Switch to terraform

terraform/policies.tf

@@ -0,0 +1,52 @@
+# Access policies for Achilles network
+resource "netbird_policy" "pilot_to_gs" {
+  name        = "pilot-to-ground-station"
+  description = "Allow pilots to connect to ground stations"
+  enabled     = true
+
+  rule {
+    name          = "pilot-gs-access"
+    enabled       = true
+    sources       = [netbird_group.pilots.id]
+    destinations  = [netbird_group.ground_stations.id]
+    bidirectional = true
+    protocol      = "all"
+    action        = "accept"
+  }
+}
+
+resource "netbird_policy" "operator_full_access" {
+  name        = "operator-full-access"
+  description = "Operators can access all network resources"
+  enabled     = true
+
+  rule {
+    name    = "operator-all"
+    enabled = true
+    sources = [netbird_group.operators.id]
+    destinations = [
+      netbird_group.ground_stations.id,
+      netbird_group.pilots.id,
+      netbird_group.fusion_servers.id
+    ]
+    bidirectional = true
+    protocol      = "all"
+    action        = "accept"
+  }
+}
+
+resource "netbird_policy" "fusion_to_gs" {
+  name        = "fusion-to-ground-station"
+  description = "Fusion servers coordinate with ground stations"
+  enabled     = true
+
+  rule {
+    name          = "fusion-gs"
+    enabled       = true
+    sources       = [netbird_group.fusion_servers.id]
+    destinations  = [netbird_group.ground_stations.id]
+    bidirectional = true
+    protocol      = "all"
+    action        = "accept"
+  }
+}