Domain (Cloudflare)
May 6, 2026 · View on GitHub
Cloudflare Setup for a new SaaS Startup
Includes:
- Cloudflare Zone
- Cloudflare SSL Encryption
- Cloudflare for Teams
- Gmail MX Records
- AWS SES
Usage
locals {
subdomains = [
{
name = "@"
value = "longtld.elb.us-west-2.amazonaws.com"
type = "CNAME"
proxied = true
},
{
name = "app"
value = "longtlkd.elb.us-west-2.amazonaws.com"
type = "CNAME"
proxied = true
}
]
}
module "parking" {
source = "github.com/opszero/terraform-cloudflare-domain"
domain = "example.com"
records = local.subdomains
}
Deployment
terraform init
terraform plan
terraform apply -auto-approve
Teardown
terraform destroy -auto-approve
Providers
| Name | Version |
|---|---|
| aws | n/a |
| cloudflare | n/a |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access | List of access applications | list | [] | no |
| account_id | Cloudflare account id | any | n/a | yes |
| aws_ses_enabled | Create AWS SES resources | bool | false | no |
| domain | domain for the webapp | any | n/a | yes |
| google_email_enabled | Enable Google MX Records | bool | true | no |
| records | List of DNS records | list | [] | no |
| ssl_forced | Force SSL on Domains | bool | true | no |
Resources
| Name | Type |
|---|---|
| aws_ses_domain_dkim.dkim | resource |
| aws_ses_domain_identity.ses | resource |
| cloudflare_access_application.access | resource |
| cloudflare_access_policy.support_policy | resource |
| cloudflare_page_rule.ssl | resource |
| cloudflare_record.dkim | resource |
| cloudflare_record.mx | resource |
| cloudflare_record.records | resource |
| cloudflare_record.ses | resource |
| cloudflare_record.spf | resource |
| cloudflare_zone.site | resource |
Outputs
No outputs.
🚀 Built by opsZero!
opsZero provides software and consulting for DevOps. With our decade plus of experience scaling some of the world’s most innovative companies we have developed deep expertise in Kubernetes, DevOps, FinOps, and Compliance.
Our software and consulting solutions enable organizations to:
- migrate workloads to the Cloud
- setup compliance frameworks including SOC2, HIPAA, PCI-DSS, ITAR, FedRamp, CMMC, and more.
- FinOps solutions to reduce the cost of running Cloud workloads
- Kubernetes optimized for web scale and AI workloads
- finding underutilized Cloud resources
- setting up custom AI training and delivery
- building data integrations and scrapers
- modernizing onto modern ARM based processors
We do this with a high-touch support model where you:
- Get access to us on Slack, Microsoft Teams or Email
- Get 24/7 coverage of your infrastructure
- Get an accelerated migration to Kubernetes
Please schedule a call if you need support.
