diff --git a/terraform/README.md b/terraform/README.md
index 74022e5f8..49823870f 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -137,7 +137,7 @@ No providers.
| Name | Source | Version |
|------|--------|---------|
-| [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.9.0 |
+| [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.10.0 |
| [azurerm\_key\_vault](#module\_azurerm\_key\_vault) | github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars | v0.4.2 |
| [data\_protection](#module\_data\_protection) | github.com/DFE-Digital/terraform-azurerm-aspnet-data-protection | v1.1.0 |
| [statuscake-tls-monitor](#module\_statuscake-tls-monitor) | github.com/dfe-digital/terraform-statuscake-tls-monitor | v0.1.4 |
@@ -163,7 +163,7 @@ No resources.
| [cdn\_frontdoor\_origin\_fqdn\_override](#input\_cdn\_frontdoor\_origin\_fqdn\_override) | Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN | `string` | `""` | no |
| [cdn\_frontdoor\_origin\_host\_header\_override](#input\_cdn\_frontdoor\_origin\_host\_header\_override) | Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host\_name (`cdn_frontdoor_origin_fqdn_override`) | `string` | `""` | no |
| [cdn\_frontdoor\_rate\_limiting\_duration\_in\_minutes](#input\_cdn\_frontdoor\_rate\_limiting\_duration\_in\_minutes) | CDN Front Door rate limiting duration in minutes | `number` | `5` | no |
-| [cdn\_frontdoor\_rate\_limiting\_threshold](#input\_cdn\_frontdoor\_rate\_limiting\_threshold) | Maximum number of concurrent requests per minute threshold before rate limiting is applied | `number` | n/a | yes |
+| [cdn\_frontdoor\_rate\_limiting\_threshold](#input\_cdn\_frontdoor\_rate\_limiting\_threshold) | Maximum number of concurrent requests per minute threshold before rate limiting is applied | `number` | `300` | no |
| [cdn\_frontdoor\_waf\_custom\_rules](#input\_cdn\_frontdoor\_waf\_custom\_rules) | Map of all Custom rules you want to apply to the CDN WAF | map(object({
priority : number,
action : string
match_conditions : map(object({
match_variable : string,
match_values : optional(list(string), []),
operator : optional(string, "Any"),
selector : optional(string, null),
negation_condition : optional(bool, false),
}))
})) | `{}` | no |
| [container\_app\_file\_share\_mount\_path](#input\_container\_app\_file\_share\_mount\_path) | A path inside your container where the File Share will be mounted to | `string` | `"/srv/app/storage"` | no |
| [container\_apps\_allow\_ips\_inbound](#input\_container\_apps\_allow\_ips\_inbound) | Restricts access to the Container Apps by creating a network security group rule that only allow inbound traffic from the provided list of IPs | `list(string)` | `[]` | no |
@@ -171,6 +171,7 @@ No resources.
| [container\_max\_replicas](#input\_container\_max\_replicas) | Container max replicas | `number` | `2` | no |
| [container\_scale\_http\_concurrency](#input\_container\_scale\_http\_concurrency) | When the number of concurrent HTTP requests exceeds this value, then another replica is added. Replicas continue to add to the pool up to the max-replicas amount. | `number` | `10` | no |
| [container\_secret\_environment\_variables](#input\_container\_secret\_environment\_variables) | Container secret environment variables | `map(string)` | n/a | yes |
+| [create\_container\_app\_blob\_storage\_sas](#input\_create\_container\_app\_blob\_storage\_sas) | Generate a SAS connection string that is exposed to your App as an environment variable so that it can connect to the Storage Account | `bool` | `false` | no |
| [dns\_a\_records](#input\_dns\_a\_records) | DNS A records to add to the DNS Zone | map(
object({
ttl : optional(number, 300),
records : list(string)
})
)
| n/a | yes |
| [dns\_mx\_records](#input\_dns\_mx\_records) | DNS MX records to add to the DNS Zone | map(
object({
ttl : optional(number, 300),
records : list(
object({
preference : number,
exchange : string
})
)
})
)
| `{}` | no |
| [dns\_ns\_records](#input\_dns\_ns\_records) | DNS NS records to add to the DNS Zone | map(
object({
ttl : optional(number, 300),
records : list(string)
})
)
| n/a | yes |
diff --git a/terraform/container-apps-hosting.tf b/terraform/container-apps-hosting.tf
index 82031f5d5..4f3069984 100644
--- a/terraform/container-apps-hosting.tf
+++ b/terraform/container-apps-hosting.tf
@@ -1,5 +1,5 @@
module "azure_container_apps_hosting" {
- source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.9.0"
+ source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.10.0"
environment = local.environment
project_name = local.project_name
@@ -55,6 +55,7 @@ module "azure_container_apps_hosting" {
enable_container_health_probe = local.enable_container_health_probe
enable_container_app_blob_storage = local.enable_container_app_blob_storage
+ create_container_app_blob_storage_sas = local.create_container_app_blob_storage_sas
enable_container_app_file_share = local.enable_container_app_file_share
container_app_file_share_mount_path = local.container_app_file_share_mount_path
storage_account_ipv4_allow_list = local.storage_account_ipv4_allow_list
diff --git a/terraform/locals.tf b/terraform/locals.tf
index 51b950d4a..f0866ce9f 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -44,6 +44,7 @@ locals {
monitor_email_receivers = var.monitor_email_receivers
existing_logic_app_workflow = var.existing_logic_app_workflow
enable_container_app_blob_storage = var.enable_container_app_blob_storage
+ create_container_app_blob_storage_sas = var.create_container_app_blob_storage_sas
enable_container_app_file_share = var.enable_container_app_file_share
container_app_file_share_mount_path = var.container_app_file_share_mount_path
storage_account_ipv4_allow_list = var.storage_account_ipv4_allow_list
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 8f848bb21..9c52f8cdf 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -136,6 +136,7 @@ variable "cdn_frontdoor_enable_rate_limiting" {
variable "cdn_frontdoor_rate_limiting_threshold" {
description = "Maximum number of concurrent requests per minute threshold before rate limiting is applied"
type = number
+ default = 300
}
variable "cdn_frontdoor_waf_custom_rules" {
@@ -296,6 +297,12 @@ variable "enable_container_app_blob_storage" {
type = bool
}
+variable "create_container_app_blob_storage_sas" {
+ description = "Generate a SAS connection string that is exposed to your App as an environment variable so that it can connect to the Storage Account"
+ type = bool
+ default = false
+}
+
variable "enable_container_app_file_share" {
description = "Create an Azure Storage Account and File Share to be mounted to the Container Apps"
type = bool