Merge pull request #2771 from Nmishin/fix/2733

Improve documentation for authenticated_origin_pulls & authenticated_origin_pulls_certificate

.changelog/2771.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_authenticated_origin_pulls: Improve import, update documentation
+```

docs/data-sources/rulesets.md

@@ -109,11 +109,13 @@ Read-Only:
 - `mirage` (Boolean)
 - `opportunistic_encryption` (Boolean)
 - `origin` (List of Object) (see [below for nested schema](#nestedobjatt--rulesets--rules--action_parameters--origin))
+- `origin_cache_control` (Boolean)
 - `origin_error_page_passthru` (Boolean)
 - `overrides` (List of Object) (see [below for nested schema](#nestedobjatt--rulesets--rules--action_parameters--overrides))
 - `phases` (Set of String)
 - `polish` (String)
 - `products` (Set of String)
+- `read_timeout` (Number)
 - `request_fields` (Set of String)
 - `respect_strong_etags` (Boolean)
 - `response` (List of Object) (see [below for nested schema](#nestedobjatt--rulesets--rules--action_parameters--response))

docs/resources/authenticated_origin_pulls.md

@@ -73,12 +73,12 @@ resource "cloudflare_authenticated_origin_pulls" "my_per_hostname_aop" {
 Import is supported using the following syntax:
 
 ```shell
-# Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_aop <zone_id>//
+# global
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>
 
-# Per-Zone Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop <zone_id>/<certificate_id>/
+# per zone
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>/<certificate_id>
 
-# Per-Hostname Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop <zone_id>/<certificate_id>/<hostname>
+# per hostname
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>/<certificate_id>/<hostname>
 ```

docs/resources/authenticated_origin_pulls_certificate.md

@@ -68,5 +68,5 @@ Optional:
 Import is supported using the following syntax:
 
 ```shell
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.2458ce5a-0c35-4c7f-82c7-8e9487d3ff60 <zone_id>/<certificate_type>/<certificate_id>
+$ terraform import cloudflare_authenticated_origin_pulls_certificate.example <zone_id>/<certificate_type>/<certificate_id>
 ```

docs/resources/ruleset.md

@@ -508,11 +508,13 @@ Optional:
 - `mirage` (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
 - `opportunistic_encryption` (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
 - `origin` (Block List) List of properties to change request origin. (see [below for nested schema](#nestedblock--rules--action_parameters--origin))
+- `origin_cache_control` (Boolean) Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.
 - `origin_error_page_passthru` (Boolean) Pass-through error page for origin.
 - `overrides` (Block List) List of override configurations to apply to the ruleset. (see [below for nested schema](#nestedblock--rules--action_parameters--overrides))
 - `phases` (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_config_settings`, `http_custom_errors`, `http_log_custom_fields`, `http_ratelimit`, `http_request_cache_settings`, `http_request_dynamic_redirect`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_origin`, `http_request_redirect`, `http_request_sanitize`, `http_request_sbfm`, `http_request_transform`, `http_response_compression`, `http_response_firewall_managed`, `http_response_headers_transform`, `magic_transit`.
 - `polish` (String) Apply options from the Polish feature of the Cloudflare Speed app.
 - `products` (Set of String) Products to target with the actions. Available values: `bic`, `hot`, `ratelimit`, `securityLevel`, `uablock`, `waf`, `zonelockdown`.
+- `read_timeout` (Number) Specifies a maximum timeout for reading content from an origin server.
 - `request_fields` (Set of String) List of request headers to include as part of custom fields logging, in lowercase.
 - `respect_strong_etags` (Boolean) Respect strong ETags.
 - `response` (Block List) List of parameters that configure the response given to end users. (see [below for nested schema](#nestedblock--rules--action_parameters--response))

examples/resources/cloudflare_authenticated_origin_pulls/import.sh

@@ -1,8 +1,8 @@
-# Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_aop <zone_id>//
+# global
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>
 
-# Per-Zone Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_per_zone_aop <zone_id>/<certificate_id>/
+# per zone
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>/<certificate_id>
 
-# Per-Hostname Authenticated Origin Pull configuration
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.my_per_hostname_aop <zone_id>/<certificate_id>/<hostname>
+# per hostname
+$ terraform import cloudflare_authenticated_origin_pulls.example <zone_id>/<certificate_id>/<hostname>

examples/resources/cloudflare_authenticated_origin_pulls_certificate/import.sh

@@ -1 +1 @@
-$ terraform import cloudflare_authenticated_origin_pulls_certificate.2458ce5a-0c35-4c7f-82c7-8e9487d3ff60 <zone_id>/<certificate_type>/<certificate_id>
+$ terraform import cloudflare_authenticated_origin_pulls_certificate.example <zone_id>/<certificate_type>/<certificate_id>

internal/sdkv2provider/resource_cloudflare_authenticated_origin_pulls.go

@@ -149,24 +149,28 @@ func resourceCloudflareAuthenticatedOriginPullsImport(ctx context.Context, d *sc
 	// split the id so we can lookup
 	idAttr := strings.SplitN(d.Id(), "/", 3)
 
-	if len(idAttr) != 3 {
-		return nil, fmt.Errorf("invalid id (\"%s\") specified, should be in format \"zoneID/certID/hostname\"", d.Id())
-	}
-	zoneID, certID, hostname := idAttr[0], idAttr[1], idAttr[2]
-	d.Set(consts.ZoneIDSchemaKey, zoneID)
-
-	// Set attributes based on inputs which informs which form of AOP to use
+	var zoneID string
+	var certID string
+	var hostname string
 	var checksum string
-	if hostname != "" && certID != "" {
+
+	if len(idAttr) == 1 {
+		zoneID = idAttr[0]
+		checksum = stringChecksum(fmt.Sprintf("GlobalAOP/%s/", zoneID))
+	} else if len(idAttr) == 2 {
+		zoneID, certID = idAttr[0], idAttr[1]
+		d.Set("authenticated_origin_pulls_certificate", certID)
+		checksum = stringChecksum(fmt.Sprintf("PerZoneAOP/%s/%s", zoneID, certID))
+	} else if len(idAttr) == 3 {
+		zoneID, certID, hostname = idAttr[0], idAttr[1], idAttr[2]
 		d.Set("hostname", hostname)
 		d.Set("authenticated_origin_pulls_certificate", certID)
 		checksum = stringChecksum(fmt.Sprintf("PerHostnameAOP/%s/%s/%s", zoneID, hostname, certID))
-	} else if certID != "" {
-		d.Set("authenticated_origin_pulls_certificate", certID)
-		checksum = stringChecksum(fmt.Sprintf("PerZoneAOP/%s/%s", zoneID, certID))
 	} else {
-		checksum = stringChecksum(fmt.Sprintf("GlobalAOP/%s/", zoneID))
+		return nil, fmt.Errorf("invalid id (\"%s\") specified, should be maximum 3 id specified for import", d.Id())
 	}
+
+	d.Set(consts.ZoneIDSchemaKey, zoneID)
 	d.SetId(checksum)
 	resourceCloudflareAuthenticatedOriginPullsRead(ctx, d, meta)
 	return []*schema.ResourceData{d}, nil