Skip to content

Cyb3r-Jak3/terraform-cloudflare-r2-api-token

BranchesTags

Repository files navigation

Terraform Cloudflare R2 API Token

Terraform module to create a Cloudflare API token that have bucket scope permissions. The API token needed by the Cloudflare provider needs to have User -> API Tokens -> Edit token permissions. You can use this quick link to create the token with the correct permissions.

Example:

module "r2-api-token" {
  source  = "Cyb3r-Jak3/r2-api-token/cloudflare"
  version = "<version>"
  account_id = "<account>"
  buckets = ["bucket-1", "bucket-2"]
  write = false
}

Cloudflare provider version support

5.0 and above uses version 5.0 of the Cloudflare provider.
4.1.1 and below uses version 4 of the Cloudflare provider.

I will continue to support the 4.1.1 version to the best of my ability, but I will not be adding new features to it. I will only add new features to the 5.0 version of the provider.

Requirements

Name Version
terraform >= 1.2.0
cloudflare >= 5, <6

Providers

Name Version
cloudflare >= 5, <6

Modules

No modules.

Resources

Name Type
cloudflare_api_token.token resource
cloudflare_api_token_permission_groups_list.this data source

Inputs

Name Description Type Default Required
account_id Cloudflare Account ID string n/a yes
bucket_read If true, grant read access to the bucket(s) bool true no
bucket_write If true, grant write access to the bucket(s) bool true no
buckets List of R2 buckets to grant access to. If empty, all buckets will be granted access. list(string) [] no
condition_ip_in List of IP addresses or CIDR notation where the token may be used from. If not specified, the token will be valid for all IP addresses. list(string) [] no
condition_ip_not_in List of IP addresses or CIDR notation where the token should not be used from. list(string) [] no
expires_on The expiration time on or after which the token MUST NOT be accepted for processing. If not specified, the token will not expire. string "" no
jurisdiction Jurisdiction of R2 buckets string "default" no
not_before The time before which the token MUST NOT be accepted for processing. If not specified, the token will be valid immediately. string "" no
status Status of the API token. Can be 'active' or 'disabled'. Defaults to 'active'. string "active" no
token_name Name of the API token.
If none given then the format is: R2-<comma separated names>-<Read if 'bucket-read'>-<Write if 'bucket-write'>		 string "" no

Outputs

Name Description
id API Token ID.
Used as the Access Key ID
name Name of the API Token
secret Secret Access Key
value API Token Value

About

Terraform module to create a Cloudflare API token that have bucket scope tokens.

registry.terraform.io/modules/Cyb3r-Jak3/r2-api-token/cloudflare/latest

Topics

terraform terraform-module terraform-cloudflare cloudflare-terraform cloudflare-r2-api

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

2 watching

Forks

2 forks
Report repository

Contributors 3

  •  
  •  
  •  

Languages