Infrastructure

@startuml Hello World
!theme materia
!include <C4/C4_Container>
!define GCPPuml https://raw.githubusercontent.com/davidholsgrove/gcp-icons-for-plantuml/master/dist
!includeurl GCPPuml/GCPCommon.puml
!includeurl GCPPuml/ManagementTools/CloudConsole.puml
!include <logos/google-workspace>
!include <logos/google-cloud>
!include <material/dns>
!include <logos/cloudflare>

'LAYOUT_TOP_DOWN()
'LAYOUT_AS_SKETCH()
LAYOUT_WITH_LEGEND()

Person_Ext(user, "User")
Person(user_internal, "BitGrowth Employee")

Boundary(bit, "Bit Growth") {
    System(website, "Website", "Public Website")
    System(docs, "Docs/Wiki", "This website")
    System_Ext(cloudflare_app_launcher, "<$cloudflare>\nCloudflare App Launcher", "Contains links to Bit Growth applications")
}

Boundary(google, "Google") {
    System_Ext(google_workspace_idp, "<$google-workspace>\nIDP", "")
    System_Ext(google_workspace_directory, "<$google-workspace>\nDirectory", "Contains user account/group data")
    System_Ext(google_cloud_oauth, "<$google-cloud>\n GCloud OAuth Application", "Provides client id and secret")
}

Boundary(cloudflare, "CloudFlare") {
    System_Ext(cloudflare_access, "<$cloudflare>\nCloudflare Zero Trust", "Configures access policies")
    System_Ext(cloudflare_pages, "<$cloudflare>\nCloudflare Pages", "Hosts web applications")
    System_Ext(cloudflare_dns, "<$cloudflare>\n<$ma_dns>\nCloudFlare DNS", "Manages Bit Growth DNS entries")
}

Rel(cloudflare_access, website, "Provides policies for", "staging, develop branches")
Rel(cloudflare_access, docs, "Provides policies for", "")
Rel(cloudflare_access, google_cloud_oauth, "Is configured via", "")
Rel(google_workspace_idp, google_cloud_oauth, "Allows cloud internal applications")
Rel_D(cloudflare_pages, website, "Builds and hosts")
Rel(google_workspace_idp, google_workspace_directory, "Get's account/group data from")
Rel_U(user, website, "Browses")
Rel_U(user_internal, docs, "Browses")

Lay_R(google,bit)
@enduml