diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt
index d8fde7e83..20c409a66 100644
--- a/.github/actions/spelling/expect.txt
+++ b/.github/actions/spelling/expect.txt
@@ -10,6 +10,7 @@ bytematchstatement
 cavium
 cdn
 certificatechains
+cloudflare
 Clusterwide
 cmek
 cnames
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index fbaf5bc10..4c71b0a0a 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -253,6 +253,17 @@ updates:
           - patch
   - package-ecosystem: gomod
     directory: /providers/ansible/
+    schedule:
+      interval: weekly
+    groups:
+      gomodupdates:
+        patterns:
+          - "*"
+        update-types:
+          - minor
+          - patch
+  - package-ecosystem: gomod
+    directory: /providers/cloudflare/
     schedule:
       interval: weekly
     groups:
diff --git a/Makefile b/Makefile
index 2266fe9e0..ff3eadc87 100644
--- a/Makefile
+++ b/Makefile
@@ -212,7 +212,8 @@ providers/build: \
 	providers/build/shodan \
 	providers/build/ansible \
 	providers/build/snowflake \
-	providers/build/mondoo
+	providers/build/mondoo \
+	providers/build/cloudflare
 
 .PHONY: providers/install
 # Note we need \ to escape the target line into multiple lines
@@ -280,6 +281,11 @@ providers/build/github: providers/lr
 providers/install/github:
 	@$(call installProvider, providers/github)
 
+providers/build/cloudflare: providers/lr
+	@$(call buildProvider, providers/cloudflare)
+providers/install/cloudflare:
+	@$(call installProvider, providers/cloudflare)
+
 providers/build/gitlab: providers/lr
 	@$(call buildProvider, providers/gitlab)
 providers/install/gitlab:
diff --git a/providers/cloudflare/config/config.go b/providers/cloudflare/config/config.go
new file mode 100644
index 000000000..fb04b439c
--- /dev/null
+++ b/providers/cloudflare/config/config.go
@@ -0,0 +1,30 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package config
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/provider"
+)
+
+var Config = plugin.Provider{
+	Name:            "cloudflare",
+	ID:              "go.mondoo.com/cnquery/v11/providers/cloudflare",
+	Version:         "11.0.0",
+	ConnectionTypes: []string{provider.DefaultConnectionType},
+	Connectors: []plugin.Connector{
+		{
+			Name:  "cloudflare",
+			Use:   "cloudflare",
+			Short: "Cloudflare provider",
+			Discovery: []string{
+				connection.DiscoveryAll,
+				connection.DiscoveryAuto,
+				connection.DiscoveryZones,
+				connection.DiscoveryAccounts,
+			},
+			Flags: []plugin.Flag{},
+		},
+	},
+}
diff --git a/providers/cloudflare/connection/connection.go b/providers/cloudflare/connection/connection.go
new file mode 100644
index 000000000..32f0facaa
--- /dev/null
+++ b/providers/cloudflare/connection/connection.go
@@ -0,0 +1,57 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package connection
+
+import (
+	"errors"
+	"os"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+)
+
+const (
+	OPTION_API_TOKEN = "api-token"
+)
+
+type CloudflareConnection struct {
+	plugin.Connection
+	Conf  *inventory.Config
+	asset *inventory.Asset
+
+	Cf *cloudflare.API
+}
+
+func NewCloudflareConnection(id uint32, asset *inventory.Asset, conf *inventory.Config) (*CloudflareConnection, error) {
+	conn := &CloudflareConnection{
+		Connection: plugin.NewConnection(id, asset),
+		Conf:       conf,
+		asset:      asset,
+	}
+
+	// initialize your connection here
+	token := conf.Options[OPTION_API_TOKEN]
+	if token == "" {
+		token = os.Getenv("CLOUDFLARE_TOKEN")
+		if token == "" {
+			return nil, errors.New("API Token is required")
+		}
+	}
+
+	api, err := cloudflare.NewWithAPIToken(token)
+	if err != nil {
+		return nil, err
+	}
+	conn.Cf = api
+
+	return conn, nil
+}
+
+func (c *CloudflareConnection) Name() string {
+	return "cloudflare"
+}
+
+func (c *CloudflareConnection) Asset() *inventory.Asset {
+	return c.asset
+}
diff --git a/providers/cloudflare/connection/platform.go b/providers/cloudflare/connection/platform.go
new file mode 100644
index 000000000..8608a627b
--- /dev/null
+++ b/providers/cloudflare/connection/platform.go
@@ -0,0 +1,65 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package connection
+
+import (
+	"errors"
+
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+)
+
+const (
+	DiscoveryAll      = "all"
+	DiscoveryAuto     = "auto"
+	DiscoveryZones    = "zones"
+	DiscoveryAccounts = "accounts"
+	// DiscoveryWorkers = "workers"
+)
+
+var CloudflareZonePlatform = inventory.Platform{
+	Name:    "cloudflare-zone",
+	Title:   "Cloudflare Zone",
+	Family:  []string{"cloudflare"},
+	Kind:    "api",
+	Runtime: "cloudflare",
+}
+
+var CloudflareAccountPlatform = inventory.Platform{
+	Name:    "cloudflare-account",
+	Title:   "Cloudflare Account",
+	Family:  []string{"cloudflare"},
+	Kind:    "api",
+	Runtime: "cloudflare",
+}
+
+func (c *CloudflareConnection) PlatformInfo() (*inventory.Platform, error) {
+	conf := c.asset.Connections[0]
+	if zoneName := conf.Options["zone"]; zoneName != "" {
+		return NewCloudflareZonePlatform(zoneName), nil
+	}
+	if accountName := conf.Options["account"]; accountName != "" {
+		return NewCloudflareAccountPlatform(accountName), nil
+	}
+
+	return nil, errors.New("could not detect Cloudflare asset type")
+}
+
+func NewCloudflareZonePlatform(zoneId string) *inventory.Platform {
+	pf := CloudflareZonePlatform
+	pf.TechnologyUrlSegments = []string{"saas", "cloudflare", "zone", zoneId}
+	return &pf
+}
+
+func NewCloudflareAccountPlatform(accountId string) *inventory.Platform {
+	pf := CloudflareAccountPlatform
+	pf.TechnologyUrlSegments = []string{"saas", "cloudflare", "account", accountId}
+	return &pf
+}
+
+func NewCloudflareZoneIdentifier(zoneId string) string {
+	return "//platformid.api.mondoo.app/runtime/cloudflare/zone/" + zoneId
+}
+
+func NewCloudflareAccountIdentifier(accountId string) string {
+	return "//platformid.api.mondoo.app/runtime/cloudflare/account/" + accountId
+}
diff --git a/providers/cloudflare/gen/main.go b/providers/cloudflare/gen/main.go
new file mode 100644
index 000000000..09faae75b
--- /dev/null
+++ b/providers/cloudflare/gen/main.go
@@ -0,0 +1,12 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package main
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin/gen"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/config"
+)
+
+func main() {
+	gen.CLI(&config.Config)
+}
diff --git a/providers/cloudflare/go.mod b/providers/cloudflare/go.mod
new file mode 100644
index 000000000..17f256916
--- /dev/null
+++ b/providers/cloudflare/go.mod
@@ -0,0 +1,146 @@
+module go.mondoo.com/cnquery/v11/providers/cloudflare
+
+go 1.23.0
+
+require (
+	github.com/cloudflare/cloudflare-go v0.104.0
+	go.mondoo.com/cnquery/v11 v11.22.0
+)
+
+require (
+	cloud.google.com/go v0.115.1 // indirect
+	cloud.google.com/go/auth v0.9.4 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
+	cloud.google.com/go/compute/metadata v0.5.1 // indirect
+	cloud.google.com/go/iam v1.2.1 // indirect
+	cloud.google.com/go/kms v1.19.1 // indirect
+	cloud.google.com/go/longrunning v0.6.1 // indirect
+	cloud.google.com/go/secretmanager v1.14.1 // indirect
+	cloud.google.com/go/storage v1.43.0 // indirect
+	dario.cat/mergo v1.0.1 // indirect
+	github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
+	github.com/99designs/keyring v1.2.2 // indirect
+	github.com/GoogleCloudPlatform/berglas v1.0.3 // indirect
+	github.com/Masterminds/semver v1.5.0 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProtonMail/go-crypto v1.0.0 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.30.5 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.27.33 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.32 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect
+	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.8 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssm v1.52.8 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 // indirect
+	github.com/aws/smithy-go v1.20.4 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cloudflare/circl v1.4.0 // indirect
+	github.com/cockroachdb/errors v1.11.3 // indirect
+	github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b // indirect
+	github.com/cockroachdb/redact v1.1.5 // indirect
+	github.com/cyphar/filepath-securejoin v0.3.2 // indirect
+	github.com/danieljoos/wincred v1.2.2 // indirect
+	github.com/dvsekhvalnov/jose2go v1.7.0 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/fatih/color v1.17.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/getsentry/sentry-go v0.29.0 // indirect
+	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
+	github.com/go-git/go-billy/v5 v5.5.0 // indirect
+	github.com/go-git/go-git/v5 v5.12.0 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.4 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
+	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
+	github.com/gofrs/uuid v4.4.0+incompatible // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/google/s2a-go v0.1.8 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
+	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
+	github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-hclog v1.6.3 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-plugin v1.6.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hashicorp/vault/api v1.15.0 // indirect
+	github.com/hashicorp/yamux v0.1.1 // indirect
+	github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f // indirect
+	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/kevinburke/ssh_config v1.2.0 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/mtibben/percent v0.2.1 // indirect
+	github.com/muesli/termenv v0.15.2 // indirect
+	github.com/oklog/run v1.1.0 // indirect
+	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/rogpeppe/go-internal v1.12.0 // indirect
+	github.com/rs/zerolog v1.33.0 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/segmentio/fasthash v1.0.3 // indirect
+	github.com/segmentio/ksuid v1.0.4 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
+	github.com/sethvargo/go-retry v0.3.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	go.mondoo.com/ranger-rpc v0.6.3 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.55.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0 // indirect
+	go.opentelemetry.io/otel v1.30.0 // indirect
+	go.opentelemetry.io/otel/metric v1.30.0 // indirect
+	go.opentelemetry.io/otel/trace v1.30.0 // indirect
+	go.uber.org/mock v0.4.0 // indirect
+	golang.org/x/crypto v0.27.0 // indirect
+	golang.org/x/mod v0.21.0 // indirect
+	golang.org/x/net v0.29.0 // indirect
+	golang.org/x/oauth2 v0.23.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/term v0.24.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
+	golang.org/x/time v0.6.0 // indirect
+	golang.org/x/tools v0.25.0 // indirect
+	google.golang.org/api v0.197.0 // indirect
+	google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/grpc v1.66.2 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	gopkg.in/warnings.v0 v0.1.2 // indirect
+	moul.io/http2curl v1.0.0 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)
diff --git a/providers/cloudflare/go.sum b/providers/cloudflare/go.sum
new file mode 100644
index 000000000..b002ef5c4
--- /dev/null
+++ b/providers/cloudflare/go.sum
@@ -0,0 +1,521 @@
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ=
+cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc=
+cloud.google.com/go/auth v0.9.4 h1:DxF7imbEbiFu9+zdKC6cKBko1e8XeJnipNqIbWZ+kDI=
+cloud.google.com/go/auth v0.9.4/go.mod h1:SHia8n6//Ya940F1rLimhJCjjx7KE17t0ctFEci3HkA=
+cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY=
+cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc=
+cloud.google.com/go/compute/metadata v0.5.1 h1:NM6oZeZNlYjiwYje+sYFjEpP0Q0zCan1bmQW/KmIrGs=
+cloud.google.com/go/compute/metadata v0.5.1/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k=
+cloud.google.com/go/iam v1.2.1 h1:QFct02HRb7H12J/3utj0qf5tobFh9V4vR6h9eX5EBRU=
+cloud.google.com/go/iam v1.2.1/go.mod h1:3VUIJDPpwT6p/amXRC5GY8fCCh70lxPygguVtI0Z4/g=
+cloud.google.com/go/kms v1.19.1 h1:NPE8zjJuMpECvHsx8lsMwQuWWIdJc6iIDHLJGC/J4bw=
+cloud.google.com/go/kms v1.19.1/go.mod h1:GRbd2v6e9rAVs+IwOIuePa3xcCm7/XpGNyWtBwwOdRc=
+cloud.google.com/go/longrunning v0.6.1 h1:lOLTFxYpr8hcRtcwWir5ITh1PAKUD/sG2lKrTSYjyMc=
+cloud.google.com/go/longrunning v0.6.1/go.mod h1:nHISoOZpBcmlwbJmiVk5oDRz0qG/ZxPynEGs1iZ79s0=
+cloud.google.com/go/secretmanager v1.14.1 h1:xlWSIg8rtBn5qCr2f3XtQP19+5COyf/ll49SEvi/0vM=
+cloud.google.com/go/secretmanager v1.14.1/go.mod h1:L+gO+u2JA9CCyXpSR8gDH0o8EV7i/f0jdBOrUXcIV0U=
+cloud.google.com/go/storage v1.43.0 h1:CcxnSohZwizt4LCzQHWvBf1/kvtHUn7gk9QERXPyXFs=
+cloud.google.com/go/storage v1.43.0/go.mod h1:ajvxEa7WmZS1PxvKRq4bq0tFT3vMd502JwstCcYv0Q0=
+dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
+dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
+github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMbk2FiG/kXiLl8BRyzTWDw7gX/Hz7Dd5eDMs=
+github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4/go.mod h1:hN7oaIRCjzsZ2dE+yG5k+rsdt3qcwykqK6HVGcKwsw4=
+github.com/99designs/keyring v1.2.2 h1:pZd3neh/EmUzWONb35LxQfvuY7kiSXAq3HQd97+XBn0=
+github.com/99designs/keyring v1.2.2/go.mod h1:wes/FrByc8j7lFOAGLGSNEg8f/PaI3cgTBqhFkHUrPk=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/GoogleCloudPlatform/berglas v1.0.3 h1:NjJYDz13vWct7+joxkBkIZhD6Cmwf5XP5t0jGTvHyJk=
+github.com/GoogleCloudPlatform/berglas v1.0.3/go.mod h1:JBsGyi6Z5RwyHXMdEebok6MChukLE+dWXzPor2aeMtw=
+github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=
+github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
+github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
+github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
+github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
+github.com/ProtonMail/go-crypto v1.0.0 h1:LRuvITjQWX+WIfr930YHG2HNfjR1uOfyf5vE0kC2U78=
+github.com/ProtonMail/go-crypto v1.0.0/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0=
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
+github.com/aws/aws-sdk-go-v2 v1.30.5 h1:mWSRTwQAb0aLE17dSzztCVJWI9+cRMgqebndjwDyK0g=
+github.com/aws/aws-sdk-go-v2 v1.30.5/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0=
+github.com/aws/aws-sdk-go-v2/config v1.27.33 h1:Nof9o/MsmH4oa0s2q9a0k7tMz5x/Yj5k06lDODWz3BU=
+github.com/aws/aws-sdk-go-v2/config v1.27.33/go.mod h1:kEqdYzRb8dd8Sy2pOdEbExTTF5v7ozEXX0McgPE7xks=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.32 h1:7Cxhp/BnT2RcGy4VisJ9miUPecY+lyE9I8JvcZofn9I=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.32/go.mod h1:P5/QMF3/DCHbXGEGkdbilXHsyTBX5D3HSwcrSc9p20I=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 h1:pfQ2sqNpMVK6xz2RbqLEL0GH87JOwSxPV2rzm8Zsb74=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13/go.mod h1:NG7RXPUlqfsCLLFfi0+IpKN4sCB9D9fw/qTaSB+xRoU=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 h1:pI7Bzt0BJtYA0N/JEC6B8fJ4RBrEMi1LBrkMdFYNSnQ=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17/go.mod h1:Dh5zzJYMtxfIjYW+/evjQ8uj2OyR/ve2KROHGHlSFqE=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 h1:Mqr/V5gvrhA2gvgnF42Zh5iMiQNcOYthFYwCyrnuWlc=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17/go.mod h1:aLJpZlCmjE+V+KtN1q1uyZkfnUWpQGpbsn89XPKyzfU=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 h1:KypMCbLPPHEmf9DgMGw51jMj77VfGPAN2Kv4cfhlfgI=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4/go.mod h1:Vz1JQXliGcQktFTN/LN6uGppAIRoLBR2bMvIMP0gOjc=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 h1:rfprUlsdzgl7ZL2KlXiUAoJnI/VxfHCvDFr2QDFj6u4=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19/go.mod h1:SCWkEdRq8/7EK60NcvvQ6NXKuTcchAD4ROAsC37VEZE=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.8 h1:HNXhQReFG2fbucvPRxDabbIGQf/6dieOfTnzoGPEqXI=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.8/go.mod h1:BYr9P/rrcLNJ8A36nT15p8tpoVDZ5lroHuMn/njecBw=
+github.com/aws/aws-sdk-go-v2/service/ssm v1.52.8 h1:7cjN4Wp3U3cud17TsnUxSomTwKzKQGUWdq/N1aWqgMk=
+github.com/aws/aws-sdk-go-v2/service/ssm v1.52.8/go.mod h1:nUSNPaG8mv5rIu7EclHnFqZOjhreEUwRKENtKTtJ9aw=
+github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 h1:pIaGg+08llrP7Q5aiz9ICWbY8cqhTkyy+0SHvfzQpTc=
+github.com/aws/aws-sdk-go-v2/service/sso v1.22.7/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 h1:/Cfdu0XV3mONYKaOt1Gr0k1KvQzkzPyiKUdlWJqy+J4=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 h1:NKTa1eqZYw8tiHSRGpP0VtTdub/8KNk8sDkNPFaOKDE=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.7/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o=
+github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4=
+github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
+github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
+github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
+github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
+github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
+github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
+github.com/cloudflare/circl v1.4.0 h1:BV7h5MgrktNzytKmWjpOtdYrf0lkkbF8YMlBGPhJQrY=
+github.com/cloudflare/circl v1.4.0/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
+github.com/cloudflare/cloudflare-go v0.104.0 h1:R/lB0dZupaZbOgibAH/BRrkFbZ6Acn/WsKg2iX2xXuY=
+github.com/cloudflare/cloudflare-go v0.104.0/go.mod h1:pfUQ4PIG4ISI0/Mmc21Bp86UnFU0ktmPf3iTgbSL+cM=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/cockroachdb/errors v1.11.3 h1:5bA+k2Y6r+oz/6Z/RFlNeVCesGARKuC6YymtcDrbC/I=
+github.com/cockroachdb/errors v1.11.3/go.mod h1:m4UIW4CDjx+R5cybPsNrRbreomiFqt8o1h1wUVazSd8=
+github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b h1:r6VH0faHjZeQy818SGhaone5OnYfxFR/+AzdY3sf5aE=
+github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b/go.mod h1:Vz9DsVWQQhf3vs21MhPMZpMGSht7O/2vFW2xusFUVOs=
+github.com/cockroachdb/redact v1.1.5 h1:u1PMllDkdFfPWaNGMyLD1+so+aq3uUItthCFqzwPJ30=
+github.com/cockroachdb/redact v1.1.5/go.mod h1:BVNblN9mBWFyMyqK1k3AAiSxhvhfK2oOZZ2lK+dpvRg=
+github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/cyphar/filepath-securejoin v0.3.2 h1:QhZu5AxQ+o1XZH0Ye05YzvJ0kAdK6VQc0z9NNMek7gc=
+github.com/cyphar/filepath-securejoin v0.3.2/go.mod h1:F7i41x/9cBF7lzCrVsYs9fuzwRZm4NQsGTBdpp6mETc=
+github.com/danieljoos/wincred v1.2.2 h1:774zMFJrqaeYCK2W57BgAem/MLi6mtSE47MB6BOJ0i0=
+github.com/danieljoos/wincred v1.2.2/go.mod h1:w7w4Utbrz8lqeMbDAK0lkNJUv5sAOkFi7nd/ogr0Uh8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dvsekhvalnov/jose2go v1.7.0 h1:bnQc8+GMnidJZA8zc6lLEAb4xNrIqHwO+9TzqvtQZPo=
+github.com/dvsekhvalnov/jose2go v1.7.0/go.mod h1:QsHjhyTlD/lAVqn/NSbVZmSCGeDehTB/mPZadG+mhXU=
+github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU=
+github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
+github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
+github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
+github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4=
+github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/getsentry/sentry-go v0.29.0 h1:YtWluuCFg9OfcqnaujpY918N/AhCCwarIDWOYSBAjCA=
+github.com/getsentry/sentry-go v0.29.0/go.mod h1:jhPesDAL0Q0W2+2YEuVOvdWmVtdsr1+jtBrlDEVWwLY=
+github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE=
+github.com/gliderlabs/ssh v0.3.7/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8=
+github.com/go-errors/errors v1.5.0 h1:/EuijeGOu7ckFxzhkj4CXJ8JaenxK7bKUxpPYqeLHqQ=
+github.com/go-errors/errors v1.5.0/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
+github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
+github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
+github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU=
+github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow=
+github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
+github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
+github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZtys=
+github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY=
+github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
+github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
+github.com/go-jose/go-jose/v4 v4.0.4 h1:VsjPI33J0SB9vQM6PLmNjoHqMQNGPiZ0rHL7Ni7Q6/E=
+github.com/go-jose/go-jose/v4 v4.0.4/go.mod h1:NKb5HO1EZccyMpiZNbdUw/14tiXNyUJh188dfnMCAfc=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
+github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
+github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
+github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
+github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 h1:ZpnhV/YsD2/4cESfV5+Hoeu/iUR3ruzNvZ+yQfO03a0=
+github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA=
+github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
+github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
+github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
+github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
+github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
+github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
+github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
+github.com/googleapis/enterprise-certificate-proxy v0.3.4/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
+github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s=
+github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A=
+github.com/gopherjs/gopherjs v1.17.2 h1:fQnZVsXk8uxXIStYb0N4bGk7jeyTalG/wsZjQ25dO0g=
+github.com/gopherjs/gopherjs v1.17.2/go.mod h1:pRRIvn/QzFLrKfvEz3qUuEhtE/zLCWfreZ6J5gM2i+k=
+github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c h1:6rhixN/i8ZofjG1Y75iExal34USq5p+wiN1tpie8IrU=
+github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c/go.mod h1:NMPJylDgVpX0MLRlPy15sqSwOFv/U1GZ2m21JhFfek0=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
+github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
+github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
+github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
+github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
+github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
+github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
+github.com/hashicorp/go-plugin v1.6.1 h1:P7MR2UP6gNKGPp+y7EZw2kOiq4IR9WiqLvp0XOsVdwI=
+github.com/hashicorp/go-plugin v1.6.1/go.mod h1:XPHFku2tFo3o3QKFgSYo+cghcUhw1NA1hZyMK0PWAw0=
+github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
+github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
+github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
+github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
+github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I=
+github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI=
+github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
+github.com/hashicorp/vault/api v1.15.0 h1:O24FYQCWwhwKnF7CuSqP30S51rTV7vz1iACXE/pj5DA=
+github.com/hashicorp/vault/api v1.15.0/go.mod h1:+5YTO09JGn0u+b6ySD/LLVf8WkJCPLAL2Vkmrn2+CM8=
+github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE=
+github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
+github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f h1:7LYC+Yfkj3CTRcShK0KOL/w6iTiKyqqBA9a41Wnggw8=
+github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f/go.mod h1:pFlLw2CfqZiIBOx6BuCeRLCrfxBJipTY0nIOF/VbGcI=
+github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
+github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
+github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
+github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
+github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
+github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
+github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
+github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
+github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
+github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=
+github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU=
+github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/mtibben/percent v0.2.1 h1:5gssi8Nqo8QU/r2pynCm+hBQHpkB/uNK7BJCFogWdzs=
+github.com/mtibben/percent v0.2.1/go.mod h1:KG9uO+SZkUp+VkRHsCdYQV3XSZrrSpR3O9ibNBTZrns=
+github.com/muesli/termenv v0.15.2 h1:GohcuySI0QmI3wN8Ok9PtKGkgkFIk7y6Vpb5PvrY+Wo=
+github.com/muesli/termenv v0.15.2/go.mod h1:Epx+iuz8sNs7mNKhxzH4fWXGNpZwUaJKRS1noLXviQ8=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
+github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
+github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
+github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk=
+github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0=
+github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4=
+github.com/pingcap/errors v0.11.4/go.mod h1:Oi8TUi2kEtXXLMJk9l1cGmz20kV3TaQ0usTwv5KuLY8=
+github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
+github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
+github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
+github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
+github.com/segmentio/fasthash v1.0.3 h1:EI9+KE1EwvMLBWwjpRDc+fEM+prwxDYbslddQGtrmhM=
+github.com/segmentio/fasthash v1.0.3/go.mod h1:waKX8l2N8yckOgmSsXJi7x1ZfdKZ4x7KRMzBtS3oedY=
+github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c=
+github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE=
+github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
+github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
+github.com/sethvargo/go-retry v0.3.0 h1:EEt31A35QhrcRZtrYFDTBg91cqZVnFL2navjDrah2SE=
+github.com/sethvargo/go-retry v0.3.0/go.mod h1:mNX17F0C/HguQMyMyJxcnU471gOZGxCLyYaFyAZraas=
+github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=
+github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M=
+github.com/smarty/assertions v1.15.1 h1:812oFiXI+G55vxsFf+8bIZ1ux30qtkdqzKbEFwyX3Tk=
+github.com/smarty/assertions v1.15.1/go.mod h1:yABtdzeQs6l1brC900WlRNwj6ZR55d7B+E8C6HtKdec=
+github.com/smartystreets/goconvey v1.8.1 h1:qGjIddxOk4grTu9JPOU31tVfq3cNdBlNa5sSznIX1xY=
+github.com/smartystreets/goconvey v1.8.1/go.mod h1:+/u4qLyY6x1jReYOp7GOM2FSt8aP9CzCZL03bI28W60=
+github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
+github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
+github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+go.mondoo.com/cnquery/v11 v11.22.0 h1:uOTaRizpA/mAO+a13RJqkUJIwlR4cMJh3JOsqBTKHxw=
+go.mondoo.com/cnquery/v11 v11.22.0/go.mod h1:SatHaNKnMoxlJo+QT761LdWBH2yU8j8YVaFWcmCQCls=
+go.mondoo.com/ranger-rpc v0.6.3 h1:XpJatFv0m6FxiVwgwKVlDkO6EcjGf6TnoJSlNh3d7Ks=
+go.mondoo.com/ranger-rpc v0.6.3/go.mod h1:t8u5Wdnl5Vq44E2oE3gi37MpDyXz44oiHRNDspC9r5Q=
+go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.55.0 h1:hCq2hNMwsegUvPzI7sPOvtO9cqyy5GbWt/Ybp2xrx8Q=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.55.0/go.mod h1:LqaApwGx/oUmzsbqxkzuBvyoPpkxk3JQWnqfVrJ3wCA=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0 h1:ZIg3ZT/aQ7AfKqdwp7ECpOK6vHqquXXuyTjIO8ZdmPs=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0/go.mod h1:DQAwmETtZV00skUwgD6+0U89g80NKsJE3DCKeLLPQMI=
+go.opentelemetry.io/otel v1.30.0 h1:F2t8sK4qf1fAmY9ua4ohFS/K+FUuOPemHUIXHtktrts=
+go.opentelemetry.io/otel v1.30.0/go.mod h1:tFw4Br9b7fOS+uEao81PJjVMjW/5fvNCbpsDIXqP0pc=
+go.opentelemetry.io/otel/metric v1.30.0 h1:4xNulvn9gjzo4hjg+wzIKG7iNFEaBMX00Qd4QIZs7+w=
+go.opentelemetry.io/otel/metric v1.30.0/go.mod h1:aXTfST94tswhWEb+5QjlSqG+cZlmyXy/u8jFpor3WqQ=
+go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHyryo=
+go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok=
+go.opentelemetry.io/otel/trace v1.30.0 h1:7UBkkYzeg3C7kQX8VAidWh2biiQbtAKjyIML8dQ9wmc=
+go.opentelemetry.io/otel/trace v1.30.0/go.mod h1:5EyKqTzzmyqB9bwtCCq6pDLktPK6fmGf/Dph+8VI02o=
+go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
+go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
+golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
+golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
+golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
+golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
+golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
+golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
+golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
+golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE=
+golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.197.0 h1:x6CwqQLsFiA5JKAiGyGBjc2bNtHtLddhJCE2IKuhhcQ=
+google.golang.org/api v0.197.0/go.mod h1:AuOuo20GoQ331nq7DquGHlU6d+2wN2fZ8O0ta60nRNw=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 h1:BulPr26Jqjnd4eYDVe+YvyR7Yc2vJGkO5/0UxD0/jZU=
+google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:hL97c3SYopEHblzpxRL4lSs523++l8DYxGM1FQiYmb4=
+google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc=
+google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo=
+google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
+gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+moul.io/http2curl v1.0.0 h1:6XwpyZOYsgZJrU8exnG87ncVkU1FVCcTRpwzOkTDUi8=
+moul.io/http2curl v1.0.0/go.mod h1:f6cULg+e4Md/oW1cYmwW4IWQOVl2lGbmCNGOHvzX2kE=
+sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
+sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
diff --git a/providers/cloudflare/main.go b/providers/cloudflare/main.go
new file mode 100644
index 000000000..1ccc2fa38
--- /dev/null
+++ b/providers/cloudflare/main.go
@@ -0,0 +1,14 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package main
+
+import (
+	"os"
+
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/provider"
+)
+
+func main() {
+	plugin.Start(os.Args, provider.Init())
+}
diff --git a/providers/cloudflare/provider/discover.go b/providers/cloudflare/provider/discover.go
new file mode 100644
index 000000000..2826d9192
--- /dev/null
+++ b/providers/cloudflare/provider/discover.go
@@ -0,0 +1,23 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package provider
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/resources"
+)
+
+func (s *Service) discover(conn *connection.CloudflareConnection) (*inventory.Inventory, error) {
+	conf := conn.Asset().Connections[0]
+	if conf.Discover == nil {
+		return nil, nil
+	}
+
+	runtime, err := s.GetRuntime(conn.ID())
+	if err != nil {
+		return nil, err
+	}
+
+	return resources.Discover(runtime, conf.Options)
+}
diff --git a/providers/cloudflare/provider/provider.go b/providers/cloudflare/provider/provider.go
new file mode 100644
index 000000000..4f09b165d
--- /dev/null
+++ b/providers/cloudflare/provider/provider.go
@@ -0,0 +1,143 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package provider
+
+import (
+	"context"
+	"errors"
+
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/upstream"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/resources"
+)
+
+const (
+	DefaultConnectionType = "cloudflare"
+)
+
+type Service struct {
+	*plugin.Service
+}
+
+func Init() *Service {
+	return &Service{
+		Service: plugin.NewService(),
+	}
+}
+
+func (s *Service) ParseCLI(req *plugin.ParseCLIReq) (*plugin.ParseCLIRes, error) {
+	flags := req.Flags
+	if flags == nil {
+		flags = map[string]*llx.Primitive{}
+	}
+
+	conf := &inventory.Config{
+		Type:    req.Connector,
+		Options: map[string]string{},
+	}
+
+	// Do custom flag parsing here
+	// discovery flags
+	discoverTargets := []string{}
+	if x, ok := flags["discover"]; ok && len(x.Array) != 0 {
+		for i := range x.Array {
+			entry := string(x.Array[i].Value)
+			discoverTargets = append(discoverTargets, entry)
+		}
+	} else {
+		discoverTargets = []string{connection.DiscoveryAuto}
+	}
+	conf.Discover = &inventory.Discovery{Targets: discoverTargets}
+
+	asset := inventory.Asset{
+		Connections: []*inventory.Config{conf},
+	}
+
+	return &plugin.ParseCLIRes{Asset: &asset}, nil
+}
+
+func (s *Service) Connect(req *plugin.ConnectReq, callback plugin.ProviderCallback) (*plugin.ConnectRes, error) {
+	if req == nil || req.Asset == nil {
+		return nil, errors.New("no connection data provided")
+	}
+
+	conn, err := s.connect(req, callback)
+	if err != nil {
+		return nil, err
+	}
+
+	// We only need to run the detection step when we don't have any asset information yet.
+	if req.Asset.Platform == nil {
+		if err := s.detect(req.Asset, conn); err != nil {
+			return nil, err
+		}
+	}
+
+	inv, err := s.discover(conn)
+	if err != nil {
+		return nil, err
+	}
+
+	return &plugin.ConnectRes{
+		Id:        conn.ID(),
+		Name:      conn.Name(),
+		Asset:     req.Asset,
+		Inventory: inv,
+	}, nil
+}
+
+func (s *Service) connect(req *plugin.ConnectReq, callback plugin.ProviderCallback) (*connection.CloudflareConnection, error) {
+	if len(req.Asset.Connections) == 0 {
+		return nil, errors.New("no connection options for asset")
+	}
+
+	asset := req.Asset
+	conf := asset.Connections[0]
+	runtime, err := s.AddRuntime(conf, func(connId uint32) (*plugin.Runtime, error) {
+		var conn *connection.CloudflareConnection
+		var err error
+
+		switch conf.Type {
+		default:
+			conn, err = connection.NewCloudflareConnection(connId, asset, conf)
+		}
+		if err != nil {
+			return nil, err
+		}
+
+		var upstream *upstream.UpstreamClient
+		if req.Upstream != nil && !req.Upstream.Incognito {
+			upstream, err = req.Upstream.InitClient(context.Background())
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		asset.Connections[0].Id = conn.ID()
+		return plugin.NewRuntime(
+			conn,
+			callback,
+			req.HasRecording,
+			resources.CreateResource,
+			resources.NewResource,
+			resources.GetData,
+			resources.SetData,
+			upstream), nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return runtime.Connection.(*connection.CloudflareConnection), nil
+}
+
+func (s *Service) detect(asset *inventory.Asset, conn *connection.CloudflareConnection) error {
+	return nil
+}
+
+func (s *Service) MockConnect(req *plugin.ConnectReq, callback plugin.ProviderCallback) (*plugin.ConnectRes, error) {
+	return nil, errors.New("mock connect not yet implemented")
+}
diff --git a/providers/cloudflare/resources/cloudflare.go b/providers/cloudflare/resources/cloudflare.go
new file mode 100644
index 000000000..4c0dd10a3
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare.go
@@ -0,0 +1,113 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/util/convert"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/types"
+)
+
+func (r *mqlCloudflare) id() (string, error) {
+	return "cloudflare", nil
+}
+
+func (c *mqlCloudflare) zones() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	zones, err := conn.Cf.ListZones(context.Background())
+	if err != nil {
+		return nil, err
+	}
+
+	var res []any
+	for i := range zones {
+		zone := zones[i]
+
+		acc, err := NewResource(c.MqlRuntime, "cloudflare.zone.account", map[string]*llx.RawData{
+			"id":   llx.StringData(zone.Account.ID),
+			"name": llx.StringData(zone.Account.Name),
+			"type": llx.StringData(zone.Account.Type),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		r, err := NewResource(c.MqlRuntime, "cloudflare.zone", map[string]*llx.RawData{
+			"id":   llx.StringData(zone.ID),
+			"name": llx.StringData(zone.Name),
+
+			"nameServers":         llx.ArrayData(convert.SliceAnyToInterface(zone.NameServers), types.String),
+			"originalNameServers": llx.ArrayData(convert.SliceAnyToInterface(zone.OriginalNS), types.String),
+
+			"status": llx.StringData(zone.Status),
+			"paused": llx.BoolData(zone.Paused),
+			"type":   llx.StringData(zone.Type),
+
+			"account": llx.ResourceData(acc, acc.MqlName()),
+
+			"createdOn":  llx.TimeData(zone.CreatedOn),
+			"modifiedOn": llx.TimeData(zone.ModifiedOn),
+		})
+		if err != nil {
+			return nil, err
+		}
+		res = append(res, r)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflare) accounts() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	var result []any
+	cursor := cloudflare.ResultInfo{}
+
+	for {
+		_accounts, info, err := conn.Cf.Accounts(context.Background(), cloudflare.AccountsListParams{
+			PaginationOptions: cloudflare.PaginationOptions{
+				Page:    cursor.Page,
+				PerPage: cursor.PerPage,
+			},
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		cursor = info
+
+		for i := range _accounts {
+			acc := _accounts[i]
+
+			settings, err := NewResource(c.MqlRuntime, "cloudflare.account.settings", map[string]*llx.RawData{
+				"enforceTwoFactor": llx.BoolData(acc.Settings.EnforceTwoFactor),
+			})
+			if err != nil {
+				return nil, err
+			}
+
+			res, err := NewResource(c.MqlRuntime, "cloudflare.account", map[string]*llx.RawData{
+				"id":        llx.StringData(acc.ID),
+				"name":      llx.StringData(acc.Name),
+				"settings":  llx.ResourceData(settings, settings.MqlName()),
+				"createdOn": llx.TimeData(acc.CreatedOn),
+			})
+			if err != nil {
+				return nil, err
+			}
+
+			result = append(result, res)
+		}
+
+		if !cursor.HasMorePages() {
+			break
+		}
+	}
+
+	return result, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare.lr b/providers/cloudflare/resources/cloudflare.lr
new file mode 100644
index 000000000..220bb476c
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare.lr
@@ -0,0 +1,329 @@
+option provider = "go.mondoo.com/cnquery/v11/providers/cloudflare"
+option go_package = "go.mondoo.com/cnquery/v11/providers/cloudflare/resources"
+
+// Cloudflare provider
+cloudflare {
+	// List all zones
+	zones() []cloudflare.zone 
+
+	// List available accounts
+	accounts() []cloudflare.account
+}
+
+// Cloudflare DNS zone
+private cloudflare.zone @defaults("name account.name") {
+	// Zone identifier
+	id string 
+	// Zone name
+	name string 
+	// Nameservers for this zone
+	nameServers []string 
+	// Original name servers
+	originalNameServers []string 
+
+	// The current status of the zone (initializing, pending, active, or moved)  
+  status string  
+  // Whether the zone is paused  
+  paused bool  
+  // DNS zone type (full or partial)  
+  type string  
+
+	// Time the zone was created
+	createdOn time 
+	// Time the zone was last modified
+	modifiedOn time 
+
+	// Zone owner account
+  account cloudflare.zone.account 
+
+	// DNS records associated with the zone
+	dns() cloudflare.dns
+
+	// Live inputs 
+	liveInputs() []cloudflare.streams.liveInput
+
+	// Videos
+	videos() []cloudflare.streams.video
+
+	// R2
+	r2() cloudflare.r2
+
+	workers() cloudflare.workers
+
+	one() cloudflare.one
+}
+
+private cloudflare.zone.account @defaults("name") {
+	// Account identifier
+	id string 
+	// Account name
+	name string 
+	// Account type
+	type string 
+	// Account email
+	email string
+}
+
+private cloudflare.dns {
+	records() []cloudflare.dns.record 
+}
+
+// DNS record
+private cloudflare.dns.record @defaults("type content name") {
+	// Cloudflare internal ID
+	id string 
+
+        // Record name
+	name string
+	// Comment
+	comment string
+	// Tags
+	tags []string
+	// Whether the record is proxied (false indicated DNS only)
+	proxied bool
+	// Whether the record can be proxied
+	proxiable bool
+
+	// Type of record (A, AAAA, CNAME, etc.)
+	type string 
+	// Content of the record (hostname, IP Address, etc.)
+	content string 
+	// Time to live (in seconds)
+	ttl int 
+
+	// Time the record was created
+	createdOn time
+	// Time the record was last modified
+	modifiedOn time
+}
+
+// Cloudflare account
+private cloudflare.account @defaults("name") {
+	// Cloudflare account identifier
+	id string
+
+	// Account name
+	name string
+
+	// Settings
+	settings cloudflare.account.settings
+
+	// Time the account was created
+	createdOn time
+
+	// Live inputs 
+	liveInputs() []cloudflare.streams.liveInput
+
+	// Videos
+	videos() []cloudflare.streams.video
+}
+
+// Account settings
+private cloudflare.account.settings {
+	// Whether membership in this account requires that two-factor authentication is enabled
+	enforceTwoFactor bool
+}
+
+private cloudflare.streams {}
+
+// Cloudflare live input (stream)
+private cloudflare.streams.liveInput @defaults("uid name") {
+	// cnquery resource ID
+	id string
+
+	// Unique identifier
+	uid string
+
+	// Input name
+	name string
+
+	// Number of days after which to delete the recording
+	deleteRecordingAfterDays int
+}
+
+// Cloudflare videos and recordings
+private cloudflare.streams.video @defaults("name id") {
+	// cnquery resource id
+	id string
+
+	// Unique identifier
+	uid string
+
+	// Name
+	name string
+
+	// Creator ID
+	creator string
+
+	// Video duration in seconds
+	duration float
+
+	// Height (px)
+	height int
+
+	// Width (px)
+	width int
+
+	// Live input ID
+	liveInput string
+
+	// Dash URL
+	dash string
+
+	// HLS URL
+	hls string
+
+	// Preview URL
+	preview string
+
+	// Whether the video is ready to stream
+	ready bool
+
+	// Whether the video can be a accessed using the UID
+	requireSignedUrls bool
+
+	// Date and time at which the video will be deleted (No value or a null value means that the video won't be deleted.)
+	scheduledDeletion time
+
+	// Size in Bytes
+	size int
+
+	// Thumbnail URL
+	thumbnail string
+
+	// Timestamp for a thumbnail image, calculated as a percentage value of the video's duration (To convert from a second-wise timestamp to a percentage, divide the desired timestamp by the total duration of the video. If this value is not set, the default thumbnail image is taken from 0s of the video.)
+	thumbnailTimestampPct float
+
+	// Time the video was uploaded
+	uploaded time
+}
+
+// Cloudflare R2
+private cloudflare.r2 {
+	buckets() []cloudflare.r2.bucket
+}
+
+// Cloudflare R2 bucket
+private cloudflare.r2.bucket {
+ 	// Bucket name  
+  name string  
+  // Bucket location  
+  location string  
+  // Time the bucket was created  
+  createdOn time  
+}
+
+// Cloudflare workers
+private cloudflare.workers {
+	// List all workers
+	workers() []cloudflare.workers.worker
+
+	// List all pages
+	pages() []cloudflare.workers.page
+}
+
+// Cloudflare worker  
+private cloudflare.workers.worker {
+	// Worker ID  
+  id string  
+  // Worker etag  
+  etag string  
+  // Worker size  
+  size int  
+  // Deployment for the worker  
+  deploymentId string  
+  // CI/CD pipeline for the worker  
+  pipelineHash string  
+  // Placement mode for the worker (e.g., smart)  
+  placementMode string  
+
+  // Worker was last deployed from  
+  lastDeployedFrom string  
+  // Whether LogPush is enabled for the worker  
+  logPush bool  
+  // Time the worker was created
+  createdOn time  
+  // Time the worker was last modified
+  modifiedOn time  
+}
+
+private cloudflare.workers.page {
+	// Worker ID  
+	id string
+	// Worker short ID  
+	shortId string
+	projectId string
+	projectName string
+	environment string
+	url string
+
+	aliases []string
+
+	productionBranch string
+
+  // Time the worker was created
+	createdOn time
+  // Time the worker was last modified
+	modifiedOn time
+}
+
+private cloudflare.one {
+	apps() []cloudflare.one.app // Cloudflare Zero Trust applications  
+	identityProviders() []cloudflare.one.idp // Identity providers
+}
+
+// Cloudflare One application 
+private cloudflare.one.app @defaults("name id") {
+	id string // UUID
+	aud string // Audience tag
+
+	name string // Name of the application  
+	domain string // Domain of the application  
+
+	allowedIdentityProviders []string // Allowed identity providers
+	appLauncherVisible bool // Whether the application displays in the App Launcher  
+	autoRedirectToIdentity bool // Whether users skip the identity provider selection step during login  
+
+	corsHeaders cloudflare.corsHeaders // CORS headers
+	optionsPreflightBypass bool // Whether preflight requests are allowed to bypass Access authentication and go directly to the origin (can't be true if corsHeaders is set)  
+
+	customDenyMessage string // Custom error message shown to a user when they are denied access to the application
+	customDenyUrl string // Custom URL to redirect a user to when they are denied access to the application  
+	serviceAuth401Redirect bool // Whether to return a 401 status code when the request is blocked by a Service Auth policy
+
+	enableBindingCookie bool // Whether to allow the binding cookie, which increases security against compromised authorization tokens and CSRF attacks
+	httpOnlyCookieAttribute bool // Whether the HttpOnly cookie attribute, which increases security against XSS attacks, is enabled
+	sameSiteCookieAttribute string // SameSite cookie setting, which provides increased security against CSRF attacks
+
+	logoUrl string // URL of the application's logo
+
+	sessionDuration string // Amount of time that tokens issued for this application will be valid (Format is 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, and h.)  
+
+	skipInterstitial bool // Whether automatic authentication through cloudflared is enabled
+
+	type string // Application type
+
+	// Time the application was created  
+	createdAt time
+	// Time the application was last updated
+	updatedAt time
+}
+
+private cloudflare.corsHeaders {
+	allowAllHeaders bool
+	allowAllMethods bool
+	allowAllOrigins bool
+	allowCredentials bool
+
+	allowedHeaders []string
+	allowedMethods []string
+	allowedOrigins []string
+
+	maxAge int // The maximum number of seconds the results of a preflight request can be cached.
+}
+
+private cloudflare.one.idp @defaults("name") {
+	id string // UUID
+	name string // The name of the identity provider, shown to users on the login page.
+	type string // The type of the identity provider.
+}
\ No newline at end of file
diff --git a/providers/cloudflare/resources/cloudflare.lr.go b/providers/cloudflare/resources/cloudflare.lr.go
new file mode 100644
index 000000000..77beeaf3c
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare.lr.go
@@ -0,0 +1,2734 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+// Code generated by resources. DO NOT EDIT.
+
+package resources
+
+import (
+	"errors"
+	"time"
+
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/types"
+)
+
+var resourceFactories map[string]plugin.ResourceFactory
+
+func init() {
+	resourceFactories = map[string]plugin.ResourceFactory {
+		"cloudflare": {
+			// to override args, implement: initCloudflare(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflare,
+		},
+		"cloudflare.zone": {
+			// to override args, implement: initCloudflareZone(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareZone,
+		},
+		"cloudflare.zone.account": {
+			// to override args, implement: initCloudflareZoneAccount(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareZoneAccount,
+		},
+		"cloudflare.dns": {
+			// to override args, implement: initCloudflareDns(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareDns,
+		},
+		"cloudflare.dns.record": {
+			// to override args, implement: initCloudflareDnsRecord(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareDnsRecord,
+		},
+		"cloudflare.account": {
+			// to override args, implement: initCloudflareAccount(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareAccount,
+		},
+		"cloudflare.account.settings": {
+			// to override args, implement: initCloudflareAccountSettings(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareAccountSettings,
+		},
+		"cloudflare.streams": {
+			// to override args, implement: initCloudflareStreams(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareStreams,
+		},
+		"cloudflare.streams.liveInput": {
+			// to override args, implement: initCloudflareStreamsLiveInput(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareStreamsLiveInput,
+		},
+		"cloudflare.streams.video": {
+			// to override args, implement: initCloudflareStreamsVideo(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareStreamsVideo,
+		},
+		"cloudflare.r2": {
+			// to override args, implement: initCloudflareR2(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareR2,
+		},
+		"cloudflare.r2.bucket": {
+			// to override args, implement: initCloudflareR2Bucket(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareR2Bucket,
+		},
+		"cloudflare.workers": {
+			// to override args, implement: initCloudflareWorkers(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareWorkers,
+		},
+		"cloudflare.workers.worker": {
+			// to override args, implement: initCloudflareWorkersWorker(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareWorkersWorker,
+		},
+		"cloudflare.workers.page": {
+			// to override args, implement: initCloudflareWorkersPage(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareWorkersPage,
+		},
+		"cloudflare.one": {
+			// to override args, implement: initCloudflareOne(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareOne,
+		},
+		"cloudflare.one.app": {
+			// to override args, implement: initCloudflareOneApp(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareOneApp,
+		},
+		"cloudflare.corsHeaders": {
+			// to override args, implement: initCloudflareCorsHeaders(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareCorsHeaders,
+		},
+		"cloudflare.one.idp": {
+			// to override args, implement: initCloudflareOneIdp(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error)
+			Create: createCloudflareOneIdp,
+		},
+	}
+}
+
+// NewResource is used by the runtime of this plugin to create new resources.
+// Its arguments may be provided by users. This function is generally not
+// used by initializing resources from recordings or from lists.
+func NewResource(runtime *plugin.Runtime, name string, args map[string]*llx.RawData) (plugin.Resource, error) {
+	f, ok := resourceFactories[name]
+	if !ok {
+		return nil, errors.New("cannot find resource " + name + " in this provider")
+	}
+
+	if f.Init != nil {
+		cargs, res, err := f.Init(runtime, args)
+		if err != nil {
+			return res, err
+		}
+
+		if res != nil {
+			id := name+"\x00"+res.MqlID()
+			if x, ok := runtime.Resources.Get(id); ok {
+				return x, nil
+			}
+			runtime.Resources.Set(id, res)
+			return res, nil
+		}
+
+		args = cargs
+	}
+
+	res, err := f.Create(runtime, args)
+	if err != nil {
+		return nil, err
+	}
+
+	id := name+"\x00"+res.MqlID()
+	if x, ok := runtime.Resources.Get(id); ok {
+		return x, nil
+	}
+
+	runtime.Resources.Set(id, res)
+	return res, nil
+}
+
+// CreateResource is used by the runtime of this plugin to create resources.
+// Its arguments must be complete and pre-processed. This method is used
+// for initializing resources from recordings or from lists.
+func CreateResource(runtime *plugin.Runtime, name string, args map[string]*llx.RawData) (plugin.Resource, error) {
+	f, ok := resourceFactories[name]
+	if !ok {
+		return nil, errors.New("cannot find resource " + name + " in this provider")
+	}
+
+	res, err := f.Create(runtime, args)
+	if err != nil {
+		return nil, err
+	}
+
+	id := name+"\x00"+res.MqlID()
+	if x, ok := runtime.Resources.Get(id); ok {
+		return x, nil
+	}
+
+	runtime.Resources.Set(id, res)
+	return res, nil
+}
+
+var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{
+	"cloudflare.zones": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflare).GetZones()).ToDataRes(types.Array(types.Resource("cloudflare.zone")))
+	},
+	"cloudflare.accounts": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflare).GetAccounts()).ToDataRes(types.Array(types.Resource("cloudflare.account")))
+	},
+	"cloudflare.zone.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.nameServers": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetNameServers()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.zone.originalNameServers": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetOriginalNameServers()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.zone.status": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetStatus()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.paused": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetPaused()).ToDataRes(types.Bool)
+	},
+	"cloudflare.zone.type": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetType()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.zone.modifiedOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetModifiedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.zone.account": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetAccount()).ToDataRes(types.Resource("cloudflare.zone.account"))
+	},
+	"cloudflare.zone.dns": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetDns()).ToDataRes(types.Resource("cloudflare.dns"))
+	},
+	"cloudflare.zone.liveInputs": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetLiveInputs()).ToDataRes(types.Array(types.Resource("cloudflare.streams.liveInput")))
+	},
+	"cloudflare.zone.videos": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetVideos()).ToDataRes(types.Array(types.Resource("cloudflare.streams.video")))
+	},
+	"cloudflare.zone.r2": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetR2()).ToDataRes(types.Resource("cloudflare.r2"))
+	},
+	"cloudflare.zone.workers": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetWorkers()).ToDataRes(types.Resource("cloudflare.workers"))
+	},
+	"cloudflare.zone.one": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZone).GetOne()).ToDataRes(types.Resource("cloudflare.one"))
+	},
+	"cloudflare.zone.account.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZoneAccount).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.account.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZoneAccount).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.account.type": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZoneAccount).GetType()).ToDataRes(types.String)
+	},
+	"cloudflare.zone.account.email": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareZoneAccount).GetEmail()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.records": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDns).GetRecords()).ToDataRes(types.Array(types.Resource("cloudflare.dns.record")))
+	},
+	"cloudflare.dns.record.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.record.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.record.comment": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetComment()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.record.tags": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetTags()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.dns.record.proxied": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetProxied()).ToDataRes(types.Bool)
+	},
+	"cloudflare.dns.record.proxiable": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetProxiable()).ToDataRes(types.Bool)
+	},
+	"cloudflare.dns.record.type": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetType()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.record.content": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetContent()).ToDataRes(types.String)
+	},
+	"cloudflare.dns.record.ttl": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetTtl()).ToDataRes(types.Int)
+	},
+	"cloudflare.dns.record.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.dns.record.modifiedOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareDnsRecord).GetModifiedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.account.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.account.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.account.settings": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetSettings()).ToDataRes(types.Resource("cloudflare.account.settings"))
+	},
+	"cloudflare.account.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.account.liveInputs": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetLiveInputs()).ToDataRes(types.Array(types.Resource("cloudflare.streams.liveInput")))
+	},
+	"cloudflare.account.videos": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccount).GetVideos()).ToDataRes(types.Array(types.Resource("cloudflare.streams.video")))
+	},
+	"cloudflare.account.settings.enforceTwoFactor": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareAccountSettings).GetEnforceTwoFactor()).ToDataRes(types.Bool)
+	},
+	"cloudflare.streams.liveInput.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsLiveInput).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.liveInput.uid": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsLiveInput).GetUid()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.liveInput.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsLiveInput).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.liveInput.deleteRecordingAfterDays": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsLiveInput).GetDeleteRecordingAfterDays()).ToDataRes(types.Int)
+	},
+	"cloudflare.streams.video.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.uid": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetUid()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.creator": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetCreator()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.duration": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetDuration()).ToDataRes(types.Float)
+	},
+	"cloudflare.streams.video.height": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetHeight()).ToDataRes(types.Int)
+	},
+	"cloudflare.streams.video.width": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetWidth()).ToDataRes(types.Int)
+	},
+	"cloudflare.streams.video.liveInput": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetLiveInput()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.dash": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetDash()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.hls": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetHls()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.preview": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetPreview()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.ready": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetReady()).ToDataRes(types.Bool)
+	},
+	"cloudflare.streams.video.requireSignedUrls": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetRequireSignedUrls()).ToDataRes(types.Bool)
+	},
+	"cloudflare.streams.video.scheduledDeletion": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetScheduledDeletion()).ToDataRes(types.Time)
+	},
+	"cloudflare.streams.video.size": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetSize()).ToDataRes(types.Int)
+	},
+	"cloudflare.streams.video.thumbnail": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetThumbnail()).ToDataRes(types.String)
+	},
+	"cloudflare.streams.video.thumbnailTimestampPct": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetThumbnailTimestampPct()).ToDataRes(types.Float)
+	},
+	"cloudflare.streams.video.uploaded": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareStreamsVideo).GetUploaded()).ToDataRes(types.Time)
+	},
+	"cloudflare.r2.buckets": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareR2).GetBuckets()).ToDataRes(types.Array(types.Resource("cloudflare.r2.bucket")))
+	},
+	"cloudflare.r2.bucket.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareR2Bucket).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.r2.bucket.location": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareR2Bucket).GetLocation()).ToDataRes(types.String)
+	},
+	"cloudflare.r2.bucket.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareR2Bucket).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.workers.workers": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkers).GetWorkers()).ToDataRes(types.Array(types.Resource("cloudflare.workers.worker")))
+	},
+	"cloudflare.workers.pages": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkers).GetPages()).ToDataRes(types.Array(types.Resource("cloudflare.workers.page")))
+	},
+	"cloudflare.workers.worker.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.etag": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetEtag()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.size": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetSize()).ToDataRes(types.Int)
+	},
+	"cloudflare.workers.worker.deploymentId": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetDeploymentId()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.pipelineHash": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetPipelineHash()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.placementMode": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetPlacementMode()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.lastDeployedFrom": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetLastDeployedFrom()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.worker.logPush": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetLogPush()).ToDataRes(types.Bool)
+	},
+	"cloudflare.workers.worker.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.workers.worker.modifiedOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersWorker).GetModifiedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.workers.page.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.shortId": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetShortId()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.projectId": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetProjectId()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.projectName": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetProjectName()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.environment": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetEnvironment()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.url": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetUrl()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.aliases": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetAliases()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.workers.page.productionBranch": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetProductionBranch()).ToDataRes(types.String)
+	},
+	"cloudflare.workers.page.createdOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetCreatedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.workers.page.modifiedOn": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareWorkersPage).GetModifiedOn()).ToDataRes(types.Time)
+	},
+	"cloudflare.one.apps": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOne).GetApps()).ToDataRes(types.Array(types.Resource("cloudflare.one.app")))
+	},
+	"cloudflare.one.identityProviders": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOne).GetIdentityProviders()).ToDataRes(types.Array(types.Resource("cloudflare.one.idp")))
+	},
+	"cloudflare.one.app.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.aud": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetAud()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.domain": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetDomain()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.allowedIdentityProviders": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetAllowedIdentityProviders()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.one.app.appLauncherVisible": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetAppLauncherVisible()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.autoRedirectToIdentity": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetAutoRedirectToIdentity()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.corsHeaders": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetCorsHeaders()).ToDataRes(types.Resource("cloudflare.corsHeaders"))
+	},
+	"cloudflare.one.app.optionsPreflightBypass": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetOptionsPreflightBypass()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.customDenyMessage": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetCustomDenyMessage()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.customDenyUrl": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetCustomDenyUrl()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.serviceAuth401Redirect": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetServiceAuth401Redirect()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.enableBindingCookie": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetEnableBindingCookie()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.httpOnlyCookieAttribute": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetHttpOnlyCookieAttribute()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.sameSiteCookieAttribute": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetSameSiteCookieAttribute()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.logoUrl": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetLogoUrl()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.sessionDuration": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetSessionDuration()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.skipInterstitial": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetSkipInterstitial()).ToDataRes(types.Bool)
+	},
+	"cloudflare.one.app.type": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetType()).ToDataRes(types.String)
+	},
+	"cloudflare.one.app.createdAt": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetCreatedAt()).ToDataRes(types.Time)
+	},
+	"cloudflare.one.app.updatedAt": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneApp).GetUpdatedAt()).ToDataRes(types.Time)
+	},
+	"cloudflare.corsHeaders.allowAllHeaders": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowAllHeaders()).ToDataRes(types.Bool)
+	},
+	"cloudflare.corsHeaders.allowAllMethods": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowAllMethods()).ToDataRes(types.Bool)
+	},
+	"cloudflare.corsHeaders.allowAllOrigins": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowAllOrigins()).ToDataRes(types.Bool)
+	},
+	"cloudflare.corsHeaders.allowCredentials": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowCredentials()).ToDataRes(types.Bool)
+	},
+	"cloudflare.corsHeaders.allowedHeaders": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowedHeaders()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.corsHeaders.allowedMethods": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowedMethods()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.corsHeaders.allowedOrigins": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetAllowedOrigins()).ToDataRes(types.Array(types.String))
+	},
+	"cloudflare.corsHeaders.maxAge": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareCorsHeaders).GetMaxAge()).ToDataRes(types.Int)
+	},
+	"cloudflare.one.idp.id": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneIdp).GetId()).ToDataRes(types.String)
+	},
+	"cloudflare.one.idp.name": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneIdp).GetName()).ToDataRes(types.String)
+	},
+	"cloudflare.one.idp.type": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlCloudflareOneIdp).GetType()).ToDataRes(types.String)
+	},
+}
+
+func GetData(resource plugin.Resource, field string, args map[string]*llx.RawData) *plugin.DataRes {
+	f, ok := getDataFields[resource.MqlName()+"."+field]
+	if !ok {
+		return &plugin.DataRes{Error: "cannot find '" + field + "' in resource '" + resource.MqlName() + "'"}
+	}
+
+	return f(resource)
+}
+
+var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool {
+	"cloudflare.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflare).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.zones": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflare).Zones, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.accounts": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflare).Accounts, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareZone).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.zone.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.nameServers": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).NameServers, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.originalNameServers": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).OriginalNameServers, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.status": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Status, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.paused": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Paused, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.type": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Type, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.modifiedOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).ModifiedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.account": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Account, ok = plugin.RawToTValue[*mqlCloudflareZoneAccount](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.dns": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Dns, ok = plugin.RawToTValue[*mqlCloudflareDns](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.liveInputs": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).LiveInputs, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.videos": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Videos, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.r2": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).R2, ok = plugin.RawToTValue[*mqlCloudflareR2](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.workers": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).Workers, ok = plugin.RawToTValue[*mqlCloudflareWorkers](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.one": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZone).One, ok = plugin.RawToTValue[*mqlCloudflareOne](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.account.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareZoneAccount).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.zone.account.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZoneAccount).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.account.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZoneAccount).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.account.type": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZoneAccount).Type, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.zone.account.email": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareZoneAccount).Email, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareDns).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.dns.records": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDns).Records, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareDnsRecord).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.dns.record.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.comment": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Comment, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.tags": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Tags, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.proxied": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Proxied, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.proxiable": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Proxiable, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.type": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Type, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.content": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Content, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.ttl": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).Ttl, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.dns.record.modifiedOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareDnsRecord).ModifiedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareAccount).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.account.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.settings": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).Settings, ok = plugin.RawToTValue[*mqlCloudflareAccountSettings](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.liveInputs": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).LiveInputs, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.videos": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccount).Videos, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.account.settings.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareAccountSettings).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.account.settings.enforceTwoFactor": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareAccountSettings).EnforceTwoFactor, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareStreams).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.streams.liveInput.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareStreamsLiveInput).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.streams.liveInput.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsLiveInput).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.liveInput.uid": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsLiveInput).Uid, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.liveInput.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsLiveInput).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.liveInput.deleteRecordingAfterDays": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsLiveInput).DeleteRecordingAfterDays, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareStreamsVideo).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.streams.video.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.uid": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Uid, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.creator": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Creator, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.duration": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Duration, ok = plugin.RawToTValue[float64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.height": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Height, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.width": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Width, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.liveInput": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).LiveInput, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.dash": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Dash, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.hls": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Hls, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.preview": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Preview, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.ready": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Ready, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.requireSignedUrls": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).RequireSignedUrls, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.scheduledDeletion": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).ScheduledDeletion, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.size": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Size, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.thumbnail": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Thumbnail, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.thumbnailTimestampPct": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).ThumbnailTimestampPct, ok = plugin.RawToTValue[float64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.streams.video.uploaded": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareStreamsVideo).Uploaded, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.r2.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareR2).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.r2.buckets": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareR2).Buckets, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.r2.bucket.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareR2Bucket).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.r2.bucket.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareR2Bucket).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.r2.bucket.location": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareR2Bucket).Location, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.r2.bucket.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareR2Bucket).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareWorkers).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.workers.workers": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkers).Workers, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.pages": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkers).Pages, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareWorkersWorker).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.workers.worker.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.etag": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).Etag, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.size": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).Size, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.deploymentId": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).DeploymentId, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.pipelineHash": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).PipelineHash, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.placementMode": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).PlacementMode, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.lastDeployedFrom": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).LastDeployedFrom, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.logPush": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).LogPush, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.worker.modifiedOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersWorker).ModifiedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareWorkersPage).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.workers.page.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.shortId": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).ShortId, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.projectId": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).ProjectId, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.projectName": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).ProjectName, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.environment": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).Environment, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.url": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).Url, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.aliases": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).Aliases, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.productionBranch": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).ProductionBranch, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.createdOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).CreatedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.workers.page.modifiedOn": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareWorkersPage).ModifiedOn, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareOne).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.one.apps": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOne).Apps, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.identityProviders": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOne).IdentityProviders, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareOneApp).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.one.app.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.aud": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).Aud, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.domain": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).Domain, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.allowedIdentityProviders": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).AllowedIdentityProviders, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.appLauncherVisible": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).AppLauncherVisible, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.autoRedirectToIdentity": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).AutoRedirectToIdentity, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.corsHeaders": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).CorsHeaders, ok = plugin.RawToTValue[*mqlCloudflareCorsHeaders](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.optionsPreflightBypass": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).OptionsPreflightBypass, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.customDenyMessage": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).CustomDenyMessage, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.customDenyUrl": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).CustomDenyUrl, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.serviceAuth401Redirect": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).ServiceAuth401Redirect, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.enableBindingCookie": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).EnableBindingCookie, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.httpOnlyCookieAttribute": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).HttpOnlyCookieAttribute, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.sameSiteCookieAttribute": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).SameSiteCookieAttribute, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.logoUrl": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).LogoUrl, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.sessionDuration": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).SessionDuration, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.skipInterstitial": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).SkipInterstitial, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.type": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).Type, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.createdAt": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).CreatedAt, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.app.updatedAt": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneApp).UpdatedAt, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareCorsHeaders).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.corsHeaders.allowAllHeaders": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowAllHeaders, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowAllMethods": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowAllMethods, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowAllOrigins": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowAllOrigins, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowCredentials": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowCredentials, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowedHeaders": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowedHeaders, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowedMethods": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowedMethods, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.allowedOrigins": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).AllowedOrigins, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
+		return
+	},
+	"cloudflare.corsHeaders.maxAge": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareCorsHeaders).MaxAge, ok = plugin.RawToTValue[int64](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.idp.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+			r.(*mqlCloudflareOneIdp).__id, ok = v.Value.(string)
+			return
+		},
+	"cloudflare.one.idp.id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneIdp).Id, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.idp.name": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneIdp).Name, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"cloudflare.one.idp.type": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlCloudflareOneIdp).Type, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+}
+
+func SetData(resource plugin.Resource, field string, val *llx.RawData) error {
+	f, ok := setDataFields[resource.MqlName() + "." + field]
+	if !ok {
+		return errors.New("[cloudflare] cannot set '"+field+"' in resource '"+resource.MqlName()+"', field not found")
+	}
+
+	if ok := f(resource, val); !ok {
+		return errors.New("[cloudflare] cannot set '"+field+"' in resource '"+resource.MqlName()+"', type does not match")
+	}
+	return nil
+}
+
+func SetAllData(resource plugin.Resource, args map[string]*llx.RawData) error {
+	var err error
+	for k, v := range args {
+		if err = SetData(resource, k, v); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// mqlCloudflare for the cloudflare resource
+type mqlCloudflare struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareInternal it will be used here
+	Zones plugin.TValue[[]interface{}]
+	Accounts plugin.TValue[[]interface{}]
+}
+
+// createCloudflare creates a new instance of this resource
+func createCloudflare(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflare{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflare) MqlName() string {
+	return "cloudflare"
+}
+
+func (c *mqlCloudflare) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflare) GetZones() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Zones, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare", c.__id, "zones")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.zones()
+	})
+}
+
+func (c *mqlCloudflare) GetAccounts() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Accounts, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare", c.__id, "accounts")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.accounts()
+	})
+}
+
+// mqlCloudflareZone for the cloudflare.zone resource
+type mqlCloudflareZone struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareZoneInternal it will be used here
+	Id plugin.TValue[string]
+	Name plugin.TValue[string]
+	NameServers plugin.TValue[[]interface{}]
+	OriginalNameServers plugin.TValue[[]interface{}]
+	Status plugin.TValue[string]
+	Paused plugin.TValue[bool]
+	Type plugin.TValue[string]
+	CreatedOn plugin.TValue[*time.Time]
+	ModifiedOn plugin.TValue[*time.Time]
+	Account plugin.TValue[*mqlCloudflareZoneAccount]
+	Dns plugin.TValue[*mqlCloudflareDns]
+	LiveInputs plugin.TValue[[]interface{}]
+	Videos plugin.TValue[[]interface{}]
+	R2 plugin.TValue[*mqlCloudflareR2]
+	Workers plugin.TValue[*mqlCloudflareWorkers]
+	One plugin.TValue[*mqlCloudflareOne]
+}
+
+// createCloudflareZone creates a new instance of this resource
+func createCloudflareZone(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareZone{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.zone", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareZone) MqlName() string {
+	return "cloudflare.zone"
+}
+
+func (c *mqlCloudflareZone) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareZone) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareZone) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareZone) GetNameServers() *plugin.TValue[[]interface{}] {
+	return &c.NameServers
+}
+
+func (c *mqlCloudflareZone) GetOriginalNameServers() *plugin.TValue[[]interface{}] {
+	return &c.OriginalNameServers
+}
+
+func (c *mqlCloudflareZone) GetStatus() *plugin.TValue[string] {
+	return &c.Status
+}
+
+func (c *mqlCloudflareZone) GetPaused() *plugin.TValue[bool] {
+	return &c.Paused
+}
+
+func (c *mqlCloudflareZone) GetType() *plugin.TValue[string] {
+	return &c.Type
+}
+
+func (c *mqlCloudflareZone) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+func (c *mqlCloudflareZone) GetModifiedOn() *plugin.TValue[*time.Time] {
+	return &c.ModifiedOn
+}
+
+func (c *mqlCloudflareZone) GetAccount() *plugin.TValue[*mqlCloudflareZoneAccount] {
+	return &c.Account
+}
+
+func (c *mqlCloudflareZone) GetDns() *plugin.TValue[*mqlCloudflareDns] {
+	return plugin.GetOrCompute[*mqlCloudflareDns](&c.Dns, func() (*mqlCloudflareDns, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "dns")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.(*mqlCloudflareDns), nil
+			}
+		}
+
+		return c.dns()
+	})
+}
+
+func (c *mqlCloudflareZone) GetLiveInputs() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.LiveInputs, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "liveInputs")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.liveInputs()
+	})
+}
+
+func (c *mqlCloudflareZone) GetVideos() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Videos, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "videos")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.videos()
+	})
+}
+
+func (c *mqlCloudflareZone) GetR2() *plugin.TValue[*mqlCloudflareR2] {
+	return plugin.GetOrCompute[*mqlCloudflareR2](&c.R2, func() (*mqlCloudflareR2, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "r2")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.(*mqlCloudflareR2), nil
+			}
+		}
+
+		return c.r2()
+	})
+}
+
+func (c *mqlCloudflareZone) GetWorkers() *plugin.TValue[*mqlCloudflareWorkers] {
+	return plugin.GetOrCompute[*mqlCloudflareWorkers](&c.Workers, func() (*mqlCloudflareWorkers, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "workers")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.(*mqlCloudflareWorkers), nil
+			}
+		}
+
+		return c.workers()
+	})
+}
+
+func (c *mqlCloudflareZone) GetOne() *plugin.TValue[*mqlCloudflareOne] {
+	return plugin.GetOrCompute[*mqlCloudflareOne](&c.One, func() (*mqlCloudflareOne, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.zone", c.__id, "one")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.(*mqlCloudflareOne), nil
+			}
+		}
+
+		return c.one()
+	})
+}
+
+// mqlCloudflareZoneAccount for the cloudflare.zone.account resource
+type mqlCloudflareZoneAccount struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareZoneAccountInternal it will be used here
+	Id plugin.TValue[string]
+	Name plugin.TValue[string]
+	Type plugin.TValue[string]
+	Email plugin.TValue[string]
+}
+
+// createCloudflareZoneAccount creates a new instance of this resource
+func createCloudflareZoneAccount(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareZoneAccount{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.zone.account", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareZoneAccount) MqlName() string {
+	return "cloudflare.zone.account"
+}
+
+func (c *mqlCloudflareZoneAccount) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareZoneAccount) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareZoneAccount) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareZoneAccount) GetType() *plugin.TValue[string] {
+	return &c.Type
+}
+
+func (c *mqlCloudflareZoneAccount) GetEmail() *plugin.TValue[string] {
+	return &c.Email
+}
+
+// mqlCloudflareDns for the cloudflare.dns resource
+type mqlCloudflareDns struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	mqlCloudflareDnsInternal
+	Records plugin.TValue[[]interface{}]
+}
+
+// createCloudflareDns creates a new instance of this resource
+func createCloudflareDns(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareDns{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.dns", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareDns) MqlName() string {
+	return "cloudflare.dns"
+}
+
+func (c *mqlCloudflareDns) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareDns) GetRecords() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Records, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.dns", c.__id, "records")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.records()
+	})
+}
+
+// mqlCloudflareDnsRecord for the cloudflare.dns.record resource
+type mqlCloudflareDnsRecord struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareDnsRecordInternal it will be used here
+	Id plugin.TValue[string]
+	Name plugin.TValue[string]
+	Comment plugin.TValue[string]
+	Tags plugin.TValue[[]interface{}]
+	Proxied plugin.TValue[bool]
+	Proxiable plugin.TValue[bool]
+	Type plugin.TValue[string]
+	Content plugin.TValue[string]
+	Ttl plugin.TValue[int64]
+	CreatedOn plugin.TValue[*time.Time]
+	ModifiedOn plugin.TValue[*time.Time]
+}
+
+// createCloudflareDnsRecord creates a new instance of this resource
+func createCloudflareDnsRecord(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareDnsRecord{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.dns.record", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareDnsRecord) MqlName() string {
+	return "cloudflare.dns.record"
+}
+
+func (c *mqlCloudflareDnsRecord) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareDnsRecord) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareDnsRecord) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareDnsRecord) GetComment() *plugin.TValue[string] {
+	return &c.Comment
+}
+
+func (c *mqlCloudflareDnsRecord) GetTags() *plugin.TValue[[]interface{}] {
+	return &c.Tags
+}
+
+func (c *mqlCloudflareDnsRecord) GetProxied() *plugin.TValue[bool] {
+	return &c.Proxied
+}
+
+func (c *mqlCloudflareDnsRecord) GetProxiable() *plugin.TValue[bool] {
+	return &c.Proxiable
+}
+
+func (c *mqlCloudflareDnsRecord) GetType() *plugin.TValue[string] {
+	return &c.Type
+}
+
+func (c *mqlCloudflareDnsRecord) GetContent() *plugin.TValue[string] {
+	return &c.Content
+}
+
+func (c *mqlCloudflareDnsRecord) GetTtl() *plugin.TValue[int64] {
+	return &c.Ttl
+}
+
+func (c *mqlCloudflareDnsRecord) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+func (c *mqlCloudflareDnsRecord) GetModifiedOn() *plugin.TValue[*time.Time] {
+	return &c.ModifiedOn
+}
+
+// mqlCloudflareAccount for the cloudflare.account resource
+type mqlCloudflareAccount struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareAccountInternal it will be used here
+	Id plugin.TValue[string]
+	Name plugin.TValue[string]
+	Settings plugin.TValue[*mqlCloudflareAccountSettings]
+	CreatedOn plugin.TValue[*time.Time]
+	LiveInputs plugin.TValue[[]interface{}]
+	Videos plugin.TValue[[]interface{}]
+}
+
+// createCloudflareAccount creates a new instance of this resource
+func createCloudflareAccount(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareAccount{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.account", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareAccount) MqlName() string {
+	return "cloudflare.account"
+}
+
+func (c *mqlCloudflareAccount) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareAccount) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareAccount) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareAccount) GetSettings() *plugin.TValue[*mqlCloudflareAccountSettings] {
+	return &c.Settings
+}
+
+func (c *mqlCloudflareAccount) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+func (c *mqlCloudflareAccount) GetLiveInputs() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.LiveInputs, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.account", c.__id, "liveInputs")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.liveInputs()
+	})
+}
+
+func (c *mqlCloudflareAccount) GetVideos() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Videos, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.account", c.__id, "videos")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.videos()
+	})
+}
+
+// mqlCloudflareAccountSettings for the cloudflare.account.settings resource
+type mqlCloudflareAccountSettings struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareAccountSettingsInternal it will be used here
+	EnforceTwoFactor plugin.TValue[bool]
+}
+
+// createCloudflareAccountSettings creates a new instance of this resource
+func createCloudflareAccountSettings(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareAccountSettings{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.account.settings", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareAccountSettings) MqlName() string {
+	return "cloudflare.account.settings"
+}
+
+func (c *mqlCloudflareAccountSettings) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareAccountSettings) GetEnforceTwoFactor() *plugin.TValue[bool] {
+	return &c.EnforceTwoFactor
+}
+
+// mqlCloudflareStreams for the cloudflare.streams resource
+type mqlCloudflareStreams struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareStreamsInternal it will be used here
+}
+
+// createCloudflareStreams creates a new instance of this resource
+func createCloudflareStreams(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareStreams{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.streams", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareStreams) MqlName() string {
+	return "cloudflare.streams"
+}
+
+func (c *mqlCloudflareStreams) MqlID() string {
+	return c.__id
+}
+
+// mqlCloudflareStreamsLiveInput for the cloudflare.streams.liveInput resource
+type mqlCloudflareStreamsLiveInput struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareStreamsLiveInputInternal it will be used here
+	Id plugin.TValue[string]
+	Uid plugin.TValue[string]
+	Name plugin.TValue[string]
+	DeleteRecordingAfterDays plugin.TValue[int64]
+}
+
+// createCloudflareStreamsLiveInput creates a new instance of this resource
+func createCloudflareStreamsLiveInput(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareStreamsLiveInput{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.streams.liveInput", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareStreamsLiveInput) MqlName() string {
+	return "cloudflare.streams.liveInput"
+}
+
+func (c *mqlCloudflareStreamsLiveInput) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareStreamsLiveInput) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareStreamsLiveInput) GetUid() *plugin.TValue[string] {
+	return &c.Uid
+}
+
+func (c *mqlCloudflareStreamsLiveInput) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareStreamsLiveInput) GetDeleteRecordingAfterDays() *plugin.TValue[int64] {
+	return &c.DeleteRecordingAfterDays
+}
+
+// mqlCloudflareStreamsVideo for the cloudflare.streams.video resource
+type mqlCloudflareStreamsVideo struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareStreamsVideoInternal it will be used here
+	Id plugin.TValue[string]
+	Uid plugin.TValue[string]
+	Name plugin.TValue[string]
+	Creator plugin.TValue[string]
+	Duration plugin.TValue[float64]
+	Height plugin.TValue[int64]
+	Width plugin.TValue[int64]
+	LiveInput plugin.TValue[string]
+	Dash plugin.TValue[string]
+	Hls plugin.TValue[string]
+	Preview plugin.TValue[string]
+	Ready plugin.TValue[bool]
+	RequireSignedUrls plugin.TValue[bool]
+	ScheduledDeletion plugin.TValue[*time.Time]
+	Size plugin.TValue[int64]
+	Thumbnail plugin.TValue[string]
+	ThumbnailTimestampPct plugin.TValue[float64]
+	Uploaded plugin.TValue[*time.Time]
+}
+
+// createCloudflareStreamsVideo creates a new instance of this resource
+func createCloudflareStreamsVideo(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareStreamsVideo{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.streams.video", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareStreamsVideo) MqlName() string {
+	return "cloudflare.streams.video"
+}
+
+func (c *mqlCloudflareStreamsVideo) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareStreamsVideo) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareStreamsVideo) GetUid() *plugin.TValue[string] {
+	return &c.Uid
+}
+
+func (c *mqlCloudflareStreamsVideo) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareStreamsVideo) GetCreator() *plugin.TValue[string] {
+	return &c.Creator
+}
+
+func (c *mqlCloudflareStreamsVideo) GetDuration() *plugin.TValue[float64] {
+	return &c.Duration
+}
+
+func (c *mqlCloudflareStreamsVideo) GetHeight() *plugin.TValue[int64] {
+	return &c.Height
+}
+
+func (c *mqlCloudflareStreamsVideo) GetWidth() *plugin.TValue[int64] {
+	return &c.Width
+}
+
+func (c *mqlCloudflareStreamsVideo) GetLiveInput() *plugin.TValue[string] {
+	return &c.LiveInput
+}
+
+func (c *mqlCloudflareStreamsVideo) GetDash() *plugin.TValue[string] {
+	return &c.Dash
+}
+
+func (c *mqlCloudflareStreamsVideo) GetHls() *plugin.TValue[string] {
+	return &c.Hls
+}
+
+func (c *mqlCloudflareStreamsVideo) GetPreview() *plugin.TValue[string] {
+	return &c.Preview
+}
+
+func (c *mqlCloudflareStreamsVideo) GetReady() *plugin.TValue[bool] {
+	return &c.Ready
+}
+
+func (c *mqlCloudflareStreamsVideo) GetRequireSignedUrls() *plugin.TValue[bool] {
+	return &c.RequireSignedUrls
+}
+
+func (c *mqlCloudflareStreamsVideo) GetScheduledDeletion() *plugin.TValue[*time.Time] {
+	return &c.ScheduledDeletion
+}
+
+func (c *mqlCloudflareStreamsVideo) GetSize() *plugin.TValue[int64] {
+	return &c.Size
+}
+
+func (c *mqlCloudflareStreamsVideo) GetThumbnail() *plugin.TValue[string] {
+	return &c.Thumbnail
+}
+
+func (c *mqlCloudflareStreamsVideo) GetThumbnailTimestampPct() *plugin.TValue[float64] {
+	return &c.ThumbnailTimestampPct
+}
+
+func (c *mqlCloudflareStreamsVideo) GetUploaded() *plugin.TValue[*time.Time] {
+	return &c.Uploaded
+}
+
+// mqlCloudflareR2 for the cloudflare.r2 resource
+type mqlCloudflareR2 struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	mqlCloudflareR2Internal
+	Buckets plugin.TValue[[]interface{}]
+}
+
+// createCloudflareR2 creates a new instance of this resource
+func createCloudflareR2(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareR2{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.r2", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareR2) MqlName() string {
+	return "cloudflare.r2"
+}
+
+func (c *mqlCloudflareR2) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareR2) GetBuckets() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Buckets, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.r2", c.__id, "buckets")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.buckets()
+	})
+}
+
+// mqlCloudflareR2Bucket for the cloudflare.r2.bucket resource
+type mqlCloudflareR2Bucket struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareR2BucketInternal it will be used here
+	Name plugin.TValue[string]
+	Location plugin.TValue[string]
+	CreatedOn plugin.TValue[*time.Time]
+}
+
+// createCloudflareR2Bucket creates a new instance of this resource
+func createCloudflareR2Bucket(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareR2Bucket{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.r2.bucket", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareR2Bucket) MqlName() string {
+	return "cloudflare.r2.bucket"
+}
+
+func (c *mqlCloudflareR2Bucket) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareR2Bucket) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareR2Bucket) GetLocation() *plugin.TValue[string] {
+	return &c.Location
+}
+
+func (c *mqlCloudflareR2Bucket) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+// mqlCloudflareWorkers for the cloudflare.workers resource
+type mqlCloudflareWorkers struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	mqlCloudflareWorkersInternal
+	Workers plugin.TValue[[]interface{}]
+	Pages plugin.TValue[[]interface{}]
+}
+
+// createCloudflareWorkers creates a new instance of this resource
+func createCloudflareWorkers(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareWorkers{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.workers", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareWorkers) MqlName() string {
+	return "cloudflare.workers"
+}
+
+func (c *mqlCloudflareWorkers) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareWorkers) GetWorkers() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Workers, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.workers", c.__id, "workers")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.workers()
+	})
+}
+
+func (c *mqlCloudflareWorkers) GetPages() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Pages, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.workers", c.__id, "pages")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.pages()
+	})
+}
+
+// mqlCloudflareWorkersWorker for the cloudflare.workers.worker resource
+type mqlCloudflareWorkersWorker struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareWorkersWorkerInternal it will be used here
+	Id plugin.TValue[string]
+	Etag plugin.TValue[string]
+	Size plugin.TValue[int64]
+	DeploymentId plugin.TValue[string]
+	PipelineHash plugin.TValue[string]
+	PlacementMode plugin.TValue[string]
+	LastDeployedFrom plugin.TValue[string]
+	LogPush plugin.TValue[bool]
+	CreatedOn plugin.TValue[*time.Time]
+	ModifiedOn plugin.TValue[*time.Time]
+}
+
+// createCloudflareWorkersWorker creates a new instance of this resource
+func createCloudflareWorkersWorker(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareWorkersWorker{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.workers.worker", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareWorkersWorker) MqlName() string {
+	return "cloudflare.workers.worker"
+}
+
+func (c *mqlCloudflareWorkersWorker) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareWorkersWorker) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareWorkersWorker) GetEtag() *plugin.TValue[string] {
+	return &c.Etag
+}
+
+func (c *mqlCloudflareWorkersWorker) GetSize() *plugin.TValue[int64] {
+	return &c.Size
+}
+
+func (c *mqlCloudflareWorkersWorker) GetDeploymentId() *plugin.TValue[string] {
+	return &c.DeploymentId
+}
+
+func (c *mqlCloudflareWorkersWorker) GetPipelineHash() *plugin.TValue[string] {
+	return &c.PipelineHash
+}
+
+func (c *mqlCloudflareWorkersWorker) GetPlacementMode() *plugin.TValue[string] {
+	return &c.PlacementMode
+}
+
+func (c *mqlCloudflareWorkersWorker) GetLastDeployedFrom() *plugin.TValue[string] {
+	return &c.LastDeployedFrom
+}
+
+func (c *mqlCloudflareWorkersWorker) GetLogPush() *plugin.TValue[bool] {
+	return &c.LogPush
+}
+
+func (c *mqlCloudflareWorkersWorker) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+func (c *mqlCloudflareWorkersWorker) GetModifiedOn() *plugin.TValue[*time.Time] {
+	return &c.ModifiedOn
+}
+
+// mqlCloudflareWorkersPage for the cloudflare.workers.page resource
+type mqlCloudflareWorkersPage struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareWorkersPageInternal it will be used here
+	Id plugin.TValue[string]
+	ShortId plugin.TValue[string]
+	ProjectId plugin.TValue[string]
+	ProjectName plugin.TValue[string]
+	Environment plugin.TValue[string]
+	Url plugin.TValue[string]
+	Aliases plugin.TValue[[]interface{}]
+	ProductionBranch plugin.TValue[string]
+	CreatedOn plugin.TValue[*time.Time]
+	ModifiedOn plugin.TValue[*time.Time]
+}
+
+// createCloudflareWorkersPage creates a new instance of this resource
+func createCloudflareWorkersPage(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareWorkersPage{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.workers.page", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareWorkersPage) MqlName() string {
+	return "cloudflare.workers.page"
+}
+
+func (c *mqlCloudflareWorkersPage) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareWorkersPage) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareWorkersPage) GetShortId() *plugin.TValue[string] {
+	return &c.ShortId
+}
+
+func (c *mqlCloudflareWorkersPage) GetProjectId() *plugin.TValue[string] {
+	return &c.ProjectId
+}
+
+func (c *mqlCloudflareWorkersPage) GetProjectName() *plugin.TValue[string] {
+	return &c.ProjectName
+}
+
+func (c *mqlCloudflareWorkersPage) GetEnvironment() *plugin.TValue[string] {
+	return &c.Environment
+}
+
+func (c *mqlCloudflareWorkersPage) GetUrl() *plugin.TValue[string] {
+	return &c.Url
+}
+
+func (c *mqlCloudflareWorkersPage) GetAliases() *plugin.TValue[[]interface{}] {
+	return &c.Aliases
+}
+
+func (c *mqlCloudflareWorkersPage) GetProductionBranch() *plugin.TValue[string] {
+	return &c.ProductionBranch
+}
+
+func (c *mqlCloudflareWorkersPage) GetCreatedOn() *plugin.TValue[*time.Time] {
+	return &c.CreatedOn
+}
+
+func (c *mqlCloudflareWorkersPage) GetModifiedOn() *plugin.TValue[*time.Time] {
+	return &c.ModifiedOn
+}
+
+// mqlCloudflareOne for the cloudflare.one resource
+type mqlCloudflareOne struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	mqlCloudflareOneInternal
+	Apps plugin.TValue[[]interface{}]
+	IdentityProviders plugin.TValue[[]interface{}]
+}
+
+// createCloudflareOne creates a new instance of this resource
+func createCloudflareOne(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareOne{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.one", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareOne) MqlName() string {
+	return "cloudflare.one"
+}
+
+func (c *mqlCloudflareOne) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareOne) GetApps() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.Apps, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.one", c.__id, "apps")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.apps()
+	})
+}
+
+func (c *mqlCloudflareOne) GetIdentityProviders() *plugin.TValue[[]interface{}] {
+	return plugin.GetOrCompute[[]interface{}](&c.IdentityProviders, func() ([]interface{}, error) {
+		if c.MqlRuntime.HasRecording {
+			d, err := c.MqlRuntime.FieldResourceFromRecording("cloudflare.one", c.__id, "identityProviders")
+			if err != nil {
+				return nil, err
+			}
+			if d != nil {
+				return d.Value.([]interface{}), nil
+			}
+		}
+
+		return c.identityProviders()
+	})
+}
+
+// mqlCloudflareOneApp for the cloudflare.one.app resource
+type mqlCloudflareOneApp struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareOneAppInternal it will be used here
+	Id plugin.TValue[string]
+	Aud plugin.TValue[string]
+	Name plugin.TValue[string]
+	Domain plugin.TValue[string]
+	AllowedIdentityProviders plugin.TValue[[]interface{}]
+	AppLauncherVisible plugin.TValue[bool]
+	AutoRedirectToIdentity plugin.TValue[bool]
+	CorsHeaders plugin.TValue[*mqlCloudflareCorsHeaders]
+	OptionsPreflightBypass plugin.TValue[bool]
+	CustomDenyMessage plugin.TValue[string]
+	CustomDenyUrl plugin.TValue[string]
+	ServiceAuth401Redirect plugin.TValue[bool]
+	EnableBindingCookie plugin.TValue[bool]
+	HttpOnlyCookieAttribute plugin.TValue[bool]
+	SameSiteCookieAttribute plugin.TValue[string]
+	LogoUrl plugin.TValue[string]
+	SessionDuration plugin.TValue[string]
+	SkipInterstitial plugin.TValue[bool]
+	Type plugin.TValue[string]
+	CreatedAt plugin.TValue[*time.Time]
+	UpdatedAt plugin.TValue[*time.Time]
+}
+
+// createCloudflareOneApp creates a new instance of this resource
+func createCloudflareOneApp(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareOneApp{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.one.app", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareOneApp) MqlName() string {
+	return "cloudflare.one.app"
+}
+
+func (c *mqlCloudflareOneApp) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareOneApp) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareOneApp) GetAud() *plugin.TValue[string] {
+	return &c.Aud
+}
+
+func (c *mqlCloudflareOneApp) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareOneApp) GetDomain() *plugin.TValue[string] {
+	return &c.Domain
+}
+
+func (c *mqlCloudflareOneApp) GetAllowedIdentityProviders() *plugin.TValue[[]interface{}] {
+	return &c.AllowedIdentityProviders
+}
+
+func (c *mqlCloudflareOneApp) GetAppLauncherVisible() *plugin.TValue[bool] {
+	return &c.AppLauncherVisible
+}
+
+func (c *mqlCloudflareOneApp) GetAutoRedirectToIdentity() *plugin.TValue[bool] {
+	return &c.AutoRedirectToIdentity
+}
+
+func (c *mqlCloudflareOneApp) GetCorsHeaders() *plugin.TValue[*mqlCloudflareCorsHeaders] {
+	return &c.CorsHeaders
+}
+
+func (c *mqlCloudflareOneApp) GetOptionsPreflightBypass() *plugin.TValue[bool] {
+	return &c.OptionsPreflightBypass
+}
+
+func (c *mqlCloudflareOneApp) GetCustomDenyMessage() *plugin.TValue[string] {
+	return &c.CustomDenyMessage
+}
+
+func (c *mqlCloudflareOneApp) GetCustomDenyUrl() *plugin.TValue[string] {
+	return &c.CustomDenyUrl
+}
+
+func (c *mqlCloudflareOneApp) GetServiceAuth401Redirect() *plugin.TValue[bool] {
+	return &c.ServiceAuth401Redirect
+}
+
+func (c *mqlCloudflareOneApp) GetEnableBindingCookie() *plugin.TValue[bool] {
+	return &c.EnableBindingCookie
+}
+
+func (c *mqlCloudflareOneApp) GetHttpOnlyCookieAttribute() *plugin.TValue[bool] {
+	return &c.HttpOnlyCookieAttribute
+}
+
+func (c *mqlCloudflareOneApp) GetSameSiteCookieAttribute() *plugin.TValue[string] {
+	return &c.SameSiteCookieAttribute
+}
+
+func (c *mqlCloudflareOneApp) GetLogoUrl() *plugin.TValue[string] {
+	return &c.LogoUrl
+}
+
+func (c *mqlCloudflareOneApp) GetSessionDuration() *plugin.TValue[string] {
+	return &c.SessionDuration
+}
+
+func (c *mqlCloudflareOneApp) GetSkipInterstitial() *plugin.TValue[bool] {
+	return &c.SkipInterstitial
+}
+
+func (c *mqlCloudflareOneApp) GetType() *plugin.TValue[string] {
+	return &c.Type
+}
+
+func (c *mqlCloudflareOneApp) GetCreatedAt() *plugin.TValue[*time.Time] {
+	return &c.CreatedAt
+}
+
+func (c *mqlCloudflareOneApp) GetUpdatedAt() *plugin.TValue[*time.Time] {
+	return &c.UpdatedAt
+}
+
+// mqlCloudflareCorsHeaders for the cloudflare.corsHeaders resource
+type mqlCloudflareCorsHeaders struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareCorsHeadersInternal it will be used here
+	AllowAllHeaders plugin.TValue[bool]
+	AllowAllMethods plugin.TValue[bool]
+	AllowAllOrigins plugin.TValue[bool]
+	AllowCredentials plugin.TValue[bool]
+	AllowedHeaders plugin.TValue[[]interface{}]
+	AllowedMethods plugin.TValue[[]interface{}]
+	AllowedOrigins plugin.TValue[[]interface{}]
+	MaxAge plugin.TValue[int64]
+}
+
+// createCloudflareCorsHeaders creates a new instance of this resource
+func createCloudflareCorsHeaders(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareCorsHeaders{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	// to override __id implement: id() (string, error)
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.corsHeaders", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareCorsHeaders) MqlName() string {
+	return "cloudflare.corsHeaders"
+}
+
+func (c *mqlCloudflareCorsHeaders) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowAllHeaders() *plugin.TValue[bool] {
+	return &c.AllowAllHeaders
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowAllMethods() *plugin.TValue[bool] {
+	return &c.AllowAllMethods
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowAllOrigins() *plugin.TValue[bool] {
+	return &c.AllowAllOrigins
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowCredentials() *plugin.TValue[bool] {
+	return &c.AllowCredentials
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowedHeaders() *plugin.TValue[[]interface{}] {
+	return &c.AllowedHeaders
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowedMethods() *plugin.TValue[[]interface{}] {
+	return &c.AllowedMethods
+}
+
+func (c *mqlCloudflareCorsHeaders) GetAllowedOrigins() *plugin.TValue[[]interface{}] {
+	return &c.AllowedOrigins
+}
+
+func (c *mqlCloudflareCorsHeaders) GetMaxAge() *plugin.TValue[int64] {
+	return &c.MaxAge
+}
+
+// mqlCloudflareOneIdp for the cloudflare.one.idp resource
+type mqlCloudflareOneIdp struct {
+	MqlRuntime *plugin.Runtime
+	__id string
+	// optional: if you define mqlCloudflareOneIdpInternal it will be used here
+	Id plugin.TValue[string]
+	Name plugin.TValue[string]
+	Type plugin.TValue[string]
+}
+
+// createCloudflareOneIdp creates a new instance of this resource
+func createCloudflareOneIdp(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) {
+	res := &mqlCloudflareOneIdp{
+		MqlRuntime: runtime,
+	}
+
+	err := SetAllData(res, args)
+	if err != nil {
+		return res, err
+	}
+
+	if res.__id == "" {
+	res.__id, err = res.id()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if runtime.HasRecording {
+		args, err = runtime.ResourceFromRecording("cloudflare.one.idp", res.__id)
+		if err != nil || args == nil {
+			return res, err
+		}
+		return res, SetAllData(res, args)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareOneIdp) MqlName() string {
+	return "cloudflare.one.idp"
+}
+
+func (c *mqlCloudflareOneIdp) MqlID() string {
+	return c.__id
+}
+
+func (c *mqlCloudflareOneIdp) GetId() *plugin.TValue[string] {
+	return &c.Id
+}
+
+func (c *mqlCloudflareOneIdp) GetName() *plugin.TValue[string] {
+	return &c.Name
+}
+
+func (c *mqlCloudflareOneIdp) GetType() *plugin.TValue[string] {
+	return &c.Type
+}
diff --git a/providers/cloudflare/resources/cloudflare.lr.manifest.yaml b/providers/cloudflare/resources/cloudflare.lr.manifest.yaml
new file mode 100755
index 000000000..fd9600a53
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare.lr.manifest.yaml
@@ -0,0 +1,203 @@
+# Copyright (c) Mondoo, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+resources:
+  cloudflare:
+    fields:
+      accounts: {}
+      zones: {}
+    min_mondoo_version: 9.0.0
+  cloudflare.account:
+    fields:
+      createdOn: {}
+      id: {}
+      liveInputs: {}
+      name: {}
+      settings: {}
+      videos: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.account.settings:
+    fields:
+      enforceTwoFactor: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.corsHeaders:
+    fields:
+      allowAllHeaders: {}
+      allowAllMethods: {}
+      allowAllOrigins: {}
+      allowCredentials: {}
+      allowedHeaders: {}
+      allowedMethods: {}
+      allowedOrigins: {}
+      maxAge: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.dns:
+    fields:
+      records: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.dns.record:
+    fields:
+      comment: {}
+      content: {}
+      createdOn: {}
+      id: {}
+      modifiedOn: {}
+      name: {}
+      proxiable: {}
+      proxied: {}
+      tags: {}
+      ttl: {}
+      type: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.one:
+    fields:
+      apps: {}
+      identityProviders: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.one.app:
+    fields:
+      allowedIdentityProviders: {}
+      appLauncherVisible: {}
+      aud: {}
+      autoRedirectToIdentity: {}
+      corsHeaders: {}
+      createdAt: {}
+      customDenyMessage: {}
+      customDenyUrl: {}
+      domain: {}
+      enableBindingCookie: {}
+      httpOnlyCookieAttribute: {}
+      id: {}
+      logoUrl: {}
+      name: {}
+      optionsPreflightBypass: {}
+      sameSiteCookieAttribute: {}
+      serviceAuth401Redirect: {}
+      sessionDuration: {}
+      skip_interstitial: {}
+      skipInterstitial: {}
+      type: {}
+      updatedAt: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.one.idp:
+    fields:
+      id: {}
+      name: {}
+      type: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.r2:
+    fields:
+      buckets: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.r2.bucket:
+    fields:
+      createdOn: {}
+      location: {}
+      name: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.streams:
+    fields: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.streams.liveInput:
+    fields:
+      deleteRecordingAfterDays: {}
+      id: {}
+      name: {}
+      uid: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.streams.video:
+    fields:
+      creator: {}
+      dash: {}
+      duration: {}
+      height: {}
+      hls: {}
+      id: {}
+      liveInput: {}
+      name: {}
+      preview: {}
+      ready: {}
+      requireSignedUrls: {}
+      scheduledDeletion: {}
+      size: {}
+      thumbnail: {}
+      thumbnailTimestampPct: {}
+      uid: {}
+      uploaded: {}
+      width: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.workers:
+    fields:
+      pages: {}
+      workers: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.workers.page:
+    fields:
+      aliases: {}
+      createdOn: {}
+      environment: {}
+      id: {}
+      modifiedOn: {}
+      productionBranch: {}
+      projectId: {}
+      projectName: {}
+      shortId: {}
+      url: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.workers.worker:
+    fields:
+      createdOn: {}
+      deploymentId: {}
+      etag: {}
+      id: {}
+      lastDeployedFrom: {}
+      logPush: {}
+      modifiedOn: {}
+      pipelineHash: {}
+      placementMode: {}
+      size: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.zone:
+    fields:
+      account: {}
+      createdOn: {}
+      dns: {}
+      id: {}
+      liveInputs: {}
+      modifiedOn: {}
+      name: {}
+      nameServers: {}
+      one: {}
+      originalNameServers: {}
+      paused: {}
+      r2: {}
+      status: {}
+      type: {}
+      videos: {}
+      workers: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+  cloudflare.zone.account:
+    fields:
+      email: {}
+      id: {}
+      name: {}
+      type: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
diff --git a/providers/cloudflare/resources/cloudflare_accounts.go b/providers/cloudflare/resources/cloudflare_accounts.go
new file mode 100644
index 000000000..84ae00f74
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_accounts.go
@@ -0,0 +1,10 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+func (c *mqlCloudflareAccount) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_dns.go b/providers/cloudflare/resources/cloudflare_dns.go
new file mode 100644
index 000000000..3aa619bc6
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_dns.go
@@ -0,0 +1,88 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/util/convert"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/types"
+)
+
+type mqlCloudflareDnsInternal struct {
+	ZoneID string
+}
+
+func (c *mqlCloudflareZone) dns() (*mqlCloudflareDns, error) {
+	res, err := CreateResource(c.MqlRuntime, "cloudflare.dns", map[string]*llx.RawData{
+		"__id": llx.StringData("cloudflare.dns@" + c.Id.Data),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	dns := res.(*mqlCloudflareDns)
+	dns.ZoneID = c.Id.Data
+
+	return dns, nil
+}
+
+func (c *mqlCloudflareDnsRecord) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareDns) records() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	cursor := &cloudflare.ResultInfo{}
+
+	var result []any
+	for {
+		records, info, err := conn.Cf.ListDNSRecords(
+			context.Background(),
+			&cloudflare.ResourceContainer{Identifier: c.ZoneID}, cloudflare.ListDNSRecordsParams{
+				ResultInfo: *cursor,
+			})
+		if err != nil {
+			return nil, err
+		}
+
+		cursor = info
+
+		for i := range records {
+			rec := records[i]
+			res, err := NewResource(c.MqlRuntime, "cloudflare.dns.record", map[string]*llx.RawData{
+				"id":        llx.StringData(rec.ID),
+				"name":      llx.StringData(rec.Name),
+				"tags":      llx.ArrayData(convert.SliceAnyToInterface(rec.Tags), types.String),
+				"proxied":   llx.BoolDataPtr(rec.Proxied),
+				"proxiable": llx.BoolData(rec.Proxiable),
+				"comment":   llx.StringData(rec.Comment),
+
+				"type":    llx.StringData(rec.Type),
+				"content": llx.StringData(rec.Content),
+				"ttl":     llx.IntData(rec.TTL),
+
+				"createdOn":  llx.TimeData(rec.CreatedOn),
+				"modifiedOn": llx.TimeData(rec.ModifiedOn),
+			})
+			if err != nil {
+				return nil, err
+			}
+
+			result = append(result, res)
+		}
+
+		if !cursor.HasMorePages() {
+			break
+		}
+	}
+
+	return result, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_one.go b/providers/cloudflare/resources/cloudflare_one.go
new file mode 100644
index 000000000..a30225e4a
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_one.go
@@ -0,0 +1,174 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/util/convert"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/types"
+)
+
+type mqlCloudflareOneInternal struct {
+	ZoneID string
+}
+
+func (c *mqlCloudflareZone) one() (*mqlCloudflareOne, error) {
+	res, err := CreateResource(c.MqlRuntime, "cloudflare.one", map[string]*llx.RawData{
+		"__id": llx.StringData("cloudflare.one@" + c.Id.Data),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	one := res.(*mqlCloudflareOne)
+	one.ZoneID = c.Id.Data
+
+	return one, nil
+}
+
+func (c *mqlCloudflareOneApp) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareOne) apps() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	cursor := &cloudflare.ResultInfo{}
+
+	var result []any
+	for {
+		records, info, err := conn.Cf.ListAccessApplications(context.TODO(), &cloudflare.ResourceContainer{
+			Identifier: c.ZoneID,
+			Level:      cloudflare.ZoneRouteLevel,
+		}, cloudflare.ListAccessApplicationsParams{
+			ResultInfo: *cursor,
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		cursor = info
+
+		for i := range records {
+			rec := records[i]
+
+			resourceData := map[string]*llx.RawData{
+				"id":     llx.StringData(rec.ID),
+				"aud":    llx.StringData(rec.AUD),
+				"name":   llx.StringData(rec.Name),
+				"domain": llx.StringData(rec.Domain),
+
+				"allowedIdentityProviders": llx.ArrayData(convert.SliceAnyToInterface(rec.AllowedIdps), types.String),
+
+				"appLauncherVisible":     llx.BoolData(*rec.AppLauncherVisible),
+				"autoRedirectToIdentity": llx.BoolData(*rec.AutoRedirectToIdentity),
+				"optionsPreflightBypass": llx.BoolData(*rec.OptionsPreflightBypass),
+
+				"customDenyMessage":      llx.StringData(rec.CustomDenyMessage),
+				"customDenyUrl":          llx.StringData(rec.CustomDenyURL),
+				"serviceAuth401Redirect": llx.BoolDataPtr(rec.ServiceAuth401Redirect),
+
+				"enableBindingCookie":     llx.BoolDataPtr(rec.EnableBindingCookie),
+				"httpOnlyCookieAttribute": llx.BoolDataPtr(rec.HttpOnlyCookieAttribute),
+				"sameSiteCookieAttribute": llx.StringData(rec.SameSiteCookieAttribute),
+
+				"logoUrl":          llx.StringData(rec.LogoURL),
+				"sessionDuration":  llx.StringData(rec.SessionDuration),
+				"skipInterstitial": llx.BoolDataPtr(rec.SkipInterstitial),
+
+				"type": llx.StringData(string(rec.Type)),
+
+				"createdAt": llx.TimeDataPtr(rec.CreatedAt),
+				"updatedAt": llx.TimeDataPtr(rec.UpdatedAt),
+
+				"corsHeaders": llx.NilData,
+			}
+
+			if rec.CorsHeaders != nil {
+				headers := rec.CorsHeaders
+				corsHeaders, err := NewResource(c.MqlRuntime, "cloudflare.corsHeaders", map[string]*llx.RawData{
+					"allowAllHeaders":  llx.BoolData(headers.AllowAllHeaders),
+					"allowAllMethods":  llx.BoolData(headers.AllowAllMethods),
+					"allowAllOrigins":  llx.BoolData(headers.AllowAllOrigins),
+					"allowCredentials": llx.BoolData(headers.AllowCredentials),
+					"allowedHeaders":   llx.ArrayData(convert.SliceAnyToInterface(headers.AllowedHeaders), types.String),
+					"allowedMethods":   llx.ArrayData(convert.SliceAnyToInterface(headers.AllowedMethods), types.String),
+					"allowedOrigins":   llx.ArrayData(convert.SliceAnyToInterface(headers.AllowedOrigins), types.String),
+					"maxAge":           llx.IntData(headers.MaxAge),
+				})
+				if err == nil {
+					resourceData["corsHeaders"] = llx.ResourceData(corsHeaders, corsHeaders.MqlName())
+				}
+			}
+
+			res, err := NewResource(c.MqlRuntime, "cloudflare.one.app", resourceData)
+			if err != nil {
+				return nil, err
+			}
+
+			result = append(result, res)
+
+		}
+
+		if !cursor.HasMorePages() {
+			break
+		}
+	}
+
+	return result, nil
+}
+
+func (c *mqlCloudflareOneIdp) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareOne) identityProviders() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	cursor := &cloudflare.ResultInfo{}
+	var result []any
+	for {
+		records, info, err := conn.Cf.ListAccessIdentityProviders(context.TODO(), &cloudflare.ResourceContainer{
+			Identifier: c.ZoneID,
+			Level:      cloudflare.ZoneRouteLevel,
+		}, cloudflare.ListAccessIdentityProvidersParams{
+			ResultInfo: *cursor,
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		cursor = info
+
+		for i := range records {
+			rec := records[i]
+
+			res, err := NewResource(c.MqlRuntime, "cloudflare.one.idp", map[string]*llx.RawData{
+				"id":   llx.StringData(rec.ID),
+				"name": llx.StringData(rec.Name),
+				"type": llx.StringData(string(rec.Type)),
+			})
+			if err != nil {
+				return nil, err
+			}
+
+			result = append(result, res)
+		}
+
+		if !cursor.HasMorePages() {
+			break
+		}
+	}
+
+	return result, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_r2.go b/providers/cloudflare/resources/cloudflare_r2.go
new file mode 100644
index 000000000..94a20c05b
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_r2.go
@@ -0,0 +1,61 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+)
+
+func (c *mqlCloudflareR2) id() (string, error) {
+	return "cloudflare.r2", nil
+}
+
+type mqlCloudflareR2Internal struct {
+	AccountID string
+}
+
+func (c *mqlCloudflareZone) r2() (*mqlCloudflareR2, error) {
+	res, err := CreateResource(c.MqlRuntime, "cloudflare.r2", map[string]*llx.RawData{
+		"__id": llx.StringData("cloudflare.r2@" + c.GetAccount().Data.GetId().Data),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	r2 := res.(*mqlCloudflareR2)
+	r2.AccountID = c.GetAccount().Data.GetId().Data
+
+	return r2, nil
+}
+
+func (c *mqlCloudflareR2) buckets() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	buckets, err := conn.Cf.ListR2Buckets(context.TODO(), &cloudflare.ResourceContainer{
+		Identifier: c.mqlCloudflareR2Internal.AccountID,
+	}, cloudflare.ListR2BucketsParams{})
+	if err != nil {
+		return nil, err
+	}
+
+	var result []any
+	for i := range buckets {
+		bucket := buckets[i]
+		res, err := NewResource(c.MqlRuntime, "cloudflare.r2.bucket", map[string]*llx.RawData{
+			"name":      llx.StringData(bucket.Name),
+			"location":  llx.StringData(bucket.Location),
+			"createdOn": llx.TimeData(*bucket.CreationDate),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		result = append(result, res)
+	}
+
+	return result, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_stream.go b/providers/cloudflare/resources/cloudflare_stream.go
new file mode 100644
index 000000000..94e72b6ff
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_stream.go
@@ -0,0 +1,142 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+)
+
+func (c *mqlCloudflareStreamsLiveInput) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareStreamsVideo) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareZone) liveInputs() ([]any, error) {
+	return fetchLiveInputs(c.MqlRuntime, c.Account.Data.GetId().Data)
+}
+
+func (c *mqlCloudflareAccount) liveInputs() ([]any, error) {
+	return fetchLiveInputs(c.MqlRuntime, c.Id.Data)
+}
+
+func fetchLiveInputs(runtime *plugin.Runtime, account_id string) ([]any, error) {
+	conn := runtime.Connection.(*connection.CloudflareConnection)
+
+	req, _ := http.NewRequest(
+		"GET", fmt.Sprintf("%s/accounts/%s/stream/live_inputs", conn.Cf.BaseURL, account_id), nil,
+	)
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", conn.Cf.APIToken))
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var results struct {
+		Result []struct {
+			Uid                      string                 `json:"uid"`
+			Modified                 string                 `json:"modified"`
+			Created                  string                 `json:"created"`
+			DeleteRecordingAfterDays int                    `json:"deleteRecordingAfterDays"`
+			Meta                     map[string]interface{} `json:"meta"`
+		} `json:"result"`
+	}
+
+	bytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := json.Unmarshal(bytes, &results); err != nil {
+		return nil, err
+	}
+
+	var res []any
+
+	for _, result := range results.Result {
+		input, err := NewResource(runtime, "cloudflare.streams.liveInput", map[string]*llx.RawData{
+			"id":                       llx.StringData(result.Uid),
+			"uid":                      llx.StringData(result.Uid),
+			"deleteRecordingAfterDays": llx.IntData(result.DeleteRecordingAfterDays),
+			"name":                     llx.StringData(result.Meta["name"].(string)),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		res = append(res, input)
+	}
+
+	return res, nil
+}
+
+func (c *mqlCloudflareZone) videos() ([]any, error) {
+	return fetchVideos(c.MqlRuntime, c.Account.Data.GetId().Data)
+}
+
+func (c *mqlCloudflareAccount) videos() ([]any, error) {
+	return fetchVideos(c.MqlRuntime, c.Id.Data)
+}
+
+func fetchVideos(runtime *plugin.Runtime, account_id string) ([]any, error) {
+	conn := runtime.Connection.(*connection.CloudflareConnection)
+
+	results, err := conn.Cf.StreamListVideos(context.Background(), cloudflare.StreamListParameters{
+		AccountID: account_id,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var result []any
+	for i := range results {
+		video := results[i]
+
+		res, err := NewResource(runtime, "cloudflare.streams.video", map[string]*llx.RawData{
+			"id":                    llx.StringData(video.UID),
+			"uid":                   llx.StringData(video.UID),
+			"name":                  llx.StringData(video.Meta["name"].(string)),
+			"creator":               llx.StringData(video.Creator),
+			"duration":              llx.FloatData(video.Duration),
+			"height":                llx.IntData(video.Input.Height),
+			"width":                 llx.IntData(video.Input.Width),
+			"liveInput":             llx.StringData(video.LiveInput),
+			"dash":                  llx.StringData(video.Playback.Dash),
+			"hls":                   llx.StringData(video.Playback.HLS),
+			"preview":               llx.StringData(video.Preview),
+			"ready":                 llx.BoolData(video.ReadyToStream),
+			"requireSignedUrls":     llx.BoolData(video.RequireSignedURLs),
+			"scheduledDeletion":     llx.TimeDataPtr(video.ScheduledDeletion),
+			"size":                  llx.IntData(video.Size),
+			"thumbnail":             llx.StringData(video.Thumbnail),
+			"thumbnailTimestampPct": llx.FloatData(video.ThumbnailTimestampPct),
+			"uploaded":              llx.TimeDataPtr(video.Uploaded),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		result = append(result, res)
+	}
+
+	return result, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_workers.go b/providers/cloudflare/resources/cloudflare_workers.go
new file mode 100644
index 000000000..e9c997bac
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_workers.go
@@ -0,0 +1,74 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"context"
+
+	"github.com/cloudflare/cloudflare-go"
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+)
+
+func (c *mqlCloudflareZone) workers() (*mqlCloudflareWorkers, error) {
+	res, err := CreateResource(c.MqlRuntime, "cloudflare.workers", map[string]*llx.RawData{
+		"__id": llx.StringData("cloudflare.workers@" + c.GetAccount().Data.GetId().Data),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	workers := res.(*mqlCloudflareWorkers)
+	workers.AccountID = c.GetAccount().Data.GetId().Data
+
+	return workers, nil
+}
+
+type mqlCloudflareWorkersInternal struct {
+	AccountID string
+}
+
+func (c *mqlCloudflareWorkers) workers() ([]any, error) {
+	conn := c.MqlRuntime.Connection.(*connection.CloudflareConnection)
+
+	resp, _, err := conn.Cf.ListWorkers(context.TODO(), &cloudflare.ResourceContainer{
+		Identifier: c.mqlCloudflareWorkersInternal.AccountID,
+		Level:      cloudflare.AccountRouteLevel,
+	}, cloudflare.ListWorkersParams{})
+	if err != nil {
+		return nil, err
+	}
+
+	var result []any
+	for i := range resp.WorkerList {
+		w := resp.WorkerList[i]
+
+		placementMode := ""
+		if w.PlacementMode != nil {
+			placementMode = string(*w.PlacementMode)
+		}
+
+		res, err := NewResource(c.MqlRuntime, "cloudflare.workers.worker", map[string]*llx.RawData{
+			"id":               llx.StringData(w.ID),
+			"etag":             llx.StringData(w.ETAG),
+			"size":             llx.IntData(w.Size),
+			"deploymentId":     llx.StringDataPtr(w.DeploymentId),
+			"pipelineHash":     llx.StringDataPtr(w.PipelineHash),
+			"placementMode":    llx.StringData(placementMode),
+			"lastDeployedFrom": llx.StringDataPtr(w.LastDeployedFrom),
+			"logPush":          llx.BoolDataPtr(w.Logpush),
+			"createdOn":        llx.TimeData(w.CreatedOn),
+			"modifiedOn":       llx.TimeData(w.ModifiedOn),
+		})
+		if err != nil {
+			return nil, err
+		}
+		result = append(result, res)
+	}
+
+	return result, nil
+}
+
+func (c *mqlCloudflareWorkers) pages() ([]any, error) {
+	return nil, nil
+}
diff --git a/providers/cloudflare/resources/cloudflare_zones.go b/providers/cloudflare/resources/cloudflare_zones.go
new file mode 100644
index 000000000..8ed8ba40b
--- /dev/null
+++ b/providers/cloudflare/resources/cloudflare_zones.go
@@ -0,0 +1,17 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+func (c *mqlCloudflareZone) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
+
+func (c *mqlCloudflareZoneAccount) id() (string, error) {
+	if c.Id.Error != nil {
+		return "", c.Id.Error
+	}
+	return c.Id.Data, nil
+}
diff --git a/providers/cloudflare/resources/discovery.go b/providers/cloudflare/resources/discovery.go
new file mode 100644
index 000000000..3467d925f
--- /dev/null
+++ b/providers/cloudflare/resources/discovery.go
@@ -0,0 +1,101 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+package resources
+
+import (
+	"go.mondoo.com/cnquery/v11/llx"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/cloudflare/connection"
+	"go.mondoo.com/cnquery/v11/utils/stringx"
+)
+
+func Discover(runtime *plugin.Runtime, opts map[string]string) (*inventory.Inventory, error) {
+	conn := runtime.Connection.(*connection.CloudflareConnection)
+
+	in := &inventory.Inventory{Spec: &inventory.InventorySpec{
+		Assets: []*inventory.Asset{},
+	}}
+
+	targets := handleTargets(conn.Asset().Connections[0].Discover.Targets)
+	list, err := discover(runtime, targets)
+	if err != nil {
+		return in, err
+	}
+
+	in.Spec.Assets = list
+	return in, nil
+}
+
+func handleTargets(targets []string) []string {
+	if stringx.ContainsAnyOf(targets, connection.DiscoveryAll, connection.DiscoveryAuto) {
+		return []string{
+			connection.DiscoveryAccounts,
+			connection.DiscoveryZones,
+		}
+	}
+	return targets
+}
+
+func discover(runtime *plugin.Runtime, targets []string) ([]*inventory.Asset, error) {
+	conn := runtime.Connection.(*connection.CloudflareConnection)
+	conf := conn.Asset().Connections[0]
+	assetList := []*inventory.Asset{}
+
+	cf, err := getMqlCloudflare(runtime)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, target := range targets {
+		switch target {
+		case connection.DiscoveryZones:
+			zones, err := cf.zones()
+			if err != nil {
+				return nil, err
+			}
+
+			for _, izone := range zones {
+				zone := izone.(*mqlCloudflareZone)
+				asset := &inventory.Asset{
+					PlatformIds: []string{connection.NewCloudflareZoneIdentifier(zone.Id.Data)},
+					Name:        zone.Name.Data,
+					Platform:    connection.NewCloudflareZonePlatform(zone.Id.Data),
+					Labels:      map[string]string{},
+					Connections: []*inventory.Config{conf.Clone(inventory.WithoutDiscovery(), inventory.WithParentConnectionId(conn.ID()))},
+				}
+				assetList = append(assetList, asset)
+			}
+		case connection.DiscoveryAccounts:
+			accounts, err := cf.accounts()
+			if err != nil {
+				return nil, err
+			}
+
+			for _, iaccount := range accounts {
+				account := iaccount.(*mqlCloudflareAccount)
+				asset := &inventory.Asset{
+					PlatformIds: []string{connection.NewCloudflareAccountIdentifier(account.Id.Data)},
+					Name:        account.Name.Data,
+					Platform:    connection.NewCloudflareAccountPlatform(account.Id.Data),
+					Labels:      map[string]string{},
+					Connections: []*inventory.Config{conf.Clone(inventory.WithoutDiscovery(), inventory.WithParentConnectionId(conn.ID()))},
+				}
+				assetList = append(assetList, asset)
+			}
+		default:
+			continue
+		}
+	}
+
+	return assetList, nil
+}
+
+func getMqlCloudflare(runtime *plugin.Runtime) (*mqlCloudflare, error) {
+	res, err := createCloudflare(runtime, map[string]*llx.RawData{})
+	if err != nil {
+		return nil, err
+	}
+
+	return res.(*mqlCloudflare), nil
+}