Skip to content

Commit

Permalink
[TERRAFORM] Add aws-ec2-zero-trust (#202)
Browse files Browse the repository at this point in the history
  • Loading branch information
@marco-lancini
marco-lancini authored Oct 31, 2024
1 parent 7953b15 commit a73ebb6
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 13 deletions.
22 changes: 11 additions & 11 deletions terraform/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ This folder contains the relevant sources needed by a few custom Terraform modul

## Modules

| Module | Description |
| --------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [aws-ec2-zero-trust](aws-ec2-zero-trust/) | Automates the setup needed to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance, as described in [Building a Self-Hosted App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-selfhosted-apprunner-ec2-cloudflare-zero-trust-access/) |
| [aws-ecs-zero-trust](aws-ecs-zero-trust/) | Automates the setup needed to use CloudFlare Tunnel to securely access a Flask webapp running in a private subnet in ECS on Fargate, as described in [Zero Trust Access to Private Webapps on AWS ECS with Cloudflare Tunnel](http://blog.marcolancini.it/2023/blog-cloudflare-tunnel-zero-trust-ecs/) |
| [aws-gdrive-backups](aws-gdrive-backups/) | Automates the setup of an ECS Task needed to backup a GDrive folder, as described in [Automated GDrive Backups with ECS and S3](https://www.marcolancini.it/2021/blog-gdrive-backups-with-ecs/) |
| [aws-github-backups](aws-github-backups/) | Automates the setup of an ECS Task needed to backup a Github account, as described in [Automated Github Backups with ECS and S3](https://www.marcolancini.it/2021/blog-github-backups-with-ecs/) |
| [aws-oidc-ci](aws-oidc-ci/) | Automates the setup of OIDC federation between AWS and Github Actions/Gitlab CI |
| [aws-security-reviewer](aws-security-reviewer/) | Setup roles and users needed to perform a security audit of AWS accounts, as described in [Cross Account Auditing in AWS and GCP](https://www.marcolancini.it/2019/blog-cross-account-auditing/) |
| [cloudflare-gateway-adblocking](cloudflare-gateway-adblocking/) | Mimic the Pi-hole's behaviour using only serverless technologies (Cloudflare Gateway, to be precise), as described in [Serverless Ad Blocking with Cloudflare Gateway](https://blog.marcolancini.it/2022/blog-serverless-ad-blocking-with-cloudflare-gateway/) |
| [cloudflare-pages](cloudflare-pages/) | Creates a Cloudflare Pages application with Zero Trust Authentication, where only the `allowed_emails` are allowed to access the application |
| [digitalocean-algovpn](digitalocean-algovpn/) | DigitalOcean droplet hosting an Algo VPN server |
| Module | Description |
| --------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [aws-ec2-zero-trust](aws-ec2-zero-trust/) | Automates the setup needed to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance, as described in [Building an App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-apprunner-ec2-cloudflare-zero-trust-access/) |
| [aws-ecs-zero-trust](aws-ecs-zero-trust/) | Automates the setup needed to use CloudFlare Tunnel to securely access a Flask webapp running in a private subnet in ECS on Fargate, as described in [Zero Trust Access to Private Webapps on AWS ECS with Cloudflare Tunnel](http://blog.marcolancini.it/2023/blog-cloudflare-tunnel-zero-trust-ecs/) |
| [aws-gdrive-backups](aws-gdrive-backups/) | Automates the setup of an ECS Task needed to backup a GDrive folder, as described in [Automated GDrive Backups with ECS and S3](https://www.marcolancini.it/2021/blog-gdrive-backups-with-ecs/) |
| [aws-github-backups](aws-github-backups/) | Automates the setup of an ECS Task needed to backup a Github account, as described in [Automated Github Backups with ECS and S3](https://www.marcolancini.it/2021/blog-github-backups-with-ecs/) |
| [aws-oidc-ci](aws-oidc-ci/) | Automates the setup of OIDC federation between AWS and Github Actions/Gitlab CI |
| [aws-security-reviewer](aws-security-reviewer/) | Setup roles and users needed to perform a security audit of AWS accounts, as described in [Cross Account Auditing in AWS and GCP](https://www.marcolancini.it/2019/blog-cross-account-auditing/) |
| [cloudflare-gateway-adblocking](cloudflare-gateway-adblocking/) | Mimic the Pi-hole's behaviour using only serverless technologies (Cloudflare Gateway, to be precise), as described in [Serverless Ad Blocking with Cloudflare Gateway](https://blog.marcolancini.it/2022/blog-serverless-ad-blocking-with-cloudflare-gateway/) |
| [cloudflare-pages](cloudflare-pages/) | Creates a Cloudflare Pages application with Zero Trust Authentication, where only the `allowed_emails` are allowed to access the application |
| [digitalocean-algovpn](digitalocean-algovpn/) | DigitalOcean droplet hosting an Algo VPN server |
4 changes: 2 additions & 2 deletions terraform/aws-ec2-zero-trust/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Building a Self-Hosted AppRunner on EC2 with Cloudflare Zero Trust Access
# Building an AppRunner on EC2 with Cloudflare Zero Trust Access

This module automates the setup needed
to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance,
without exposing them to the public internet,
as described in
[Building a Self-Hosted App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-selfhosted-apprunner-ec2-cloudflare-zero-trust-access/).
[Building an AppRunner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-apprunner-ec2-cloudflare-zero-trust-access/).


![](https://blog.marcolancini.it/images/posts/blog_apprunner_highlevel.png)

0 comments on commit a73ebb6

Please sign in to comment.