Tips-Of-Mine/terraform-cloudflare-tunnel-zone-org
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

modify policy
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 4m35s
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-11-24 15:45:52 +01:00
parent 28903349e2
commit 4c3150a9b9
3 changed files with 32 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
Access_Controls-Policies-Rule_Groups.tf
View File

@@ -145,7 +145,7 @@ locals {
purpose_justification_prompt = "Access justification required: Please provide your business reason for accessing this sensitive resource."
lifecycle_create_before_destroy = true
}
employees_browser_rendering = {
aws_employees_browser_rendering = {
name = "Employees AWS Database Policy"
include_groups = ["infrastructure_admin"]
require_posture = true
@@ -154,7 +154,7 @@ locals {
purpose_justification_prompt = "Access justification required: Please provide your business reason for accessing this production system."
require_login_method = true
}
contractors_browser_rendering = {
aws_contractors_browser_rendering = {
name = "Contractors AWS Database Policy"
include_groups = ["contractors"]
require_posture = true
@@ -163,12 +163,36 @@ locals {
purpose_justification = true
purpose_justification_prompt = "Access justification required: Please provide your business reason for accessing this production system."
}
gcp_employees_browser_rendering = {
name = "Employees GCP Database Policy"
include_groups = ["infrastructure_admin"]
require_posture = true
require_mfa = false
purpose_justification = true
purpose_justification_prompt = "Access justification required: Please provide your business reason for accessing this production system."
require_login_method = true
}
gcp_contractors_browser_rendering = {
name = "Contractors GCP Database Policy"
include_groups = ["contractors"]
require_posture = true
require_mfa = false
require_country = true
purpose_justification = true
purpose_justification_prompt = "Access justification required: Please provide your business reason for accessing this production system."
}
aws = {
name = "AWS Cloud Policy"
include_groups = ["sales_engineering"]
require_posture = true
require_mfa = true
}
gcp = {
name = "GCP Cloud Policy"
include_groups = ["sales_engineering"]
require_posture = true
require_mfa = true
}
okta = {
name = "Okta Cloud Policy"
include_groups = ["it_admin"]