Provides a resource which customizes Cloudflare zone settings.
Note that some settings are only available on certain plans. Setting an argument for a feature that is not available on the plan configured for the zone will result in an error:
Error: invalid zone setting "\<argument\>" (value: \<value\>) found - cannot be set as it is read only
This is true even when setting the argument to its default value. These values
should either be omitted or set to null
for zones with plans that don't
support the feature. See the plan feature matrices for details on
feature support by plan.
resource "cloudflare_zone_settings_override" "test" {
zone_id = d41d8cd98f00b204e9800998ecf8427e
settings {
brotli = "on"
challenge_ttl = 2700
security_level = "high"
opportunistic_encryption = "on"
automatic_https_rewrites = "on"
mirage = "on"
waf = "on"
minify {
css = "on"
js = "off"
html = "off"
}
security_header {
enabled = true
}
}
}
zone_id
(String) The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.settings
(Block List, Max: 1) (see below for nested schema)id
(String) The ID of this resource.initial_settings
(List of Object) (see below for nested schema)initial_settings_read_at
(String)readonly_settings
(List of String)zone_status
(String)zone_type
(String)settings
Optional:
always_online
(String)always_use_https
(String)automatic_https_rewrites
(String)binary_ast
(String)brotli
(String)browser_cache_ttl
(Number)browser_check
(String)cache_level
(String)challenge_ttl
(Number)ciphers
(List of String)cname_flattening
(String)development_mode
(String)early_hints
(String)email_obfuscation
(String)filter_logs_to_cloudflare
(String)fonts
(String)h2_prioritization
(String)hotlink_protection
(String)http2
(String)http3
(String)image_resizing
(String)ip_geolocation
(String)ipv6
(String)log_to_cloudflare
(String)max_upload
(Number)min_tls_version
(String)minify
(Block List, Max: 1) (see below for nested schema)mirage
(String)mobile_redirect
(Block List, Max: 1) (see below for nested schema)opportunistic_encryption
(String)opportunistic_onion
(String)orange_to_orange
(String)origin_error_page_pass_thru
(String)origin_max_http_version
(String)polish
(String)prefetch_preload
(String)privacy_pass
(String)proxy_read_timeout
(String)pseudo_ipv4
(String)response_buffering
(String)rocket_loader
(String)security_header
(Block List, Max: 1) (see below for nested schema)security_level
(String)server_side_exclude
(String)sort_query_string_for_cache
(String)ssl
(String)tls_1_2_only
(String, Deprecated)tls_1_3
(String)tls_client_auth
(String)true_client_ip_header
(String)universal_ssl
(String)visitor_ip
(String)waf
(String)webp
(String)websockets
(String)zero_rtt
(String)settings.minify
Required:
css
(String)html
(String)js
(String)settings.mobile_redirect
Required:
mobile_subdomain
(String)status
(String)strip_uri
(Boolean)settings.security_header
Optional:
enabled
(Boolean)include_subdomains
(Boolean)max_age
(Number)nosniff
(Boolean)preload
(Boolean)initial_settings
Read-Only:
always_online
(String)always_use_https
(String)automatic_https_rewrites
(String)binary_ast
(String)brotli
(String)browser_cache_ttl
(Number)browser_check
(String)cache_level
(String)challenge_ttl
(Number)ciphers
(List of String)cname_flattening
(String)development_mode
(String)early_hints
(String)email_obfuscation
(String)filter_logs_to_cloudflare
(String)fonts
(String)h2_prioritization
(String)hotlink_protection
(String)http2
(String)http3
(String)image_resizing
(String)ip_geolocation
(String)ipv6
(String)log_to_cloudflare
(String)max_upload
(Number)min_tls_version
(String)minify
(List of Object) (see below for nested schema)mirage
(String)mobile_redirect
(List of Object) (see below for nested schema)opportunistic_encryption
(String)opportunistic_onion
(String)orange_to_orange
(String)origin_error_page_pass_thru
(String)origin_max_http_version
(String)polish
(String)prefetch_preload
(String)privacy_pass
(String)proxy_read_timeout
(String)pseudo_ipv4
(String)response_buffering
(String)rocket_loader
(String)security_header
(List of Object) (see below for nested schema)security_level
(String)server_side_exclude
(String)sort_query_string_for_cache
(String)ssl
(String)tls_1_2_only
(String)tls_1_3
(String)tls_client_auth
(String)true_client_ip_header
(String)universal_ssl
(String)visitor_ip
(String)waf
(String)webp
(String)websockets
(String)zero_rtt
(String)initial_settings.minify
Read-Only:
css
(String)html
(String)js
(String)initial_settings.mobile_redirect
Read-Only:
mobile_subdomain
(String)status
(String)strip_uri
(Boolean)initial_settings.security_header
Read-Only:
enabled
(Boolean)include_subdomains
(Boolean)max_age
(Number)nosniff
(Boolean)preload
(Boolean)