Tips-Of-Mine/terraform-cloudflare-tunnel-zone-org
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Update Traffic_Policies-Firewall_Policies-HTTP.tf
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 1m15s
Details
Update Domain List / auto-update (push) Successful in 6s
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-11-19 14:57:50 +01:00
parent e5b0954a01
commit ae3f14fc09
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Traffic_Policies-Firewall_Policies-HTTP.tf
View File

@@ -43,7 +43,7 @@ locals {
description = "Redirect any unreviewed AI application to claude.ai instead" description = "Redirect any unreviewed AI application to claude.ai instead"
enabled = true enabled = true
action = "redirect" action = "redirect"
precedence = local.precedence.ai_tools_redirect precedence = local.precedence_http.ai_tools_redirect
filters = ["http"] filters = ["http"]
traffic = "any(app.type.ids[*] in {25}) and any(app.statuses[*] == \"unreviewed\")" traffic = "any(app.type.ids[*] in {25}) and any(app.statuses[*] == \"unreviewed\")"
redirect_url = "https://claude.ai" redirect_url = "https://claude.ai"
@@ -56,7 +56,7 @@ locals {
description = "Block Downloading PDF Files for Sales Engineering group" description = "Block Downloading PDF Files for Sales Engineering group"
enabled = false enabled = false
action = "block" action = "block"
precedence = local.precedence.pdf_block precedence = local.precedence_http.pdf_block
filters = ["http"] filters = ["http"]
traffic = "any(http.download.file.types[*] in {\"pdf\"})" traffic = "any(http.download.file.types[*] in {\"pdf\"})"
identity = "any(identity.saml_attributes[*] == \"groups=${var.okta_sales_eng_saml_group_name}\")" identity = "any(identity.saml_attributes[*] == \"groups=${var.okta_sales_eng_saml_group_name}\")"
@@ -69,7 +69,7 @@ locals {
description = "Block Gambling website according to corporate policies (HTTP)." description = "Block Gambling website according to corporate policies (HTTP)."
enabled = true enabled = true
action = "block" action = "block"
precedence = local.precedence.gambling_block precedence = local.precedence_http.gambling_block
filters = ["http"] filters = ["http"]
traffic = "any(http.request.uri.content_category[*] in {99})" traffic = "any(http.request.uri.content_category[*] in {99})"
identity = "not(any(identity.saml_attributes[*] == \"groups=${var.okta_contractors_saml_group_name}\")) or not(identity.email == \"${var.okta_bob_user_login}\")" identity = "not(any(identity.saml_attributes[*] == \"groups=${var.okta_contractors_saml_group_name}\")) or not(identity.email == \"${var.okta_bob_user_login}\")"
@@ -82,7 +82,7 @@ locals {
description = "Log ChatGPT requests" description = "Log ChatGPT requests"
enabled = true enabled = true
action = "allow" action = "allow"
precedence = local.precedence.chatgpt_allow_log precedence = local.precedence_http.chatgpt_allow_log
filters = ["http"] filters = ["http"]
traffic = "any(app.ids[*] == 1199) and any(app_control.controls[*] in {1652})" traffic = "any(app.ids[*] == 1199) and any(app_control.controls[*] in {1652})"
notification_enabled = false notification_enabled = false