Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ZT] Import ZT org into Terraform #19985

Merged
merged 4 commits into from
Feb 20, 2025
+82 −10
Merged

[ZT] Import ZT org into Terraform #19985

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
591bb82
Import ZT org into Terraform
ranbel Feb 14, 2025
133f744
add min version
ranbel Feb 14, 2025
0de2c66
specify TF version
ranbel Feb 14, 2025
3eb759c
Update create-zero-trust-org.mdx
ranbel Feb 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 46 additions & 2 deletions src/content/partials/learning-paths/zero-trust/create-zero-trust-org.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,52 @@

---

import { Render } from "~/components"
import { Render, Tabs, TabItem} from "~/components"

To set up a Zero Trust organization:
To start using Zero Trust features, create a Zero Trust organization in your Cloudflare account.

## Sign up for Zero Trust

To create a Zero Trust organization:

<Render file="choose-team-name" product="cloudflare-one" />

## (Optional) Manage Zero Trust in Terraform

You can use the [Cloudflare Terraform provider](https://registry.terraform.io/providers/cloudflare/cloudflare/4.40.0) to manage your Zero Trust organization alongside your other IT infrastructure. To get started with Terraform, refer to our [Terraform tutorial series](/terraform/tutorial/).

Zero Trust organizations cannot be created through Terraform. You must [sign up for Zero Trust](#sign-up-for-zero-trust) on the Cloudflare dashboard and then import the resource into your [Terraform configuration](/terraform/).

To import your Zero Trust organization:

<Tabs> <TabItem label="Terraform (v4)">

1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/4.40.0/docs/resources/api_token):
- `Access: Organizations, Identity Providers, and Groups Write`

2. Add the [`cloudflare_zero_trust_access_organization`](https://registry.terraform.io/providers/cloudflare/cloudflare/4.40.0/docs/resources/zero_trust_access_organization) resource:

```terraform
resource "cloudflare_zero_trust_access_organization" "<your-team-name>" {
account_id = var.cloudflare_account_id
name = "<your-team-name>"
auth_domain = "<your-team-name>.cloudflareaccess.com"
}
```
Replace `<your-team-name` with the Zero Trust organization name selected during [onboarding](#sign-up-for-zero-trust). You can also view your team name on [Zero Trust](https://one.dash.cloudflare.com) under **Settings** > **Custom Pages**.

3. In a terminal, run:

```sh
terraform import cloudflare_zero_trust_access_organization.<your-team-name> <cloudflare_account_id>`
```

</TabItem>

</Tabs>

You can now update the Zero Trust organization using Terraform.

:::tip
If you plan to manage all Zero Trust settings in Terraform, set the dashboard to [API/Terraform read-only mode](/cloudflare-one/api-terraform/#set-dashboard-to-read-only).
:::
Loading