Tips-Of-Mine/terraform-cloudflare-tunnel-zone-org
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Update access_groups.tf
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 15s
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-11-18 16:35:38 +01:00
parent 978650f242
commit a0b31a5491
1 changed files with 194 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
access_groups.tf
View File

@@ -58,6 +58,48 @@ locals {
(contains(local.afrique_countries, code) ? null : code) (contains(local.afrique_countries, code) ? null : code)
]) ])
# On retire les pays "america_north"
blocked_countries_except_america_north= compact([
for code in local.all_countries :
(contains(local.america_north_countries, code) ? null : code)
])
# On retire les pays "america_central"
blocked_countries_except_america_central= compact([
for code in local.all_countries :
(contains(local.america_central_countries, code) ? null : code)
])
# On retire les pays "america_south"
blocked_countries_except_america_south= compact([
for code in local.all_countries :
(contains(local.america_south_countries, code) ? null : code)
])
# On retire les pays "asie"
blocked_countries_except_asie= compact([
for code in local.all_countries :
(contains(local.asie_countries, code) ? null : code)
])
# On retire les pays "oceanie"
blocked_countries_except_oceanie= compact([
for code in local.all_countries :
(contains(local.oceaniee_countries, code) ? null : code)
])
# On retire les pays "antarctique"
blocked_countries_except_antarctique= compact([
for code in local.all_countries :
(contains(local.antarctique_countries, code) ? null : code)
])
# On retire les pays "other"
blocked_countries_except_other= compact([
for code in local.all_countries :
(contains(local.other_countries, code) ? null : code)
])
# OS posture checks # OS posture checks
os_posture_checks = [ os_posture_checks = [
var.cloudflare_linux_posture_id, var.cloudflare_linux_posture_id,
@@ -84,7 +126,7 @@ resource "cloudflare_zero_trust_access_group" "saml_groups" {
# Geographic Rule Groups # Geographic Rule Groups
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group" { resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id
name = "GL_Localisation_Country Requirements" name = "GRP_Localisation_Country Requirements"
include = [ include = [
for country in local.allowed_countries : { for country in local.allowed_countries : {
@@ -106,7 +148,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group"
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_main" { resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_main" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id
name = "GL_Localisation Country Requirements : Main" name = "GRP_Localisation Country Requirements : Main"
include = [ include = [
for country in local.main_countries : { for country in local.main_countries : {
geo = { geo = {
@@ -127,7 +169,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_m
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_europe" { resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_europe" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id
name = "GL_Localisation Country Requirements : Europe" name = "GRP_Localisation Country Requirements : Europe"
include = [ include = [
for country in local.europe_countries : { for country in local.europe_countries : {
geo = { geo = {
@@ -148,7 +190,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_e
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_afrique" { resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_afrique" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id
name = "GL_Localisation Country Requirements : Afrique" name = "GRP_Localisation Country Requirements : Afrique"
include = [ include = [
for country in local.afrique_countries : { for country in local.afrique_countries : {
geo = { geo = {
@@ -165,6 +207,154 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_a
] ]
} }
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_north" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : America North"
include = [
for country in local.america_north_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_america_north : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_central" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : America Central"
include = [
for country in local.america_central_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_america_central : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_south" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : America South"
include = [
for country in local.america_south_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_america_south : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_asie" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : asie"
include = [
for country in local.asie_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_asie : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_oceanie" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : oceanie"
include = [
for country in local.oceanie_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_oceanie : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_antarctique" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : antarctique"
include = [
for country in local.antarctique_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_antarctique : {
geo = {
country_code = country
}
}
]
}
#
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_other" {
account_id = local.cloudflare_account_id
name = "GRP_Localisation Country Requirements : other"
include = [
for country in local.other_countries : {
geo = {
country_code = country
}
}
]
exclude = [
for country in local.blocked_countries_except_other : {
geo = {
country_code = country
}
}
]
}
# Device Posture Rule Groups # Device Posture Rule Groups
resource "cloudflare_zero_trust_access_group" "latest_os_version_requirements_rule_group" { resource "cloudflare_zero_trust_access_group" "latest_os_version_requirements_rule_group" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id