Skip to content
Cloudflare Docs

Transform Rules configuration using Terraform

This page provides examples of creating Transform Rules in a zone using Terraform. The examples cover the following scenarios:

If you are using the Cloudflare API, refer to the following resources:

Before you start

Obtain the necessary account or zone IDs

The Terraform configurations provided in this page need the zone ID (or account ID) of the zone/account where you will deploy rulesets.

  • To retrieve the list of accounts you have access to, including their IDs, use the List accounts operation.
  • To retrieve the list of zones you have access to, including their IDs, use the List zones operation.

Import or delete existing rulesets

Terraform assumes that it has complete control over account and zone rulesets. If you already have rulesets configured in your account or zone, do one of the following:

  • Import existing rulesets to Terraform using the cf-terraforming tool. Recent versions of the tool can generate resource definitions for existing rulesets and import their configuration to Terraform state.
  • Start from scratch by deleting existing rulesets (account and zone rulesets with "kind": "root" and "kind": "zone", respectively) and then defining your rulesets configuration in Terraform.

Create a URL rewrite rule

The following example creates a URL rewrite rule that rewrites requests for example.com/old-folder to example.com/new-folder:

resource "cloudflare_ruleset" "transform_url_rewrite" {
  zone_id     = "<ZONE_ID>"
  name        = "Transform Rule performing a static URL rewrite"
  description = ""
  kind        = "zone"
  phase       = "http_request_transform"


  rules {
    ref         = "url_rewrite_old_folder"
    description = "Example URL rewrite rule"
    expression  = "(http.host eq \"example.com\" and http.request.uri.path eq \"/old-folder\")"
    action      = "rewrite"
    action_parameters {
      uri {
        path {
          value = "/new-folder"
        }
      }
    }
  }
}

To create another URL rewrite rule, add a new rules object to the same cloudflare_ruleset resource.


For more information on rewriting URLs, refer to URL Rewrite Rules.

Create a request header transform rule

The following configuration example performs the following adjustments to HTTP request headers:

  • Adds a my-header-1 header to the request with a static value.
  • Adds a my-header-2 header to the request with a dynamic value defined by an expression.
  • Deletes the existing-header header from the request, if it exists.
resource "cloudflare_ruleset" "transform_modify_request_headers" {
  zone_id     = "<ZONE_ID>"
  name        = "Transform Rule performing HTTP request header modifications"
  description = ""
  kind        = "zone"
  phase       = "http_request_late_transform"


  rules {
    ref         = "modify_request_headers"
    description = "Example request header transform rule"
    expression  = "true"
    action      = "rewrite"
    action_parameters {
      headers {
        name      = "my-header-1"
        operation = "set"
        value     = "Fixed value"
      }
      headers {
        name       = "my-header-2"
        operation  = "set"
        expression = "cf.zone.name"
      }
      headers {
        name      = "existing-header"
        operation = "remove"
      }
    }
  }
}

To create another request header transform rule, add a new rules object to the same cloudflare_ruleset resource.


For more information on modifying request headers, refer to Request Header Transform Rules.

Create a response header transform rule

The following configuration example performs the following adjustments to HTTP response headers:

  • Adds a my-header-1 header to the response with a static value.
  • Adds a my-header-2 header to the response with a dynamic value defined by an expression.
  • Deletes the existing-header header from the response, if it exists.
resource "cloudflare_ruleset" "transform_modify_response_headers" {
  zone_id     = "<ZONE_ID>"
  name        = "Transform Rule performing HTTP response header modifications"
  description = ""
  kind        = "zone"
  phase       = "http_response_headers_transform"


  rules {
    ref         = "modify_response_headers"
    description = "Example response header transform rule"
    expression  = "true"
    action      = "rewrite"
    action_parameters {
      headers {
        name      = "my-header-1"
        operation = "set"
        value     = "Fixed value"
      }
      headers {
        name       = "my-header-2"
        operation  = "set"
        expression = "cf.zone.name"
      }
      headers {
        name      = "existing-header"
        operation = "remove"
      }
    }
  }
}

To create another response header transform rule, add a new rules object to the same cloudflare_ruleset resource.


For more information on modifying response headers, refer to Response Header Transform Rules.

Configure Managed Transforms

Use the cloudflare_managed_headers Terraform resource to configure Managed Transforms. For example:

resource "cloudflare_managed_headers" "tf_example" {
  zone_id = "<ZONE_ID>"


  managed_request_headers {
    id      = "add_visitor_location_headers"
    enabled = true
  }


  managed_response_headers {
    id      = "remove_x-powered-by_header"
    enabled = true
  }
}

Make sure you include the Managed Transforms you are updating in the correct object (managed_request_headers or managed_response_headers).

For more information on Managed Transforms, refer to Managed Transforms.

Morty Proxy This is a proxified and sanitized view of the page, visit original site.