Skip to content

cloudflare_zero_trust_access_application: self hosted applications with private ips require public domain #5529

New issue
New issue
Closed
Closed
cloudflare_zero_trust_access_application: self hosted applications with private ips require public domain#5529
Labels
kind/bugCategorizes issue or PR as related to a bug.version/5Categorizes issue or PR as related to version 5 of the provider.
@PI-Victor

Description

@PI-Victor
PI-Victor
opened on Apr 23, 2025

Confirmation

  • This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
  • I have searched the issue tracker and my issue isn't already found.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

terraform {
  required_version = ">=1.10.0"

  required_providers {
    cloudflare = {
      source  = "cloudflare/cloudflare"
      version = "~> 5.3.0"
    }
    random = {
      source  = "hashicorp/random"
      version = "~> 3.6.2"
    }
  }
}

Terraform v1.11.3
on darwin_arm64

  • provider registry.terraform.io/cloudflare/cloudflare v5.3.0
  • provider registry.terraform.io/hashicorp/random v3.6.3

Affected resource(s)

cloudflare_zero_trust_access_application

Terraform configuration files

resource "cloudflare_zero_trust_access_application" "example_zero_trust_access_application" {
  account_id = local.account_id
  name       = "test"
  type       = "self_hosted"

  destinations = [{
    cidr       = "10.10.10.10/32"
    port_range = "80"
  }]
}

Link to debug output

https://gist.github.com/PI-Victor/13c8b59afc382dd3a1d9b0dd776674d6

Panic output

No response

Expected output

I expect a private self hosted application with private ip to not have a mandatory public URL (domain field).
The public URL is required to be specified, even though, it is specified as optional in the plugin docs. It is also mandatory to be specified in the destinations.
This can be configured in the cloudflare dashboard without issues.

Image

Actual output

│ Error: failed to make http request
│
│   with cloudflare_zero_trust_access_application.example_zero_trust_access_application,
│   on application.tf line 1, in resource "cloudflare_zero_trust_access_application" "example_zero_trust_access_application":
│    1: resource "cloudflare_zero_trust_access_application" "example_zero_trust_access_application" {
│
│ POST "https://api.cloudflare.com/client/v4/accounts/ad3e1d4f151beb636e71f2e720c55940/access/apps": 400 Bad Request {
│   "result": null,
│   "success": false,
│   "errors": [
│     {
│       "code": 12130,
│       "message": "access.api.error.invalid_request: domain is invalid"
│     }
│   ],
│   "messages": []
│ }
│

Fails to create.

Steps to reproduce

use the above specified resource as an example.
terraform apply

Additional factoids

I've encountered this issue with the typescript library from cloudflare and i believe this is an API validation that did not get updated with the introduction of the new self hosted applications.

References

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.version/5Categorizes issue or PR as related to version 5 of the provider.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions