37a867c485
- Complete Cloudflare Terraform configuration (DNS, WAF, tunnels, access) - WAF Intelligence MCP server with threat analysis and ML classification - GitOps automation with PR workflows and drift detection - Observatory monitoring stack with Prometheus/Grafana - IDE operator rules for governed development - Security playbooks and compliance frameworks - Autonomous remediation and state reconciliation
67 lines
1.5 KiB
HCL
67 lines
1.5 KiB
HCL
variable "cloudflare_api_token" {
|
|
description = "Cloudflare API token with Zone:Edit, DNS:Edit, Access:Edit permissions"
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "cloudflare_account_name" {
|
|
description = "Cloudflare account name"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "cloudflare_account_id" {
|
|
description = "Cloudflare account ID (used if account name lookup fails)"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "domains" {
|
|
description = "Map of domains to manage"
|
|
type = map(object({
|
|
plan = string
|
|
jump_start = bool
|
|
}))
|
|
default = {
|
|
"offsec.global" = {
|
|
plan = "free"
|
|
jump_start = false
|
|
}
|
|
"offsecglobal.com" = {
|
|
plan = "free"
|
|
jump_start = false
|
|
}
|
|
"offsecagent.com" = {
|
|
plan = "free"
|
|
jump_start = false
|
|
}
|
|
"offsecshield.com" = {
|
|
plan = "free"
|
|
jump_start = false
|
|
}
|
|
"vaultmesh.org" = {
|
|
plan = "free"
|
|
jump_start = false
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "origin_ip" {
|
|
description = "Origin server IP (should be tunnel, but fallback)"
|
|
type = string
|
|
default = "192.0.2.1" # Placeholder - use tunnel instead
|
|
}
|
|
|
|
variable "trusted_admin_ips" {
|
|
description = "List of trusted admin IP addresses"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "blocked_countries" {
|
|
description = "Countries to challenge/block"
|
|
type = list(string)
|
|
default = ["CN", "RU", "KP", "IR"]
|
|
}
|