zero_trsut

ThomasCardin · Nov 21, 2024 · b2b7239 · b2b7239
1 parent 7073670
commit b2b7239
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/terraform/modules/zero_trust_application/main.tf b/terraform/modules/zero_trust_application/main.tf
@@ -1,8 +1,6 @@
-resource "cloudflare_access_policy" "policy" {
-  for_each = { for idx, name in var.names : idx => name }
-
+resource "cloudflare_access_policy" "github-app-policy" {
   zone_id  = var.cloudflare_zone_id
-  name     = "${each.value}-github-auth"
+  name     = "github-auth"
   decision = "allow"
 
   include {
@@ -11,9 +9,12 @@ resource "cloudflare_access_policy" "policy" {
 }
 
 resource "cloudflare_zero_trust_access_application" "app" {
-  for_each = { for idx, name in var.names : idx => name }
+  depends_on = [cloudflare_access_policy.github-app-policy]
+  for_each   = { for idx, name in var.names : idx => name }
+
+  account_id = var.cloudflare_api_key
+  zone_id    = var.cloudflare_zone_id
 
-  zone_id                    = var.cloudflare_zone_id
   name                       = each.value
   domain                     = "${each.value}.ninebasetwo.net"
   type                       = "self_hosted"

diff --git a/terraform/modules/zero_trust_application/variables.tf b/terraform/modules/zero_trust_application/variables.tf
@@ -6,4 +6,9 @@ variable "names" {
 variable "cloudflare_zone_id" {
   description = "The zone ID for Cloudflare"
   type        = string
+}
+
+variable "cloudflare_api_key" {
+  description = "The API key for Cloudflare"
+  type        = string
 }