework. (#​4894)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.113.0 to 0.114.0 (#​4893)
• provider: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.13.0 in /tools (#​4903)

v4.50.0

Compare Source

ENHANCEMENTS:

• cloudflare_teams_location: support endpoints + BYOIPv6 + DNS IPv4 destinations (#​4805)
• resource/cloudflare_zone_settings_override: Add support for aegis (#​4820)
• resource/cloudflare_zone_settings_override: add support for ssl_automatic_mode (#​4465)

BUG FIXES:

• resource/cloudflare_access_application: Fix access application saas apps attributes crashing provider when no changes were made to those (#​4843)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.112.0 to 0.113.0 (#​4826)
• provider: bump golang.org/x/net from 0.33.0 to 0.34.0 (#​4837)

v4.49.1

Compare Source

Functionally the same as v4.49.0 but retagged to fix the Terraform Registry having a bad checksum due to a failed build asset being used.

v4.49.0

Compare Source

• resource/cloudflare_teams_location: remove unusable policy_ids attribute (#​4817)

FEATURES:

• New Resource: cloudflare_content_scanning_expression (#​4734)
• New Resource: cloudflare_content_scanning (#​4719)

ENHANCEMENTS:

• resource/access_application: support multi-valued + Access service token authentication for SCIM provisioning to Access applications (#​4743)

BUG FIXES:

• resource/cloudflare_ruleset: handle when disable_stale_while_updating is an empty object but not nil (#​4814)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.111.0 to 0.112.0 (#​4803)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.15.0 to 0.16.0 (#​4762)
• provider: bump golang.org/x/crypto from 0.21.0 to 0.31.0 in /tools (#​4755)
• provider: bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#​4756)
• provider: bump golang.org/x/net from 0.32.0 to 0.33.0 (#​4802)

v4.48.0

Compare Source

NOTES:

• resource/cloudflare_ruleset: rules must now be given an explicit ref to avoid their IDs changing across ruleset updates, see https://developers.cloudflare.com/terraform/troubleshooting/rule-id-changes/ (#​4697)

FEATURES:

• New Resource: cloudflare_leaked_credential_check (#​4674)
• New Resource: cloudflare_leaked_credential_check_rule (#​4676)
• New Resource: cloudflare_snippet (#​4565)
• New Resource: cloudflare_snippet_rules (#​4565)

ENHANCEMENTS:

• resource/access_application: add support for destinations and domain_type (#​4661)
• resource/access_identity_provider: document scim_config fields (#​4721)
• resource/cloudflare_access_policy: adds support for Access infrastructure allow_email_alias connection rule flag (#​4665)
• resource/cloudflare_ruleset: improve diffs when only some rules are changed (#​4697)
• resource/cloudflare_teams_list: use PUT call to update list items (#​4737)
• resource/cloudflare_zero_trust_access_policy: adds support for Access infrastructure allow_email_alias connection rule flag (#​4665)

BUG FIXES:

• resource/cloudflare_authenticated_origin_pulls: Fix issue where resources are disabled instead of being destroyed on tf destroy (#​4649)
• resource/cloudflare_leaked_credential_check_rule: Fix bug in update method (#​4741)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.110.0 to 0.111.0 (#​4709)
• provider: bump golang.org/x/net from 0.31.0 to 0.32.0 (#​4718)

v4.47.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_access_application: support SCIM schema strictness setting for outbound provisioning (#​4419)
• resource/cloudflare_access_identity_provider: Adds identity update behavior field in SCIM configuration (#​4602)
• resource/cloudflare_notification_policy: Added support for D1 in the cloudflare_notification_policy resource and data source. (#​4615)
• resource/cloudflare_notification_policy: add support for image_resizing_notification alert type (#​4588)
• resource/cloudflare_r2_bucket: Added support for Oceania region in location hints. (#​4660)

BUG FIXES:

• resource/cloudflare_logpush_job: add dlp_forensic_copies to allowed dataset values (#​4598)
• resource/cloudflare_zero_trust_access_policy: make gsuite parameters required (#​4597)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.109.0 to 0.110.0 (#​4632)
• provider: bump github.com/hashicorp/terraform-plugin-testing from 1.10.0 to 1.11.0 (#​4613)
• provider: bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#​4663)

v4.46.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_waiting_room: add "bg-BG", "hr-HR", "cs-CZ", "da-DK", "fi-FI", "lt-LT", "ms-MY", "nb-NO", "ro-RO", "el-GR", "he-IL" "hi-IN", "hu-HU", "sr-BA", "sk-SK", "sl-SI", "sv-SE", "tl-PH", "th-TH", "uk-UA", and "vi-VN" to default_template_language field (#​4509)

BUG FIXES:

• resource/cloudflare_certificate_pack: Fix importing existing resources issue due to 3 ignored required fields in importer (#​4544)
• resource/cloudflare_list: Don't read list items if there are none configured (#​4511)
• resource/cloudflare_zero_trust_list: Consider items_with_description when updating a ZT list (#​4477)
• resource/turnstile: Force recreate on region update (#​4496)

DEPENDENCIES:

• provider: bump github.com/cloudflare/cloudflare-go from 0.108.0 to 0.109.0 (#​4523)
• provider: bump github.com/hashicorp/terraform-plugin-framework-validators from 0.14.0 to 0.15.0 (#​4492)
• provider: bump github.com/hashicorp/terraform-plugin-go from 0.24.0 to 0.25.0 ([#​4483](https://redirect.github.com/cloudflare/terraform-provider-cloudflare/issues/44

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.