Update networks_routes.tf
All checks were successful
Terraform Apply / Terraform Apply (push) Successful in 55s
All checks were successful
Terraform Apply / Terraform Apply (push) Successful in 55s
This commit is contained in:
@@ -37,8 +37,8 @@ resource "cloudflare_dns_record" "applications" {
|
||||
# =============================================================================
|
||||
|
||||
resource "cloudflare_zero_trust_tunnel_cloudflared_config" "home_tunnel_config" {
|
||||
tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id
|
||||
account_id = local.cloudflare_account_id
|
||||
tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id
|
||||
|
||||
config = {
|
||||
warp_routing = {
|
||||
@@ -55,46 +55,15 @@ resource "cloudflare_zero_trust_tunnel_cloudflared_config" "home_tunnel_config"
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# ACCESS POLICIES (optionnel)
|
||||
# CLOUDFLARE : Networks : Routes : virtual network
|
||||
# =============================================================================
|
||||
|
||||
# Exemple de politique d'accès réutilisable
|
||||
# Décommentez si vous souhaitez utiliser Cloudflare Access
|
||||
/*
|
||||
resource "cloudflare_zero_trust_access_policy" "allow_emails" {
|
||||
#
|
||||
resource "cloudflare_zero_trust_tunnel_cloudflared_virtual_network" "example_zero_trust_tunnel_cloudflared_virtual_network" {
|
||||
account_id = local.cloudflare_account_id
|
||||
name = "Allow specific emails"
|
||||
decision = "allow"
|
||||
|
||||
include = [
|
||||
{
|
||||
email = {
|
||||
email = local.cloudflare_email
|
||||
}
|
||||
},
|
||||
{
|
||||
email_domain = {
|
||||
domain = var.cloudflare_zone
|
||||
}
|
||||
}
|
||||
]
|
||||
name = "us-east-1-vpc"
|
||||
comment = "Staging VPC for data science"
|
||||
is_default = false
|
||||
is_default_network = false
|
||||
}
|
||||
|
||||
# Application Access pour chaque application qui l'exige
|
||||
resource "cloudflare_zero_trust_access_application" "applications" {
|
||||
for_each = {
|
||||
for app_name, app_config in var.applications :
|
||||
app_name => app_config
|
||||
if app_config.access_enabled
|
||||
}
|
||||
|
||||
account_id = local.cloudflare_account_id
|
||||
type = "self_hosted"
|
||||
name = "Access for ${each.key}"
|
||||
domain = "${each.value.subdomain}.${var.cloudflare_zone}"
|
||||
|
||||
policies = [
|
||||
cloudflare_zero_trust_access_policy.allow_emails.id
|
||||
]
|
||||
}
|
||||
*/
|
||||
Reference in New Issue
Block a user