How to use cloudflare_zones module in terraform to dynamically populate field

Question

Fairly straightforward quest but I cannot seem to find the answer that I need anywhere.

The below is what I am using right now that works, but is not exactly what I want. Notice how I have the first part commented out, the key thing here is I have a variable in another file with a zone_id field which is hard-coded. I'd like to make it so I no longer have to do this; however this Terraform file does work:

# data "cloudflare_zones" "zones" {
#  for_each = local.healthchecks
#  filter {
#    account_id  = "12345678912345678912345678912345"   
#    name        = each.value.address
#  }
#}

resource "cloudflare_healthcheck" "http_health_check" {
  for_each = local.healthchecks

  name                  = each.value.name
  address               = each.value.address
  zone_id               = each.value.zone_id
  path                  = each.value.path
  check_regions         = ["ENAM", "WNAM"]
  type                  = "HTTP"
  port                  = 80
  method                = "GET"
  expected_codes        = ["2xx", "3xx"]

What I would like to do is something like this:

data "cloudflare_zones" "zones" {
  for_each = local.healthchecks
  filter {
    account_id  = "12345678912345678912345678912345"
    name        = each.value.address
  }
}

resource "cloudflare_healthcheck" "http_health_check" {
  for_each = local.healthchecks

  name                  = each.value.name
  address               = each.value.address
  zone_id               = data.cloudflare_zones.zones[each.key].id
  path                  = each.value.path
  check_regions         = ["ENAM", "WNAM"]
  type                  = "HTTP"
  port                  = 80
  method                = "GET"
  expected_codes        = ["2xx", "3xx"]

The key change in the above config that I would like to be able to use is the line data.cloudflare_zones.zones[each.key].id is trying to pull data from the now uncommented top block. However, I cannot get this to work; I continue to get errors that look like this:

│ Error: error creating standalone healthcheck: Authentication error (10000)
│ 
│   with module.http_health_check.cloudflare_healthcheck.http_health_check["http-health-abc-xyz"],
│   on ../../modules/cloudflare_healthcheck/main.tf line 28, in resource "cloudflare_healthcheck" "http_health_check":
│   28: resource "cloudflare_healthcheck" "http_health_check" {

I've tried different combination of trying to get this zones.id element to show right. Does anyone know what format I need to be using, or any references for this problem?

It would be helpful for me to know if this page is the equivalent API endpoint for what I am using in my config. Any ideas?

EDIT: Here is what that healthchecks variable looks like.

locals {
    check_prefix = "http_health_check"
}

locals {
  healthchecks = {
    "http-health-check-abc-xyz" = {
      name                  = "${local.check_prefix}-abc-xyz"
      address               = "abc.xyz.com"
      zone_id               = "12345678912345678912345679123495"
      path                  = "/"
    }
    "http-health-check-def-ghi-biz" = {
      name                  = "${local.check_prefix}-def-ghi-biz"
      address               = "def.ghi.biz"
      zone_id               = "12345678912345678912345679123495"
      path                  = "/"
    }
    ...more entries like this...

EDIT2: includes the debug var structure

debugging_var = {
  "http-health-check-foo-bar" = {
    "filter" = tolist([
      {
        "account_id" = "1234567891234567891234567"
        "lookup_type" = "exact"
        "match" = ""
        "name" = "foo.bar.com"
        "paused" = false
        "status" = ""
      },
    ])
    "id" = "a16a661ad719117992719292779919121688172"
    "zones" = tolist([])
  }
  "http-health-check-foo-bar-biz" = {
    "filter" = tolist([
      {
        "account_id" = "1234567891234567891234567"
        "lookup_type" = "exact"
        "match" = ""
        "name" = "foo.bar.biz"
        "paused" = false
        "status" = ""
      },
    ])
    "id" = "a16a661ad719117992719292779919121688172"
    "zones" = tolist([])
  }
  ...more stuff like this...
}

Please share definition of var.healthchecks. The error you are seeing above is obvious. That object does not have "result" attribute. Check documentation for list of attributes available. https://registry.terraform.io/providers/cloudflare/cloudflare/3.26.0/docs/data-sources/zones You probably need to write it as: data.cloudflare_zones.zones[each.key].id, but that depends on the definition of var.healthchecks. — Technowise, Jul 01 '23 at 03:34
@Technowise - I added what my healthchecks var looks like at the end of my post. — AsapHogFtw, Jul 01 '23 at 15:56
@Technowise - I just edited the original post a little to make it more conform with documentation. I am still getting errors but they are a bit different. It looks like auth errors, but I can confirm the top block of code still runs the changes flawlessly. The second block where I try to get the `zone_id` from the data source still fails, but I know that the key I am using works since it is making the changes when I use the "hardcoded" zone_id values. I still think this has something to do with how I am calling it, but I can't debug the structure of the object to find out how to index it... — AsapHogFtw, Jul 01 '23 at 17:20
Does your cloudflare provider have access to that Cloudflare zone? You're getting auth errors because your data source is attempting to read data from this account id. — alex067, Jul 01 '23 at 17:21
@alex067 - it does have access; I am able to create the healthchecks and notifications in all of the zones I am using here whenever they are hardcoded in, but when I try to pull them dynamically using `cloudflare_zones` data source I get the auth error. The problem I think is that I don't know what the object looks like, so I don't even know if I am referencing it correctly. And since it is a third party provider, the documentation is more sparse; also it is harder to debug the object when I am working with this all in a module. — AsapHogFtw, Jul 01 '23 at 17:27
Are you able to run your module with just the data source in there (comment everything out), and using an output to see what you get returned? — alex067, Jul 01 '23 at 17:29
@alex067 - I was finally able to get it to debug, but now I am even more confused... Every single entry I have has the exact same value inside of the `id` field. And when I look in Cloudflare, the id that I am seeing repeating doesn't match any of the zone id's that I am trying to receive. Also the `zones` field/list is empty in each one.. So in a way I have my answer, it is not working because it is not returning the information that I want or that I thought it was going to give me. I thought it was going to return the zone id, but it is not... (Added to the end of my post) — AsapHogFtw, Jul 01 '23 at 18:11
I am seeing different results now - it appears including any subdomains inside of the `name` parameter in filters will throw it off. — AsapHogFtw, Jul 01 '23 at 18:48

How to use cloudflare_zones module in terraform to dynamically populate field

0 Answers0