Update variables.auto.tfvars

variables.auto.tfvars

@@ -73,3 +73,98 @@ cloudflare_access_tags = [
   "qa",
   "devops"
 ]
+
+#=====================================
+# Cloudflare variables
+#=====================================
+cf_team_name    = "macharpe"
+cf_email_domain = "passfwd.com"
+
+# Tunnels
+cf_tunnel_name_gcp         = "Tunnel GCP (Access For Infrastructure)"
+cf_tunnel_name_aws         = "Tunnel AWS (SSH Browser Rendered)"
+cf_windows_rdp_tunnel_name = "Tunnel GCP (Windows RDP)"
+
+# WARP Connector Tunnels - Sensitive: manually retrieved from Cloudflare dashboard
+cf_warp_tunnel_azure_id = "185f0bc0-986d-********"
+cf_warp_tunnel_gcp_id   = "ad04a3ed-a1a1-********"
+
+# Subdomains
+cf_subdomain_ssh            = "ssh-database.example.com"
+cf_subdomain_vnc            = "vnc.example.com"
+cf_subdomain_web            = "intranet.example.com"
+cf_subdomain_rdp            = "rdp.example.com"
+cf_subdomain_web_sensitive  = "competition.example.com"
+cf_subdomain_training_status = "training-status.example.com"  # OPTIONAL: Only needed if using optional-cloudflare-apps.tf and Training Compliance Gateway
+
+# Targets
+cf_target_ssh_name = "GCP-database"
+cf_target_rdp_name = "Domain-Controller"
+
+# Applications
+cf_infra_app_name         = "GCP Infrastructure SSH database"
+cf_browser_ssh_app_name   = "AWS Browser SSH database"
+cf_browser_vnc_app_name   = "AWS Browser VNC database"
+cf_browser_rdp_app_name   = "GCP Browser RDP windows"
+cf_sensitive_web_app_name = "Competition App"
+cf_intranet_web_app_name  = "Intranet"
+
+# Application Ports
+cf_competition_app_port = 8080
+cf_intranet_app_port    = 8181
+cf_domain_controller_rdp_port = 3389
+
+# Identity Providers - Sensitive: manually retrieved from Cloudflare dashboard
+cf_okta_identity_provider_id  = "8fd4786e-97d7-4257-********"
+cf_otp_identity_provider_id   = "a6dfbf35-0e20-4244-********"
+cf_azure_identity_provider_id = "8c593fe8-aee3-4075-********"
+cf_azure_admin_rule_group_id  = "5f253130-a400-4215-********"
+
+# Device Posture - Sensitive: manually retrieved from Cloudflare dashboard
+cf_gateway_posture_id = "4d8d7499-38c3-4bf0-********"
+cf_macos_posture_id   = "6d64ff80-1308-4462-********"
+cf_ios_posture_id     = "56454654-1245-8564-********"
+cf_windows_posture_id = "67b05735-3b9b-4bcc-********"
+cf_linux_posture_id   = "ed5639c7-3305-4a91-********"
+cf_device_os                   = "mac"                              # Options: "linux", "windows", "mac"
+
+# WARP CGNAT Routes
+cf_custom_cgnat_routes = [
+  {
+    address     = "100.64.0.0/11"
+    description = "WARP Connector CGNAT 1"
+  },
+  {
+    address     = "100.112.0.0/12"
+    description = "WARP Connector CGNAT 2"
+  }
+]
+
+cf_default_cgnat_routes = [{
+  address     = "100.64.0.0/10"
+  description = "Default CGNAT Range"
+}]
+
+cf_warp_cgnat_cidr = "100.96.0.0/12"
+
+
+#=====================================
+# Okta
+#=====================================
+
+# SAML Group IDs - Unused variables removed
+
+# SAML Group names
+okta_sales_eng_saml_group_name   = "SalesEngineering"
+okta_itadmin_saml_group_name     = "ITAdmin"
+okta_sales_saml_group_name       = "Sales"
+okta_contractors_saml_group_name = "Contractors"
+okta_infra_admin_saml_group_name = "InfrastructureAdmin"
+
+# User IDs - Unused variables removed
+
+# User logins
+okta_bob_user_login      = "********3@passfwd.com"
+okta_matthieu_user_login = "********"
+
+okta_bob_user_linux_password = "bob"