How Cloudflare uses Terraform to manage Cloudflare

Configuration management is crucial for organizations as they scale, and managing Cloudflare accounts can be challenging due to the numerous products and API endpoints. The use of Terraform can help manage complex Cloudflare configurations by providing a secure, auditable, and self-service way of updating system settings. By defining configuration in code using Terraform, developers and users can make changes without needing an administrator's approval. Using Atlantis as CI/CD for Terraform ensures that modifications to accounts are peer reviewed, each change is tied to a user and commit, and account configuration can be audited by anyone at the company. Storing tfstates in encrypted datastores and using daily Terraform applies helps prevent unintended config drift and rotate certificates when they approach expiration.