Update test.tf

2025-11-19 10:42:02 +01:00
parent 11c9788978
commit 49b701d5ff
1 changed files with 12 additions and 12 deletions
--- a/test.tf
+++ b/test.tf
@@ -63,7 +63,7 @@ locals {

    # Zero Trust RDP Access Control (Precedence: 21000)
    rdp_admin_access = {
-      name                 = "NETWORK-Allow: RDP - IT Admin Access Policy [Zero-Trust demo]"
+      name                 = "NETWORK-Allow: RDP - IT Admin Access Policy"
      description          = "Allow RDP access for IT administrators with identity and device posture checks"
      enabled              = true
      action               = "allow"
@@ -77,7 +77,7 @@ locals {

    # Lateral Movement Prevention - East-West Traffic (Precedence: 22000-22400)
    block_lateral_ssh = {
-      name                 = "NETWORK-Block: SSH Lateral Movement [Zero-Trust demo]"
+      name                 = "NETWORK-Block: SSH Lateral Movement"
      description          = "Block SSH connections between internal VMs for lateral movement prevention, while allowing direct SSH from WARP clients"
      enabled              = true
      action               = "block"
@@ -88,7 +88,7 @@ locals {
      notification_enabled = true
    }
    block_lateral_rdp = {
-      name                 = "NETWORK-Block: RDP Lateral Movement [Zero-Trust demo]"
+      name                 = "NETWORK-Block: RDP Lateral Movement"
      description          = "Block RDP connections between internal VMs for lateral movement prevention, while allowing direct RDP from WARP clients"
      enabled              = true
      action               = "block"
@@ -99,7 +99,7 @@ locals {
      notification_enabled = true
    }
    block_lateral_smb = {
-      name                 = "NETWORK-Block: SMB Lateral Movement [Zero-Trust demo]"
+      name                 = "NETWORK-Block: SMB Lateral Movement"
      description          = "Block SMB/CIFS connections between internal VMs for lateral movement prevention, while allowing direct SMB from WARP clients"
      enabled              = true
      action               = "block"
@@ -110,7 +110,7 @@ locals {
      notification_enabled = true
    }
    block_lateral_winrm = {
-      name                 = "NETWORK-Block: WinRM Lateral Movement [Zero-Trust demo]"
+      name                 = "NETWORK-Block: WinRM Lateral Movement"
      description          = "Block WinRM connections between internal VMs for lateral movement prevention, while allowing direct WinRM from WARP clients"
      enabled              = true
      action               = "block"
@@ -121,7 +121,7 @@ locals {
      notification_enabled = true
    }
    block_lateral_database = {
-      name                 = "NETWORK-Block: Database Lateral Movement [Zero-Trust demo]"
+      name                 = "NETWORK-Block: Database Lateral Movement"
      description          = "Block database connections between internal VMs for lateral movement prevention, while allowing direct database access from WARP clients"
      enabled              = true
      action               = "block"
@@ -134,7 +134,7 @@ locals {

    # IP-based Access Control (Precedence: 23000)
    block_ip_access = {
-      name                 = "NETWORK-Block: Access GCP Apps via Private IP [Zero-Trust demo]"
+      name                 = "NETWORK-Block: Access GCP Apps via Private IP"
      description          = "This rule blocks the access of Competition App and Administration App via ip address and port"
      enabled              = true
      action               = "block"
@@ -147,7 +147,7 @@ locals {

    # Default Deny - Evaluated Last (Precedence: 21700)
    rdp_default_deny = {
-      name                 = "NETWORK-Block: Default Deny Policy [Zero-Trust demo]"
+      name                 = "NETWORK-Block: Default Deny Policy"
      description          = "Deny RDP access for users without IT admin privileges (evaluated after allow policy)"
      enabled              = true
      action               = "block"
@@ -168,7 +168,7 @@ locals {

    # AI Application Governance (Precedence: 24000-24100)
    redirect_ai_to_claude = {
-      name                 = "HTTP-Redirect: Redirect users to claude.ai [Zero-Trust demo]"
+      name                 = "HTTP-Redirect: Redirect users to claude.ai"
      description          = "Redirect any unreviewed AI application to claude.ai instead"
      enabled              = true
      action               = "redirect"
@@ -181,7 +181,7 @@ locals {

    # Content Filtering & DLP (Precedence: 25000-25100)
    block_pdf_download = {
-      name                 = "HTTP-Block: PDF Files download [Zero-Trust demo]"
+      name                 = "HTTP-Block: PDF Files download"
      description          = "Block Downloading PDF Files for Sales Engineering group"
      enabled              = false
      action               = "block"
@@ -194,7 +194,7 @@ locals {
    }

    block_gambling = {
-      name                 = "HTTP-Block: Gambling websites [Zero-Trust demo]"
+      name                 = "HTTP-Block: Gambling websites"
      description          = "Block Gambling website according to corporate policies (HTTP)."
      enabled              = true
      action               = "block"
@@ -207,7 +207,7 @@ locals {
    }

    allow_chatgpt_log = {
-      name                 = "HTTP-Allow: ChatGPT logging [Zero-Trust demo]"
+      name                 = "HTTP-Allow: ChatGPT logging"
      description          = "Log ChatGPT requests"
      enabled              = true
      action               = "allow"