vm-cloudflare/terraform/outputs.tf

# Outputs

output "zone_ids" {
  description = "Map of domain names to zone IDs"
  value = {
    for domain, zone in cloudflare_zone.domains : domain => zone.id
  }
}

output "zone_name_servers" {
  description = "Name servers for each zone"
  value = {
    for domain, zone in cloudflare_zone.domains : domain => zone.name_servers
  }
}

output "tunnel_ids" {
  description = "Tunnel IDs"
  value = {
    vaultmesh = cloudflare_tunnel.vaultmesh.id
    offsec    = cloudflare_tunnel.offsec.id
  }
}

output "tunnel_cnames" {
  description = "Tunnel CNAME targets"
  value = {
    vaultmesh = "${cloudflare_tunnel.vaultmesh.id}.cfargotunnel.com"
    offsec    = "${cloudflare_tunnel.offsec.id}.cfargotunnel.com"
  }
}

output "access_application_ids" {
  description = "Access Application IDs"
  value = {
    vaultmesh_dash     = cloudflare_access_application.vaultmesh_dash.id
    vaultmesh_guardian = cloudflare_access_application.vaultmesh_guardian.id
    offsec_internal    = cloudflare_access_application.offsec_internal.id
  }
}

output "service_token_client_ids" {
  description = "Service token client IDs (secrets are sensitive)"
  value = {
    vaultmesh_api = cloudflare_access_service_token.vaultmesh_api.client_id
    offsec_api    = cloudflare_access_service_token.offsec_api.client_id
  }
}

output "service_token_secrets" {
  description = "Service token secrets"
  value = {
    vaultmesh_api = cloudflare_access_service_token.vaultmesh_api.client_secret
    offsec_api    = cloudflare_access_service_token.offsec_api.client_secret
  }
  sensitive = true
}