Add support for body_scanning to cloudflare_teams_account

.changelog/2887.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_teams_account: add support for `body_scanning` config
+```

examples/resources/cloudflare_teams_account/resource.tf

@@ -10,6 +10,10 @@ resource "cloudflare_teams_account" "example" {
     background_color = "#000000"
   }
 
+  body_scanning {
+    inspection_mode = "deep"
+  }
+
   antivirus {
     enabled_download_phase = true
     enabled_upload_phase   = false

internal/sdkv2provider/resource_cloudflare_access_policy_test.go

@@ -993,6 +993,9 @@ func testAccessPolicyIsolationRequiredConfig(resourceID, zone, accountID string)
 		  mailto_subject = "hello"
 		  mailto_address = "[email protected]"
 		}
+		body_scanning {
+		  inspection_mode = "deep"
+		}
 		fips {
 		  tls = true
 		}

internal/sdkv2provider/resource_cloudflare_teams_accounts.go

@@ -52,6 +52,12 @@ func resourceCloudflareTeamsAccountRead(ctx context.Context, d *schema.ResourceD
 		}
 	}
 
+	if configuration.Settings.BodyScanning != nil {
+		if err := d.Set("body_scanning", flattenBodyScanningConfig(configuration.Settings.BodyScanning)); err != nil {
+			return diag.FromErr(fmt.Errorf("error parsing account body scanning config: %w", err))
+		}
+	}
+
 	if configuration.Settings.Antivirus != nil {
 		if err := d.Set("antivirus", flattenAntivirusConfig(configuration.Settings.Antivirus)); err != nil {
 			return diag.FromErr(fmt.Errorf("error parsing account antivirus config: %w", err))
@@ -140,6 +146,7 @@ func resourceCloudflareTeamsAccountUpdate(ctx context.Context, d *schema.Resourc
 	client := meta.(*cloudflare.API)
 	accountID := d.Get(consts.AccountIDSchemaKey).(string)
 	blockPageConfig := inflateBlockPageConfig(d.Get("block_page"))
+	bodyScanningConfig := inflateBodyScanningConfig(d.Get("body_scanning"))
 	fipsConfig := inflateFIPSConfig(d.Get("fips"))
 	antivirusConfig := inflateAntivirusConfig(d.Get("antivirus"))
 	loggingConfig := inflateLoggingSettings(d.Get("logging"))
@@ -148,9 +155,10 @@ func resourceCloudflareTeamsAccountUpdate(ctx context.Context, d *schema.Resourc
 	sshSessionLogSettings := inflateSSHSessionLogSettings(d.Get("ssh_session_log"))
 	updatedTeamsAccount := cloudflare.TeamsConfiguration{
 		Settings: cloudflare.TeamsAccountSettings{
-			Antivirus: antivirusConfig,
-			BlockPage: blockPageConfig,
-			FIPS:      fipsConfig,
+			Antivirus:    antivirusConfig,
+			BlockPage:    blockPageConfig,
+			FIPS:         fipsConfig,
+			BodyScanning: bodyScanningConfig,
 		},
 	}
 
@@ -275,6 +283,24 @@ func inflateBlockPageConfig(blockPage interface{}) *cloudflare.TeamsBlockPage {
 	}
 }
 
+func flattenBodyScanningConfig(bodyScanningConfig *cloudflare.TeamsBodyScanning) []interface{} {
+	return []interface{}{map[string]interface{}{
+		"inspection_mode": bodyScanningConfig.InspectionMode,
+	}}
+}
+
+func inflateBodyScanningConfig(bodyScanning interface{}) *cloudflare.TeamsBodyScanning {
+	bodyScanningList := bodyScanning.([]interface{})
+	if len(bodyScanningList) != 1 {
+		return nil
+	}
+
+	bodyScanningMap := bodyScanningList[0].(map[string]interface{})
+	return &cloudflare.TeamsBodyScanning{
+		InspectionMode: bodyScanningMap["inspection_mode"].(string),
+	}
+}
+
 func flattenAntivirusConfig(antivirusConfig *cloudflare.TeamsAntivirus) []interface{} {
 	return []interface{}{map[string]interface{}{
 		"enabled_download_phase": antivirusConfig.EnabledDownloadPhase,

internal/sdkv2provider/resource_cloudflare_teams_accounts_test.go

@@ -42,6 +42,7 @@ func TestAccCloudflareTeamsAccounts_ConfigurationBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "block_page.0.mailto_address", "[email protected]"),
 					resource.TestCheckResourceAttr(name, "block_page.0.background_color", "#000000"),
 					resource.TestCheckResourceAttr(name, "block_page.0.logo_path", "https://example.com"),
+					resource.TestCheckResourceAttr(name, "body_scanning.0.inspection_mode", "deep"),
 					resource.TestCheckResourceAttr(name, "logging.0.redact_pii", "true"),
 					resource.TestCheckResourceAttr(name, "logging.0.settings_by_rule_type.0.dns.0.log_all", "false"),
 					resource.TestCheckResourceAttr(name, "logging.0.settings_by_rule_type.0.dns.0.log_blocks", "true"),
@@ -80,6 +81,9 @@ resource "cloudflare_teams_account" "%[1]s" {
 	mailto_subject = "hello"
 	mailto_address = "[email protected]"
   }
+  body_scanning {
+    inspection_mode = "deep"
+  }
   fips {
     tls = true
   }

internal/sdkv2provider/schema_cloudflare_teams_accounts.go

@@ -1,8 +1,11 @@
 package sdkv2provider
 
 import (
+	"fmt"
+
 	"github.com/cloudflare/terraform-provider-cloudflare/internal/consts"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 )
 
 func resourceCloudflareTeamsAccountSchema() map[string]*schema.Schema {
@@ -21,6 +24,15 @@ func resourceCloudflareTeamsAccountSchema() map[string]*schema.Schema {
 				Schema: blockPageSchema,
 			},
 		},
+		"body_scanning": {
+			Type:        schema.TypeList,
+			MaxItems:    1,
+			Optional:    true,
+			Description: "Configuration for body scanning.",
+			Elem: &schema.Resource{
+				Schema: bodyScanningSchema,
+			},
+		},
 		"fips": {
 			Type:     schema.TypeList,
 			MaxItems: 1,
@@ -155,6 +167,19 @@ var blockPageSchema = map[string]*schema.Schema{
 	},
 }
 
+var inspectionModeOptions = []string{"deep", "shallow"}
+var bodyScanningSchema = map[string]*schema.Schema{
+	"inspection_mode": {
+		Type:         schema.TypeString,
+		Required:     true,
+		ValidateFunc: validation.StringInSlice(inspectionModeOptions, false),
+		Description: fmt.Sprintf(
+			"Body scanning inspection mode. %s",
+			renderAvailableDocumentationValuesStringSlice(inspectionModeOptions),
+		),
+	},
+}
+
 var antivirusSchema = map[string]*schema.Schema{
 	"enabled_download_phase": {
 		Type:        schema.TypeBool,