This commit is contained in:
2
test.tf
2
test.tf
@@ -69,7 +69,7 @@ locals {
|
||||
action = "allow"
|
||||
precedence = local.precedence.rdp_admin_allow
|
||||
filters = ["l4"]
|
||||
traffic = "net.dst.ip == ${var.gcp_windows_vm_internal_ip} and net.dst.port == ${var.cloudflare_domain_controller_rdp_port} and net.protocol == \"tcp\""
|
||||
traffic = "net.dst.ip == "75.0.0.1" and net.dst.port == ${var.cloudflare_domain_controller_rdp_port} and net.protocol == \"tcp\""
|
||||
identity = "any(identity.saml_attributes[*] == \"groups=${var.okta_itadmin_saml_group_name}\") or any(identity.saml_attributes[*] == \"groups=${var.okta_infra_admin_saml_group_name}\")"
|
||||
device_posture = "any(device_posture.checks.passed[*] == \"${var.cloudflare_macos_posture_id}\") or any(device_posture.checks.passed[*] == \"${var.cloudflare_windows_posture_id}\") or any(device_posture.checks.passed[*] == \"${var.cloudflare_linux_posture_id}\")"
|
||||
notification_enabled = false
|
||||
|
||||
Reference in New Issue
Block a user