diff --git a/Access_Controls-Applications-Infrastructure.tf b/Access_Controls-Applications-Infrastructure.tf index 2fa6b72..4380da6 100644 --- a/Access_Controls-Applications-Infrastructure.tf +++ b/Access_Controls-Applications-Infrastructure.tf @@ -19,11 +19,11 @@ resource "cloudflare_zero_trust_access_infrastructure_target" "gcp_ssh_target" { } # Creating the infrastructure Application -resource "cloudflare_zero_trust_access_application" "cloudflare_app_ssh_infra" { +resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_ssh_infra" { account_id = local.cloudflare_account_id type = "infrastructure" - name = var.cloudflare_infra_app_name + name = var.cloudflare_aws_infra_app_name logo_url = "https://upload.wikimedia.org/wikipedia/commons/0/01/Google-cloud-platform.svg" tags = [cloudflare_zero_trust_access_tag.tags["engineers"].name] custom_deny_url = "https://denied.tips-of-mine.org/" @@ -42,7 +42,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_app_ssh_infra" { decision = "allow" allowed_idps = [ - cloudflare_zero_trust_access_identity_provider.authentik_oidc.id, + cloudflare_zero_trust_access_identity_provider.authentik_oidc.id, ] auto_redirect_to_identity = true allow_authenticate_via_warp = false diff --git a/Access_Controls-Applications-rdp.tf b/Access_Controls-Applications-rdp.tf index 193cc1e..d2122fd 100644 --- a/Access_Controls-Applications-rdp.tf +++ b/Access_Controls-Applications-rdp.tf @@ -19,11 +19,11 @@ resource "cloudflare_zero_trust_access_infrastructure_target" "gcp_rdp_target" { } # Domain Controller Browser-Rendered RDP Application -resource "cloudflare_zero_trust_access_application" "cloudflare_app_rdp_domain" { +resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_rdp_domain" { account_id = local.cloudflare_account_id type = "rdp" - name = var.cloudflare_browser_rdp_app_name + name = var.cloudflare_aws_browser_rdp_app_name app_launcher_visible = true logo_url = "https://www.kevinsubileau.fr/wp-content/uploads/2016/05/RDP_icon.png" tags = [cloudflare_zero_trust_access_tag.tags["engineers"].name] diff --git a/Access_Controls-Applications-ssh.tf b/Access_Controls-Applications-ssh.tf index 9a00f78..98424ae 100644 --- a/Access_Controls-Applications-ssh.tf +++ b/Access_Controls-Applications-ssh.tf @@ -7,11 +7,11 @@ #====================================================== # Creating the Self-hosted Application for Browser rendering SSH -resource "cloudflare_zero_trust_access_application" "cloudflare_app_ssh_browser" { +resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_ssh_browser" { account_id = local.cloudflare_account_id type = "ssh" - name = var.cloudflare_browser_ssh_app_name + name = var.cloudflare_aws_browser_ssh_app_name app_launcher_visible = true logo_url = "https://cdn.iconscout.com/icon/free/png-256/free-database-icon-download-in-svg-png-gif-file-formats--ui-elements-pack-user-interface-icons-444649.png" tags = [cloudflare_zero_trust_access_tag.tags["engineers"].name] diff --git a/Access_Controls-Applications-vnc.tf b/Access_Controls-Applications-vnc.tf index d1d8745..befac4c 100644 --- a/Access_Controls-Applications-vnc.tf +++ b/Access_Controls-Applications-vnc.tf @@ -7,11 +7,11 @@ #====================================================== # Creating the Self-hosted Application for Browser rendering VNC -resource "cloudflare_zero_trust_access_application" "cloudflare_app_vnc_browser" { +resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_vnc_browser" { account_id = local.cloudflare_account_id type = "vnc" - name = var.cloudflare_browser_vnc_app_name + name = var.cloudflare_aws_browser_vnc_app_name app_launcher_visible = true logo_url = "https://blog.zwindler.fr/2015/07/vnc.png" tags = [cloudflare_zero_trust_access_tag.tags["engineers"].name] diff --git a/variables.auto.tfvars b/variables.auto.tfvars index 4f78904..d87d290 100644 --- a/variables.auto.tfvars +++ b/variables.auto.tfvars @@ -107,14 +107,20 @@ cloudflare_subdomain_training_status = "training-status.tips-of-mine.org" cloudflare_target_ssh_name = "GCP-database" cloudflare_target_rdp_name = "Domain-Controller" -# Applications -cloudflare_infra_app_name = "GCP Infrastructure SSH database" -cloudflare_browser_ssh_app_name = "AWS Browser SSH database" -cloudflare_browser_vnc_app_name = "AWS Browser VNC database" -cloudflare_browser_rdp_app_name = "GCP Browser RDP windows" +# Applications AWS +cloudflare_aws_browser_ssh_app_name = "AWS : Browser SSH database" +cloudflare_aws_browser_vnc_app_name = "AWS : Browser VNC database" +cloudflare_aws_infra_app_name = "AWS : Infrastructure SSH database" +cloudflare_aws_browser_rdp_app_name = "AWS : Browser RDP windows" cloudflare_sensitive_web_app_name = "Competition App" cloudflare_intranet_web_app_name = "Intranet" +# Applications GCP +cloudflare_gcp_browser_ssh_app_name = "GCP : Browser SSH database" +cloudflare_gcp_browser_vnc_app_name = "GCP : Browser VNC database" +cloudflare_gcp_infra_app_name = "GCP : Infrastructure SSH database" +cloudflare_gcp_browser_rdp_app_name = "GCP : Browser RDP windows" + # Application Ports cloudflare_competition_app_port = 8080 cloudflare_intranet_app_port = 8181 diff --git a/variables.tf b/variables.tf index 8dc42fd..163e2d8 100644 --- a/variables.tf +++ b/variables.tf @@ -516,21 +516,6 @@ variable "cloudflare_target_rdp_name" { # CLOUDFLARE ACCESS APPLICATION CONFIGURATION #====================================================== -variable "cloudflare_browser_ssh_app_name" { - description = "Name of the Browser Rendering SSH App in Cloudflare" - type = string -} - -variable "cloudflare_browser_vnc_app_name" { - description = "Name of the Browser Rendering VNC App in Cloudflare" - type = string -} - -variable "cloudflare_infra_app_name" { - description = "Name of the Infrastructure App in Cloudflare" - type = string -} - variable "cloudflare_sensitive_web_app_name" { description = "Name of the Sensitive web App in Cloudflare" type = string @@ -541,7 +526,50 @@ variable "cloudflare_intranet_web_app_name" { type = string } -variable "cloudflare_browser_rdp_app_name" { +#====================================================== +# CLOUDFLARE ACCESS APPLICATION CONFIGURATION AWS +#====================================================== + +variable "cloudflare_aws_browser_ssh_app_name" { + description = "Name of the Browser Rendering SSH App in Cloudflare" + type = string +} + +variable "cloudflare_aws_browser_vnc_app_name" { + description = "Name of the Browser Rendering VNC App in Cloudflare" + type = string +} + +variable "cloudflare_aws_infra_app_name" { + description = "Name of the Infrastructure App in Cloudflare" + type = string +} + +variable "cloudflare_aws_browser_rdp_app_name" { description = "Name of the RDP windows browser rendered App in Cloudflare" type = string } + +#====================================================== +# CLOUDFLARE ACCESS APPLICATION CONFIGURATION GCP +#====================================================== + +variable "cloudflare_gcp_browser_ssh_app_name" { + description = "Name of the Browser Rendering SSH App in Cloudflare" + type = string +} + +variable "cloudflare_gcp_browser_vnc_app_name" { + description = "Name of the Browser Rendering VNC App in Cloudflare" + type = string +} + +variable "cloudflare_gcp_infra_app_name" { + description = "Name of the Infrastructure App in Cloudflare" + type = string +} + +variable "cloudflare_gcp_browser_rdp_app_name" { + description = "Name of the RDP windows browser rendered App in Cloudflare" + type = string +} \ No newline at end of file