feat: add ruleset resources

examples/complete/main.tf

@@ -36,9 +36,6 @@ module "zone" {
         "WEU",
         "EEU"
       ]
-      notification_email_addresses = [
-        "hostmaster@cloudposse.com"
-      ]
       type                  = "TCP"
       port                  = "22"
       timeout               = 10
@@ -54,9 +51,6 @@ module "zone" {
         "WEU",
         "EEU"
       ]
-      notification_email_addresses = [
-        "hostmaster@cloudposse.com"
-      ]
       type                  = "HTTPS"
       port                  = "443"
       timeout               = 10

healthcheck.tf

@@ -28,8 +28,6 @@ resource "cloudflare_healthcheck" "default" {
   address                      = each.value.address
   suspended                    = lookup(each.value, "suspended", null) == null ? false : each.value.suspended
   check_regions                = lookup(each.value, "check_regions", null)
-  notification_suspended       = lookup(each.value, "notification_suspended", null) == null ? false : each.value.notification_suspended
-  notification_email_addresses = lookup(each.value, "notification_email_addresses", null)
   type                         = each.value.type
   port                         = lookup(each.value, "suspended", null) == null ? 80 : each.value.port
   timeout                      = lookup(each.value, "timeout", null) == null ? 5 : each.value.timeout

ruleset.tf

@@ -0,0 +1,97 @@
+locals {
+  rulesets = module.this.enabled && var.rulesets != null ? {
+    for rs in flatten(var.rulesets) :
+    rs.target => rs
+  } : {}
+}
+
+resource "cloudflare_page_rule" "default" {
+  for_each = local.rulesets
+
+  kind     = each.value.kind
+  name     = each.value.name
+  phase    = each.value.phase
+
+
+  account_id = lookup(each.value, "account_id", null)
+  zone_id = lookup(each.value, "zone_id", null)
+  description = lookup(each.value, "description", null)
+  shareable_entitlement_name = lookup(each.value, "shareable_entitlement_name", null)
+
+  dynamic "rules" {
+    for_each = each.value.rules
+
+    content {
+
+      expression = rules.value.expression
+
+      action = rules.value.action
+      description = rules.value.description
+      enabled = rules.value.enabled
+
+      dynamic "action_parameters" {
+        for_each = rules.value.action_parameters
+
+        content {
+          browser_ttl = action_parameters.value.browser_ttl
+          cache = action_parameters.value.cache
+          cache_key = action_parameters.value.cache_key
+          cookie_fields = action_parameters.value.cookie_fields
+          edge_ttl = action_parameters.value.edge_ttl
+          from_list = action_parameters.value.from_list
+          from_value = action_parameters.value.from_value
+          headers = action_parameters.value.headers
+          host_header = action_parameters.value.host_header
+          ip = action_parameters.value.ip
+          increment = action_parameters.value.increment
+          matched_data = action_parameters.value.matched_data
+          origin = action_parameters.value.origin
+          origin_error_page_passthru = action_parameters.value.origin_error_page_passthru
+          overrides = action_parameters.value.overrides
+          phases = action_parameters.value.phases
+          products = action_parameters.value.products
+          request_fields = action_parameters.value.request_fields
+          respect_strong_etags = action_parameters.value.respect_strong_etags
+          response = action_parameters.value.response
+          response_fields = action_parameters.value.response_fields
+          rulesets = action_parameters.value.rulesets
+          serve_stale = action_parameters.value.serve_stale
+          uri = action_parameters.value.uri
+          version = action_parameters.value.version
+        }
+      }
+
+
+      dynamic "exposed_credential_check" {
+        for_each = rules.value.exposed_credential_check
+
+        content {
+          password_expression = exposed_credential_check.value.password_expression
+          username_expression = exposed_credential_check.value.username_expression
+        }
+      }
+
+      dynamic "logging" {
+        for_each = rules.value.logging
+
+        content {
+          enabled = logging.value.enabled
+          status  = logging.value.status
+        }
+      }
+
+      dynamic "ratelimit" {
+        for_each = rules.value.ratelimit
+
+        content {
+          characteristics = ratelimit.value.characteristics
+          counting_expression = ratelimit.value.counting_expression
+          mitigation_timeout = ratelimit.value.mitigation_timeout
+          period = ratelimit.value.period
+          requests_per_period = ratelimit.value.requests_per_period
+          requests_to_origin = ratelimit.value.requests_to_origin
+        }
+      }
+    }
+  }
+}

variables.tf

@@ -23,9 +23,9 @@ variable "records" {
       The TTL of the record.
       Default value: 1.
     priority:
-      The priority of the record. 
+      The priority of the record.
     proxied:
-      Whether the record gets Cloudflare's origin protection. 
+      Whether the record gets Cloudflare's origin protection.
       Default value: false.
   DOC
 }
@@ -86,7 +86,7 @@ variable "healthchecks" {
   type        = list(any)
   default     = null
   description = <<-DOC
-  A list of maps of Health Checks rules. 
+  A list of maps of Health Checks rules.
   The values of map is fully compliant with `cloudflare_healthcheck` resource.
   To get more info see https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/healthcheck
   DOC
@@ -105,14 +105,14 @@ variable "firewall_rules" {
     ref:
       Short reference tag to quickly select related rules.
     action:
-      The action to apply to a matched request. 
+      The action to apply to a matched request.
       Possible values: `block`, `challenge`, `allow`, `js_challenge`, `bypass`.
     priority:
-      The priority of the rule to allow control of processing order. 
+      The priority of the rule to allow control of processing order.
       A lower number indicates high priority.
       If not provided, any rules with a priority will be sequenced before those without.
     products:
-      List of products to bypass for a request when the bypass action is used. 
+      List of products to bypass for a request when the bypass action is used.
       Possible values: `zoneLockdown`, `uaBlock`, `bic`, `hot`, `securityLevel`, `rateLimit`, `waf`.
   DOC
 }
@@ -121,8 +121,13 @@ variable "page_rules" {
   type        = list(any)
   default     = null
   description = <<-DOC
-  A list of maps of Page Rules. 
+  A list of maps of Page Rules.
   The values of map is fully compliant with `cloudflare_page_rule` resource.
   To get more info see https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/cloudflare_page_rule
   DOC
 }
+
+variable "rulesets" {
+  type    = list(any)
+  default = null
+}