Cloudflare API token permissions for cloudflare_rate_limit Terraform resource

Hello,

I am migrating my infrastructure repositories away from global API key to API token. I have identified some permissions I need and I am using “cloudflare_api_token_permission_groups” data object to translate these names to IDs as seen in example here: xhttps://registry.terraform.io/providers/Cloudflare/Cloudflare/latest/docs/resources/api_token#example-usage

Creating DNS entries, purging cache and zone settings override were easy to indentify, but I stuck on this resource: xhttps://registry.terraform.io/providers/Cloudflare/Cloudflare/latest/docs/resources/rate_limit I have tried to add these permissions:

    data.cloudflare_api_token_permission_groups.all.permissions["Zone WAF Read"],
    data.cloudflare_api_token_permission_groups.all.permissions["Zone WAF Write"],
    data.cloudflare_api_token_permission_groups.all.permissions["Zone Write"],
    data.cloudflare_api_token_permission_groups.all.permissions["Account WAF Read"],
    data.cloudflare_api_token_permission_groups.all.permissions["Account WAF Write"],

But I still get Error 10000. As in xhttps://developers.Cloudflare.com/api/tokens/create/permissions/ there is no “rate limit” permission I have headed to dashboards and found the existing rate limit rule under WAF, so I tried to add these WAF permissions, but it did not help.

Also, xhttps://api.Cloudflare.com/#rate-limits-for-a-zone-list-rate-limits was not really helpful, it shows example with API key, but I can’t really found binding between API methods and permissions anywhere.

Can anybody help me figure out which permission my token needs? Or is it documented somewhere and I wasn’t able to find it? Thanks for help