Skip to content

cloudflare_zero_trust_device_custom_profile_local_domain_fallback not allowing multiple DNS Server entries #5569

New issue
New issue
Closed
Closed
cloudflare_zero_trust_device_custom_profile_local_domain_fallback not allowing multiple DNS Server entries#5569
Labels
kind/bugCategorizes issue or PR as related to a bug.version/5Categorizes issue or PR as related to version 5 of the provider.
@pcanham

Description

@pcanham
pcanham
opened on May 12, 2025

Confirmation

  • This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
  • I have searched the issue tracker and my issue isn't already found.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

OpenTofu v1.9.1
on darwin_arm64

  • provider registry.opentofu.org/cloudflare/cloudflare v5.4.0
  • provider registry.opentofu.org/hashicorp/http v3.5.0
  • provider registry.opentofu.org/hashicorp/local v2.5.2
  • provider registry.opentofu.org/hashicorp/null v3.2.4
  • provider registry.opentofu.org/hashicorp/tls v4.1.0

Affected resource(s)

cloudflare_zero_trust_device_custom_profile_local_domain_fallback

Terraform configuration files

resource "cloudflare_zero_trust_device_custom_profile" "tavern" {
  account_id            = var.cloudflare_account_id
  name                  = "Tavern"
  description           = "TAVERN WARP settings managed via Terraform"
  precedence            = 3
  match                 = format("any(identity.groups.name[*] in {\"All Company\"}) or identity.email == \"non_identity@%s.cloudflareaccess.com\"", var.cloudflare_warp_tenant_name)
  enabled               = true
  allow_mode_switch     = true
  allow_updates         = true
  allowed_to_leave      = true
  auto_connect          = 0
  disable_auto_fallback = true
  switch_locked         = false
  service_mode_v2 = {
    mode = "warp"
  }
  exclude_office_ips = true
  tunnel_protocol    = "masque"
  exclude = [{
    address     = "10.0.0.1/32"
    description = "dummy exclude"
  }]
}

resource "cloudflare_zero_trust_device_custom_profile_local_domain_fallback" "tavern" {
  account_id = var.cloudflare_account_id
  policy_id  = cloudflare_zero_trust_device_custom_profile.tavern.id
  domains = [{
    suffix      = "localdomain"
    description = null
    dns_server  = ["127.0.0.1", "127.0.1.1"]
  }]
  depends_on = [cloudflare_zero_trust_device_custom_profile.tavern]
}

Link to debug output

https://gist.github.com/pcanham/3c1e7845a23c70f769ebd853d5164410

Panic output

No response

Expected output

Entry created no errors

Actual output

cloudflare_zero_trust_device_custom_profile.tavern: Creating...
cloudflare_zero_trust_device_custom_profile.tavern: Creation complete after 0s [id=fe7089cb-6098-4482-8f5c-95f6702acb94]
cloudflare_zero_trust_device_custom_profile_local_domain_fallback.tavern: Creating...

│ Warning: Resource Destruction Considerations

│ with cloudflare_zero_trust_device_custom_profile_local_domain_fallback.tavern,
│ on warp_device_profile_tavern.tofu line 25, in resource "cloudflare_zero_trust_device_custom_profile_local_domain_fallback" "tavern":
│ 25: resource "cloudflare_zero_trust_device_custom_profile_local_domain_fallback" "tavern" {

│ This resource cannot be destroyed from Terraform. If you create this resource, it will be present in the API until manually deleted.


│ Error: Provider returned invalid result object after apply

│ After the apply operation, the provider still indicated an unknown value for cloudflare_zero_trust_device_custom_profile_local_domain_fallback.tavern.description. All values must be known after apply, so this is always a bug in the provider and should be reported in the provider's own
│ repository. OpenTofu will still save the other known object values in the state.


│ Error: Provider returned invalid result object after apply

│ After the apply operation, the provider still indicated an unknown value for cloudflare_zero_trust_device_custom_profile_local_domain_fallback.tavern.dns_server. All values must be known after apply, so this is always a bug in the provider and should be reported in the provider's own repository.
│ OpenTofu will still save the other known object values in the state.


│ Error: Provider returned invalid result object after apply

│ After the apply operation, the provider still indicated an unknown value for cloudflare_zero_trust_device_custom_profile_local_domain_fallback.tavern.suffix. All values must be known after apply, so this is always a bug in the provider and should be reported in the provider's own repository.
│ OpenTofu will still save the other known object values in the state.

Steps to reproduce

  1. Create a custom zero trust profile
  2. Create domain fallback resource with one entry having more than one DNS Server IP

Additional factoids

No response

References

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.version/5Categorizes issue or PR as related to version 5 of the provider.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions