Update access_groups.tf
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 15s
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 15s
This commit is contained in:
198
access_groups.tf
198
access_groups.tf
@@ -58,6 +58,48 @@ locals {
|
||||
(contains(local.afrique_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "america_north"
|
||||
blocked_countries_except_america_north= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.america_north_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "america_central"
|
||||
blocked_countries_except_america_central= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.america_central_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "america_south"
|
||||
blocked_countries_except_america_south= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.america_south_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "asie"
|
||||
blocked_countries_except_asie= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.asie_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "oceanie"
|
||||
blocked_countries_except_oceanie= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.oceaniee_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "antarctique"
|
||||
blocked_countries_except_antarctique= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.antarctique_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# On retire les pays "other"
|
||||
blocked_countries_except_other= compact([
|
||||
for code in local.all_countries :
|
||||
(contains(local.other_countries, code) ? null : code)
|
||||
])
|
||||
|
||||
# OS posture checks
|
||||
os_posture_checks = [
|
||||
var.cloudflare_linux_posture_id,
|
||||
@@ -84,7 +126,7 @@ resource "cloudflare_zero_trust_access_group" "saml_groups" {
|
||||
# Geographic Rule Groups
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group" {
|
||||
account_id = local.cloudflare_account_id
|
||||
name = "GL_Localisation_Country Requirements"
|
||||
name = "GRP_Localisation_Country Requirements"
|
||||
|
||||
include = [
|
||||
for country in local.allowed_countries : {
|
||||
@@ -106,7 +148,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group"
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_main" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GL_Localisation Country Requirements : Main"
|
||||
name = "GRP_Localisation Country Requirements : Main"
|
||||
include = [
|
||||
for country in local.main_countries : {
|
||||
geo = {
|
||||
@@ -127,7 +169,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_m
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_europe" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GL_Localisation Country Requirements : Europe"
|
||||
name = "GRP_Localisation Country Requirements : Europe"
|
||||
include = [
|
||||
for country in local.europe_countries : {
|
||||
geo = {
|
||||
@@ -148,7 +190,7 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_e
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_afrique" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GL_Localisation Country Requirements : Afrique"
|
||||
name = "GRP_Localisation Country Requirements : Afrique"
|
||||
include = [
|
||||
for country in local.afrique_countries : {
|
||||
geo = {
|
||||
@@ -165,6 +207,154 @@ resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_a
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_north" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : America North"
|
||||
include = [
|
||||
for country in local.america_north_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_america_north : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_central" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : America Central"
|
||||
include = [
|
||||
for country in local.america_central_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_america_central : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_america_south" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : America South"
|
||||
include = [
|
||||
for country in local.america_south_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_america_south : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_asie" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : asie"
|
||||
include = [
|
||||
for country in local.asie_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_asie : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_oceanie" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : oceanie"
|
||||
include = [
|
||||
for country in local.oceanie_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_oceanie : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_antarctique" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : antarctique"
|
||||
include = [
|
||||
for country in local.antarctique_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_antarctique : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
#
|
||||
resource "cloudflare_zero_trust_access_group" "country_requirements_rule_group_other" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
name = "GRP_Localisation Country Requirements : other"
|
||||
include = [
|
||||
for country in local.other_countries : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
exclude = [
|
||||
for country in local.blocked_countries_except_other : {
|
||||
geo = {
|
||||
country_code = country
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
# Device Posture Rule Groups
|
||||
resource "cloudflare_zero_trust_access_group" "latest_os_version_requirements_rule_group" {
|
||||
account_id = local.cloudflare_account_id
|
||||
|
||||
Reference in New Issue
Block a user