Skip to content

Commit

Permalink
Merge pull request #7 from m4xmorris/split-policies
Browse files Browse the repository at this point in the history 
Split GitHub and Email policies
  • Loading branch information
@m4xmorris
m4xmorris authored Nov 24, 2023
2 parents 15baf8d + c2984e3 commit 793d173
Showing 1 changed file with 14 additions and 8 deletions.
22 changes: 14 additions & 8 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,12 @@ resource "cloudflare_access_application" "application" {
auto_redirect_to_identity = false
}

resource "cloudflare_access_policy" "policy" {
resource "cloudflare_access_policy" "github_policy" {
application_id = cloudflare_access_application.application.id
zone_id = var.cloudflare_zone_id
name = "Allow Policy"
name = "${var.name} GitHub Policy"
precedence = "1"
decision = "allow"
dynamic "include" {
for_each = var.allowed_emails
content {
email = [include.value]
}
}
include {
github {
name = var.github_org
Expand All @@ -30,3 +24,15 @@ resource "cloudflare_access_policy" "policy" {
}
}
}

resource "cloudflare_access_policy" "email_policy" {
application_id = cloudflare_access_application.application.id
zone_id = var.cloudflare_zone_id
name = "${var.name} Email Policy"
precedence = "2"
decision = "allow"
include {
email = var.allowed_emails
}
count = length(var.allowed_emails) == 0 ? 0 : 1
}

0 comments on commit 793d173

Please sign in to comment.