From 978650f242366caf2ada0cdf7a39b28ed5164221 Mon Sep 17 00:00:00 2001
From: Hubert Cornet <hcornet@noreply@tips-of-mine.fr>
Date: Tue, 18 Nov 2025 16:18:24 +0100
Subject: [PATCH] Update access_groups.tf

---
 access_groups.tf | 56 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 55 insertions(+), 1 deletion(-)

diff --git a/access_groups.tf b/access_groups.tf
index 255cfa5..459eda8 100644
--- a/access_groups.tf
+++ b/access_groups.tf
@@ -17,7 +17,7 @@ locals {
   blocked_countries = ["CN", "RU", "AF", "BY", "CD", "CU", "IR", "IQ", "KP", "MM", "SD", "SY", "UA", "ZW"]
 
   main_countries            = ["FR"]
-  europe_countries          = ["AL","AD","AT","AX","BA","BE","BG","BY","CH","CY","CZ","DE","DK","EE","ES","FI","FO","GB","GG","GI","GR","HR","HU","IE","IM","IS","IT","JE","LI","LT","LU","LV","MC","MD","ME","MK","MT","NL","NO","PL","PT","RO","RS","SE","SI","SK","SM","UA","VA"]
+  europe_countries          = ["AL","AD","AT","AX","BA","BE","BG","BY","CH","CY","CZ","DE","DK","EE","ES","FI","FR","FO","GB","GG","GI","GR","HR","HU","IE","IM","IS","IT","JE","LI","LT","LU","LV","MC","MD","ME","MK","MT","NL","NO","PL","PT","RO","RS","SE","SI","SK","SM","UA","VA"]
   afrique_countries         = ["AO","BF","BI","BJ","BW","CD","CF","CG","CI","CM","CV","DJ","DZ","EG","EH","ER","ET","GA","GH","GM","GN","GQ","GW","KE","KM","LR","LS","LY","MA","MG","ML","MR","MU","MW","MZ","NA","NE","NG","RE","RW","SC","SD","SH","SL","SN","SO","SS","ST","SZ","TD","TF","TG","TN","TZ","UG","YT","ZA","ZM","ZW"]
   america_north_countries   = ["CA","US","MX","BM","PM","GL","UM"]
   america_central_countries = ["AG","AI","AW","BB","BZ","CR","CU","DM","DO","GD","GP","GT","HN","HT","JM","KN","KY","LC","MF","MQ","MS","NI","PA","PR","SV","SX","TC","TT","VC","VG","VI"]
@@ -46,6 +46,18 @@ locals {
     (contains(local.main_countries, code) ? null : code)
   ])
 
+  # On retire les pays "europe"
+  blocked_countries_except_europe = compact([
+    for code in local.all_countries :
+    (contains(local.europe_countries, code) ? null : code)
+  ])
+
+  # On retire les pays "afrique"
+  blocked_countries_except_afrique= compact([
+    for code in local.all_countries :
+    (contains(local.afrique_countries, code) ? null : code)
+  ])
+
   # OS posture checks
   os_posture_checks = [
     var.cloudflare_linux_posture_id,
@@ -111,6 +123,48 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_m
   ]
 }
 
+#
+resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_europe" {
+  account_id = local.cloudflare_account_id
+
+  name       = "GL_Localisation Country Requirements : Europe"
+  include = [
+    for country in local.europe_countries : {
+      geo = {
+        country_code = country
+      }
+    }
+  ]
+  exclude = [
+    for country in local.blocked_countries_except_europe : {
+      geo = {
+        country_code = country
+      }
+    }
+  ]
+}
+
+#
+resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_afrique" {
+  account_id = local.cloudflare_account_id
+
+  name       = "GL_Localisation Country Requirements : Afrique"
+  include = [
+    for country in local.afrique_countries : {
+      geo = {
+        country_code = country
+      }
+    }
+  ]
+  exclude = [
+    for country in local.blocked_countries_except_afrique : {
+      geo = {
+        country_code = country
+      }
+    }
+  ]
+}
+
 # Device Posture Rule Groups
 resource "cloudflare_zero_trust_access_group" "latest_os_version_requirements_rule_group" {
   account_id = local.cloudflare_account_id