Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TERRAFORM] Add aws-ec2-zero-trust #202

Merged
merged 1 commit into from
Oct 31, 2024
Merged

[TERRAFORM] Add aws-ec2-zero-trust #202

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 11 additions & 11 deletions terraform/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ This folder contains the relevant sources needed by a few custom Terraform modul

## Modules

| Module | Description |
| --------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [aws-ec2-zero-trust](aws-ec2-zero-trust/) | Automates the setup needed to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance, as described in [Building a Self-Hosted App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-selfhosted-apprunner-ec2-cloudflare-zero-trust-access/) |
| [aws-ecs-zero-trust](aws-ecs-zero-trust/) | Automates the setup needed to use CloudFlare Tunnel to securely access a Flask webapp running in a private subnet in ECS on Fargate, as described in [Zero Trust Access to Private Webapps on AWS ECS with Cloudflare Tunnel](http://blog.marcolancini.it/2023/blog-cloudflare-tunnel-zero-trust-ecs/) |
| [aws-gdrive-backups](aws-gdrive-backups/) | Automates the setup of an ECS Task needed to backup a GDrive folder, as described in [Automated GDrive Backups with ECS and S3](https://www.marcolancini.it/2021/blog-gdrive-backups-with-ecs/) |
| [aws-github-backups](aws-github-backups/) | Automates the setup of an ECS Task needed to backup a Github account, as described in [Automated Github Backups with ECS and S3](https://www.marcolancini.it/2021/blog-github-backups-with-ecs/) |
| [aws-oidc-ci](aws-oidc-ci/) | Automates the setup of OIDC federation between AWS and Github Actions/Gitlab CI |
| [aws-security-reviewer](aws-security-reviewer/) | Setup roles and users needed to perform a security audit of AWS accounts, as described in [Cross Account Auditing in AWS and GCP](https://www.marcolancini.it/2019/blog-cross-account-auditing/) |
| [cloudflare-gateway-adblocking](cloudflare-gateway-adblocking/) | Mimic the Pi-hole's behaviour using only serverless technologies (Cloudflare Gateway, to be precise), as described in [Serverless Ad Blocking with Cloudflare Gateway](https://blog.marcolancini.it/2022/blog-serverless-ad-blocking-with-cloudflare-gateway/) |
| [cloudflare-pages](cloudflare-pages/) | Creates a Cloudflare Pages application with Zero Trust Authentication, where only the `allowed_emails` are allowed to access the application |
| [digitalocean-algovpn](digitalocean-algovpn/) | DigitalOcean droplet hosting an Algo VPN server |
| Module | Description |
| --------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [aws-ec2-zero-trust](aws-ec2-zero-trust/) | Automates the setup needed to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance, as described in [Building an App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-apprunner-ec2-cloudflare-zero-trust-access/) |
| [aws-ecs-zero-trust](aws-ecs-zero-trust/) | Automates the setup needed to use CloudFlare Tunnel to securely access a Flask webapp running in a private subnet in ECS on Fargate, as described in [Zero Trust Access to Private Webapps on AWS ECS with Cloudflare Tunnel](http://blog.marcolancini.it/2023/blog-cloudflare-tunnel-zero-trust-ecs/) |
| [aws-gdrive-backups](aws-gdrive-backups/) | Automates the setup of an ECS Task needed to backup a GDrive folder, as described in [Automated GDrive Backups with ECS and S3](https://www.marcolancini.it/2021/blog-gdrive-backups-with-ecs/) |
| [aws-github-backups](aws-github-backups/) | Automates the setup of an ECS Task needed to backup a Github account, as described in [Automated Github Backups with ECS and S3](https://www.marcolancini.it/2021/blog-github-backups-with-ecs/) |
| [aws-oidc-ci](aws-oidc-ci/) | Automates the setup of OIDC federation between AWS and Github Actions/Gitlab CI |
| [aws-security-reviewer](aws-security-reviewer/) | Setup roles and users needed to perform a security audit of AWS accounts, as described in [Cross Account Auditing in AWS and GCP](https://www.marcolancini.it/2019/blog-cross-account-auditing/) |
| [cloudflare-gateway-adblocking](cloudflare-gateway-adblocking/) | Mimic the Pi-hole's behaviour using only serverless technologies (Cloudflare Gateway, to be precise), as described in [Serverless Ad Blocking with Cloudflare Gateway](https://blog.marcolancini.it/2022/blog-serverless-ad-blocking-with-cloudflare-gateway/) |
| [cloudflare-pages](cloudflare-pages/) | Creates a Cloudflare Pages application with Zero Trust Authentication, where only the `allowed_emails` are allowed to access the application |
| [digitalocean-algovpn](digitalocean-algovpn/) | DigitalOcean droplet hosting an Algo VPN server |
4 changes: 2 additions & 2 deletions terraform/aws-ec2-zero-trust/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Building a Self-Hosted AppRunner on EC2 with Cloudflare Zero Trust Access
# Building an AppRunner on EC2 with Cloudflare Zero Trust Access

This module automates the setup needed
to use CloudFlare Access Applications and Tunnels to securely access webapps running on an EC2 instance,
without exposing them to the public internet,
as described in
[Building a Self-Hosted App Runner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-selfhosted-apprunner-ec2-cloudflare-zero-trust-access/).
[Building an AppRunner on EC2 with Cloudflare Zero Trust Access](http://blog.marcolancini.it/2024/blog-building-apprunner-ec2-cloudflare-zero-trust-access/).


![](https://blog.marcolancini.it/images/posts/blog_apprunner_highlevel.png)
Loading