We value your privacy
The module consolidates the management of DNS records in an existing or new Cloudflare DNS zone. Records are supplied as input parameters of the module to keep their management in a single code block. Supported record types: A, AAAA, CNAME, MX, NS, TXT.
Once you have a Corewide Solutions Portal account, this one-time action will use your browser session to retrieve credentials:
shellterraform login solutions.corewide.com
Initialize mandatory providers:
Copy and paste into your Terraform configuration and insert the variables:
hclmodule "tf_cloudflare_dns" {
source = "solutions.corewide.com/cloudflare/tf-cloudflare-dns/cloudflare"
version = "~> 2.0.0"
# specify module inputs here or try one of the examples below
...
}
Initialize the setup:
shellterraform init
Corewide DevOps team strictly follows Semantic Versioning
Specification
to
provide our clients with products that have predictable upgrades between versions. We
recommend
pinning
patch versions of our modules using pessimistic
constraint operator (~>) to prevent breaking changes during upgrades.
To get new features during the upgrades (without breaking compatibility), use
~> 2.0 and run
terraform init -upgrade
For the safest setup, use strict pinning with version = "2.0.0"
The module consolidates the management of DNS records in an existing or new Cloudflare DNS zone. Records are supplied as input parameters of the module to keep their management in a single code block. Supported record types: A, AAAA, CNAME, MX, NS, TXT.
All notable changes to this project are documented here.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Breaking change: The module is incompatible with the previous versions. Upgrade from an older version is possible with manual changes, see Upgrade Notes section.
cloudflare provider version to 5.0cloudflare_record resourceFirst stable version
A, AAAA, CNAME, MX, NS, TXT record typesv1.x to v2.xModule from v2.0 requires the use of minimal cloudflare provider version 5.0. To perform the migration, upgrade the provider version on the project level to the latest 4.x minor version, with the module version v1.x:
Ensure that the project-level provider version is set as follows:
hclrequired_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 4.51"
}
}
Run the following command to install the latest minor version of the 4.x release:
bashterraform init --upgrade
The migration to the provider version v5.0 requires re-importing the resource in the terraform state. Firstly, create the backup of the terraform state:
bashterraform state pull > terraform.tfstate
In case of errors during the migration process, the module should be rolled back to the v1.x version, the project-level cloudflare provider version should be set to ~> 4.51. Then, run the following command to restore the terraform state from the backup:
bashterraform state push terraform.tfstate
Run the following script, which will output two sets of commands for further use. Save the output of these commands:
bashexport ZONE_ID=$(tf state pull | jq '.resources[] | select(.type=="cloudflare_zone").instances[0].attributes.id' | tr -d '"')
export RECORD_ID=($(tf state pull | jq '.resources[] | select(.type=="cloudflare_record").instances[] |.attributes.id' | tr -d '"'))
export RECORDS=($(terraform state list | grep cloudflare_record))
echo -e "1. Before version upgrade:\n"
for (( i=0; i<${#RECORD_ID[@]}; i++ )) do echo "terraform state rm '${RECORDS[${i}]}'" ; done;
echo "2. After version upgrade:\n"
for (( i=0; i<${#RECORD_ID[@]}; i++ )) do echo "terraform import '${RECORDS[${i}]}' ${ZONE_ID}/${RECORD_ID[${i}]}" ; done;
The output must look like the following:
bash1. Before version upgrade:
terraform state rm 'module.dns.cloudflare_record.main["example"]'
...
2. After version upgrade:
terraform import 'module.dns.cloudflare_dns_record.main["example"]' qwertyuiop1234567890/asdfghjkl0987654321
...
Run the first set of commands from the output. The resources of type cloudflare_record will be removed from the terraform state.
Upgrade the module version to ~> 2.0, and cloudflare provider version to ~> 5.0:
hclrequired_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 5.0"
}
}
Upgrade project dependencies:
bashterraform init --upgrade
Run the second set of commands from the script output. The resources will be imported with the upgraded resource name cloudflare_dns_record.
Minimal setup with a single record in an existing DNS zone:
hclmodule "dns" {
source = "solutions.corewide.com/cloudflare/tf-cloudflare-dns/cloudflare"
version = "~> 2.0"
account_id = "1234567890a1234567890b1234567890"
zone_name = "example.com"
records = {
foo = {
type = "A"
proxied = true
value = ["10.0.2.20"]
}
}
}
Custom configuration setup with a new DNS zone and multiple records with different configuration:
hclmodule "dns" {
source = "solutions.corewide.com/cloudflare/tf-cloudflare-dns/cloudflare"
version = "~> 2.0"
zone_name = "example.com"
account_id = "1234567890a1234567890b1234567890"
create_zone = true
records = {
"@" = {
type = "A"
value = ["10.0.1.10"]
ttl = 7200
}
"foo" = {
type = "A"
value = ["10.0.2.20"]
proxied = true
}
"www" = {
proxied = true
type = "CNAME"
value = ["example.com"]
}
"v6" = {
type = "AAAA"
ttl = 500
value = [
"2001:db8:3333:4444:CCCC:DDDD:EEEE:FFFF",
"2001:0000:130F:0000:0000:09C0:876A:130B",
]
}
"mail" = {
type = "MX"
value = ["example.com"]
priority = 10
}
}
}
| Variable | Description | Type | Default | Required | Sensitive |
|---|---|---|---|---|---|
account_id |
Cloudflare account ID to manage the zone resource | string |
yes | no | |
records[<key>] |
Name of the DNS record | string |
yes | no | |
zone_name |
The hosted DNS zone name to create records in | string |
yes | no | |
create_zone |
Enable hosted zone creation | bool |
false |
no | no |
records |
DNS records configuration | map(object) |
{} |
no | no |
records[<key>].priority |
The priority of the record (only for MX type) |
number |
0 |
no | no |
records[<key>].proxied |
Whether the record gets Cloudflare's origin protection | bool |
false |
no | no |
records[<key>].ttl |
The time to live of the record | number |
300 |
no | no |
records[<key>].type |
The type of the record. Possible values are: A, AAAA, CNAME, MX, NS and TXT |
string |
yes | no | |
records[<key>].value |
The content of the record | list(string) |
yes | no |
| Output | Description | Type | Sensitive |
|---|---|---|---|
records |
DNS records resource attributes | computed |
no |
zone |
Hosted DNS zone attributes | computed |
no |
| Dependency | Version | Kind |
|---|---|---|
terraform |
>= 1.3 |
CLI |
cloudflare/cloudflare |
~> 5.0 |
provider |