diff --git a/api_management/README.md b/api_management/README.md
index 254d399c..177ad5db 100644
--- a/api_management/README.md
+++ b/api_management/README.md
@@ -153,26 +153,26 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
-| [application\_insights](#input\_application\_insights) | Application Insights integration The instrumentation key used to push data | object({
enabled = bool
instrumentation_key = string
}) | n/a | yes |
-| [autoscale](#input\_autoscale) | Configure Apim autoscale rule on capacity metric | object(
{
enabled = bool
default_instances = number
minimum_instances = number
maximum_instances = number
scale_out_capacity_percentage = number
scale_out_time_window = string
scale_out_value = string
scale_out_cooldown = string
scale_in_capacity_percentage = number
scale_in_time_window = string
scale_in_value = string
scale_in_cooldown = string
}
)
| {
"default_instances": 1,
"enabled": true,
"maximum_instances": 5,
"minimum_instances": 1,
"scale_in_capacity_percentage": 30,
"scale_in_cooldown": "PT30M",
"scale_in_time_window": "PT30M",
"scale_in_value": "1",
"scale_out_capacity_percentage": 60,
"scale_out_cooldown": "PT45M",
"scale_out_time_window": "PT10M",
"scale_out_value": "2"
} | no |
+| [application\_insights](#input\_application\_insights) | Application Insights integration The instrumentation key used to push data | object({
enabled = bool
instrumentation_key = string
}) | n/a | yes |
+| [autoscale](#input\_autoscale) | Configure Apim autoscale rule on capacity metric | object(
{
enabled = bool
default_instances = number
minimum_instances = number
maximum_instances = number
scale_out_capacity_percentage = number
scale_out_time_window = string
scale_out_value = string
scale_out_cooldown = string
scale_in_capacity_percentage = number
scale_in_time_window = string
scale_in_value = string
scale_in_cooldown = string
}
)
| {
"default_instances": 1,
"enabled": true,
"maximum_instances": 5,
"minimum_instances": 1,
"scale_in_capacity_percentage": 30,
"scale_in_cooldown": "PT30M",
"scale_in_time_window": "PT30M",
"scale_in_value": "1",
"scale_out_capacity_percentage": 60,
"scale_out_cooldown": "PT45M",
"scale_out_time_window": "PT10M",
"scale_out_value": "2"
} | no |
| [certificate\_names](#input\_certificate\_names) | List of key vault certificate name | `list(string)` | `[]` | no |
| [diagnostic\_always\_log\_errors](#input\_diagnostic\_always\_log\_errors) | Always log errors. Send telemetry if there is an erroneous condition, regardless of sampling settings. | `bool` | `true` | no |
-| [diagnostic\_backend\_request](#input\_diagnostic\_backend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
-| [diagnostic\_backend\_response](#input\_diagnostic\_backend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
-| [diagnostic\_frontend\_request](#input\_diagnostic\_frontend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
-| [diagnostic\_frontend\_response](#input\_diagnostic\_frontend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
+| [diagnostic\_backend\_request](#input\_diagnostic\_backend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
+| [diagnostic\_backend\_response](#input\_diagnostic\_backend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
+| [diagnostic\_frontend\_request](#input\_diagnostic\_frontend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
+| [diagnostic\_frontend\_response](#input\_diagnostic\_frontend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(
{
body_bytes = number
headers_to_log = set(string)
}
))
| `[]` | no |
| [diagnostic\_http\_correlation\_protocol](#input\_diagnostic\_http\_correlation\_protocol) | The HTTP Correlation Protocol to use. Possible values are None, Legacy or W3C. | `string` | `"W3C"` | no |
| [diagnostic\_log\_client\_ip](#input\_diagnostic\_log\_client\_ip) | Log client IP address. | `bool` | `true` | no |
| [diagnostic\_sampling\_percentage](#input\_diagnostic\_sampling\_percentage) | Sampling (%). For high traffic APIs, please read the documentation to understand performance implications and log sampling. Valid values are between 0.0 and 100.0. | `number` | `5` | no |
| [diagnostic\_verbosity](#input\_diagnostic\_verbosity) | Logging verbosity. Possible values are verbose, information or error. | `string` | `"error"` | no |
-| [hostname\_configuration](#input\_hostname\_configuration) | Custom domains | object({
proxy = list(object(
{
default_ssl_binding = bool
host_name = string
key_vault_id = string
}))
management = object({
host_name = string
key_vault_id = string
})
portal = object({
host_name = string
key_vault_id = string
})
developer_portal = object({
host_name = string
key_vault_id = string
})
}) | `null` | no |
+| [hostname\_configuration](#input\_hostname\_configuration) | Custom domains | object({
proxy = list(object(
{
default_ssl_binding = bool
host_name = string
key_vault_id = string
}))
management = object({
host_name = string
key_vault_id = string
})
portal = object({
host_name = string
key_vault_id = string
})
developer_portal = object({
host_name = string
key_vault_id = string
})
}) | `null` | no |
| [key\_vault\_id](#input\_key\_vault\_id) | Key vault id. | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [lock\_enable](#input\_lock\_enable) | Apply lock to block accedentaly deletions. | `bool` | `false` | no |
| [management\_logger\_applicaiton\_insight\_enabled](#input\_management\_logger\_applicaiton\_insight\_enabled) | (Optional) if false, disables management logger application insight block | `bool` | `true` | no |
-| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
metric_name = string
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
skip_metric_validation = bool
threshold = number
}
))
dynamic_criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
alert_sensitivity = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
evaluation_failure_count = number
evaluation_total_count = number
ignore_data_before = string
metric_name = string
metric_namespace = string
operator = string
skip_metric_validation = bool
}
))
})) | `{}` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
metric_name = string
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
skip_metric_validation = bool
threshold = number
}
))
dynamic_criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
alert_sensitivity = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
evaluation_failure_count = number
evaluation_total_count = number
ignore_data_before = string
metric_name = string
metric_namespace = string
operator = string
skip_metric_validation = bool
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [notification\_sender\_email](#input\_notification\_sender\_email) | Email address from which the notification will be sent. | `string` | `null` | no |
| [policy\_path](#input\_policy\_path) | (Deprecated). Path of the policy file. | `string` | `null` | no |
@@ -186,7 +186,7 @@ No modules.
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sign\_up\_enabled](#input\_sign\_up\_enabled) | Can users sign up on the development portal? | `bool` | `false` | no |
-| [sign\_up\_terms\_of\_service](#input\_sign\_up\_terms\_of\_service) | the development portal terms\_of\_service | object(
{
consent_required = bool
enabled = bool
text = string
}
)
| `null` | no |
+| [sign\_up\_terms\_of\_service](#input\_sign\_up\_terms\_of\_service) | the development portal terms\_of\_service | object(
{
consent_required = bool
enabled = bool
text = string
}
)
| `null` | no |
| [sku\_name](#input\_sku\_name) | A string consisting of two parts separated by an underscore(\_). The first part is the name, valid values include: Consumption, Developer, Basic, Standard and Premium. The second part is the capacity (e.g. the number of deployed units of the sku), which must be a positive integer (e.g. Developer\_1). | `string` | n/a | yes |
| [subnet\_id](#input\_subnet\_id) | The id of the subnet that will be used for the API Management. | `string` | `null` | no |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/api_management_api/README.md b/api_management_api/README.md
index 62a07c45..1f0595ad 100644
--- a/api_management_api/README.md
+++ b/api_management_api/README.md
@@ -83,7 +83,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [api\_management\_name](#input\_api\_management\_name) | n/a | `string` | n/a | yes |
-| [api\_operation\_policies](#input\_api\_operation\_policies) | List of api policy for given operation. | list(object({
operation_id = string
xml_content = string
}
)) | `[]` | no |
+| [api\_operation\_policies](#input\_api\_operation\_policies) | List of api policy for given operation. | list(object({
operation_id = string
xml_content = string
}
)) | `[]` | no |
| [api\_type](#input\_api\_type) | (Optional) Type of API. Possible values are graphql, http, soap, and websocket. Defaults to http. | `string` | `"http"` | no |
| [api\_version](#input\_api\_version) | The Version number of this API, if this API is versioned. | `string` | `null` | no |
| [content\_format](#input\_content\_format) | The format of the content from which the API Definition should be imported. | `string` | `"swagger-json"` | no |
@@ -91,7 +91,7 @@ No modules.
| [description](#input\_description) | n/a | `string` | n/a | yes |
| [display\_name](#input\_display\_name) | n/a | `string` | n/a | yes |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [oauth2\_authorization](#input\_oauth2\_authorization) | n/a | object({
authorization_server_name = string
}
) | {
"authorization_server_name": null
} | no |
+| [oauth2\_authorization](#input\_oauth2\_authorization) | n/a | object({
authorization_server_name = string
}
) | {
"authorization_server_name": null
} | no |
| [path](#input\_path) | n/a | `string` | n/a | yes |
| [product\_ids](#input\_product\_ids) | n/a | `list(string)` | `[]` | no |
| [protocols](#input\_protocols) | n/a | `list(string)` | n/a | yes |
@@ -99,7 +99,7 @@ No modules.
| [revision](#input\_revision) | n/a | `string` | `"1"` | no |
| [revision\_description](#input\_revision\_description) | n/a | `string` | `null` | no |
| [service\_url](#input\_service\_url) | n/a | `string` | n/a | yes |
-| [subscription\_key\_names](#input\_subscription\_key\_names) | Override the default name of the header and query string containing the subscription key header | object({
header = string
query = string
}) | `null` | no |
+| [subscription\_key\_names](#input\_subscription\_key\_names) | Override the default name of the header and query string containing the subscription key header | object({
header = string
query = string
}) | `null` | no |
| [subscription\_required](#input\_subscription\_required) | Should this API require a subscription key? | `bool` | `false` | no |
| [version\_set\_id](#input\_version\_set\_id) | The ID of the Version Set which this API is associated with. | `string` | `null` | no |
| [xml\_content](#input\_xml\_content) | The XML Content for this Policy as a string | `string` | `null` | no |
diff --git a/app_gateway/README.md b/app_gateway/README.md
index 4a2198c6..19f90a5f 100644
--- a/app_gateway/README.md
+++ b/app_gateway/README.md
@@ -470,32 +470,32 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metric Alerts be enabled? | `bool` | `true` | no |
| [app\_gateway\_max\_capacity](#input\_app\_gateway\_max\_capacity) | (Optional) Maximum capacity for autoscaling. Accepted values are in the range 2 to 125. | `string` | n/a | yes |
| [app\_gateway\_min\_capacity](#input\_app\_gateway\_min\_capacity) | (Required) Minimum capacity for autoscaling. Accepted values are in the range 0 to 100. | `string` | n/a | yes |
-| [backends](#input\_backends) | Obj that allow to configure: backend\_address\_pool, backend\_http\_settings, probe | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true
port = number # Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used.
ip_addresses = list(string) # A list of IP Addresses which should be part of the Backend Address Pool.
fqdns = list(string) # A list of FQDN's which should be part of the Backend Address Pool.
probe = string # The Path used for this Probe.
probe_name = string # The Name of the Probe.
request_timeout = number # The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
pick_host_name_from_backend = bool # Whether the host header should be picked from the backend http settings
})) | n/a | yes |
+| [backends](#input\_backends) | Obj that allow to configure: backend\_address\_pool, backend\_http\_settings, probe | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true
port = number # Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used.
ip_addresses = list(string) # A list of IP Addresses which should be part of the Backend Address Pool.
fqdns = list(string) # A list of FQDN's which should be part of the Backend Address Pool.
probe = string # The Path used for this Probe.
probe_name = string # The Name of the Probe.
request_timeout = number # The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
pick_host_name_from_backend = bool # Whether the host header should be picked from the backend http settings
})) | n/a | yes |
| [identity\_ids](#input\_identity\_ids) | n/a | `list(string)` | n/a | yes |
-| [listeners](#input\_listeners) | n/a | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
port = number # The port used for this Frontend Port.
ssl_profile_name = string # The name of the associated SSL Profile which should be used for this HTTP Listener.
firewall_policy_id = string # The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
type = optional(string, "Public") # The type of Listener "Public" - "Private"
certificate = object({
name = string # The Name of the SSL certificate that is unique within this Application Gateway
id = string # Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.
})
})) | n/a | yes |
+| [listeners](#input\_listeners) | n/a | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
port = number # The port used for this Frontend Port.
ssl_profile_name = string # The name of the associated SSL Profile which should be used for this HTTP Listener.
firewall_policy_id = string # The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
type = optional(string, "Public") # The type of Listener "Public" - "Private"
certificate = object({
name = string # The Name of the SSL certificate that is unique within this Application Gateway
id = string # Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.
})
})) | n/a | yes |
| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
-| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkapplicationgateways | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
# static
criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
# dynamic
dynamic_criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
# Possible values are Low, Medium, High
alert_sensitivity = string
evaluation_total_count = number
evaluation_failure_count = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
})) | `{}` | no |
+| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkapplicationgateways | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
# static
criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
# dynamic
dynamic_criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
# Possible values are Low, Medium, High
alert_sensitivity = string
evaluation_total_count = number
evaluation_failure_count = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [private\_ip\_address](#input\_private\_ip\_address) | Private frontend ip | `list(string)` | `[]` | no |
| [public\_ip\_id](#input\_public\_ip\_id) | Public IP | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
-| [rewrite\_rule\_sets](#input\_rewrite\_rule\_sets) | Rewrite rules sets obj descriptor | list(object({
name = string # Unique name of the rewrite rule set block
rewrite_rules = list(object({
name = string # Unique name of the rewrite rule block
rule_sequence = number # Rule sequence of the rewrite rule that determines the order of execution in a set.
conditions = list(object({ # One or more condition blocks as defined above.
variable = string # The variable of the condition.
pattern = string # The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignore_case = bool # Perform a case in-sensitive comparison. Defaults to false
negate = bool # Negate the result of the condition evaluation. Defaults to false
}))
request_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a request header set this property to an empty string.
}))
response_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a response header set this property to an empty string.
}))
url = object({
path = string # The URL path to rewrite.
query_string = string # The query string to rewrite.
reroute = optional(bool, false) # Whether the URL path map should be reevaluated after this rewrite has been applied.
components = optional(string, null) # The components used to rewrite the URL. Possible values are path_only and query_string_only to limit the rewrite to the URL Path or URL Query String only.
})
}))
})) | `[]` | no |
-| [routes](#input\_routes) | n/a | map(object({
listener = string # Prefix for http_listener_name
backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | n/a | yes |
-| [routes\_path\_based](#input\_routes\_path\_based) | To configure path based routing | map(object({
listener = string # Prefix for http_listener_name
url_map_name = string # The Name of the URL Path Map which should be associated with this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | `{}` | no |
+| [rewrite\_rule\_sets](#input\_rewrite\_rule\_sets) | Rewrite rules sets obj descriptor | list(object({
name = string # Unique name of the rewrite rule set block
rewrite_rules = list(object({
name = string # Unique name of the rewrite rule block
rule_sequence = number # Rule sequence of the rewrite rule that determines the order of execution in a set.
conditions = list(object({ # One or more condition blocks as defined above.
variable = string # The variable of the condition.
pattern = string # The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignore_case = bool # Perform a case in-sensitive comparison. Defaults to false
negate = bool # Negate the result of the condition evaluation. Defaults to false
}))
request_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a request header set this property to an empty string.
}))
response_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a response header set this property to an empty string.
}))
url = object({
path = string # The URL path to rewrite.
query_string = string # The query string to rewrite.
reroute = optional(bool, false) # Whether the URL path map should be reevaluated after this rewrite has been applied.
components = optional(string, null) # The components used to rewrite the URL. Possible values are path_only and query_string_only to limit the rewrite to the URL Path or URL Query String only.
})
}))
})) | `[]` | no |
+| [routes](#input\_routes) | n/a | map(object({
listener = string # Prefix for http_listener_name
backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | n/a | yes |
+| [routes\_path\_based](#input\_routes\_path\_based) | To configure path based routing | map(object({
listener = string # Prefix for http_listener_name
url_map_name = string # The Name of the URL Path Map which should be associated with this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | `{}` | no |
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sku\_name](#input\_sku\_name) | SKU Name of the App GW | `string` | n/a | yes |
| [sku\_tier](#input\_sku\_tier) | SKU tier of the App GW | `string` | n/a | yes |
-| [ssl\_profiles](#input\_ssl\_profiles) | n/a | list(object({
name = string # The name of the SSL Profile that is unique within this Application Gateway.
trusted_client_certificate_names = list(string) # The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
verify_client_cert_issuer_dn = bool # Should client certificate issuer DN be verified? Defaults to false
ssl_policy = object({
disabled_protocols = list(string) # A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
policy_type = string # The Type of the Policy. Possible values are Predefined and Custom.
policy_name = string # The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.
cipher_suites = list(string) # A List of accepted cipher suites. see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites for possible values
min_protocol_version = string # The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
})
})) | `[]` | no |
+| [ssl\_profiles](#input\_ssl\_profiles) | n/a | list(object({
name = string # The name of the SSL Profile that is unique within this Application Gateway.
trusted_client_certificate_names = list(string) # The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
verify_client_cert_issuer_dn = bool # Should client certificate issuer DN be verified? Defaults to false
ssl_policy = object({
disabled_protocols = list(string) # A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
policy_type = string # The Type of the Policy. Possible values are Predefined and Custom.
policy_name = string # The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.
cipher_suites = list(string) # A List of accepted cipher suites. see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites for possible values
min_protocol_version = string # The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
})
})) | `[]` | no |
| [subnet\_id](#input\_subnet\_id) | Subnet dedicated to the app gateway | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
-| [trusted\_client\_certificates](#input\_trusted\_client\_certificates) | Note: the attribute secret\_name refers to the secret contaning the client certificate. Secrects'name in the key vault can't have low hyphens but just hyphens in it. | list(object({
secret_name = string # The name of the Trusted Client Certificate that is unique within this Application Gateway.
key_vault_id = string # Key vault id, that contains the certificate.
})) | n/a | yes |
-| [url\_path\_map](#input\_url\_path\_map) | To configure the mapping between path and backend | map(object({
default_backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
default_rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
path_rule = map(object({
paths = list(string) # A list of Paths used in this Path Rule
backend = string
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this URL Path Map
}))
})) | `{}` | no |
-| [waf\_disabled\_rule\_group](#input\_waf\_disabled\_rule\_group) | n/a | list(object({
rule_group_name = string # The rule group where specific rules should be disabled.
rules = list(string) # A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.
})) | `[]` | no |
+| [trusted\_client\_certificates](#input\_trusted\_client\_certificates) | Note: the attribute secret\_name refers to the secret contaning the client certificate. Secrects'name in the key vault can't have low hyphens but just hyphens in it. | list(object({
secret_name = string # The name of the Trusted Client Certificate that is unique within this Application Gateway.
key_vault_id = string # Key vault id, that contains the certificate.
})) | n/a | yes |
+| [url\_path\_map](#input\_url\_path\_map) | To configure the mapping between path and backend | map(object({
default_backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
default_rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
path_rule = map(object({
paths = list(string) # A list of Paths used in this Path Rule
backend = string
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this URL Path Map
}))
})) | `{}` | no |
+| [waf\_disabled\_rule\_group](#input\_waf\_disabled\_rule\_group) | n/a | list(object({
rule_group_name = string # The rule group where specific rules should be disabled.
rules = list(string) # A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.
})) | `[]` | no |
| [waf\_enabled](#input\_waf\_enabled) | Enable WAF | `bool` | `true` | no |
| [zones](#input\_zones) | (Optional) Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. | `list(any)` | `null` | no |
diff --git a/app_service/README.md b/app_service/README.md
index 157baf66..bfe092c8 100644
--- a/app_service/README.md
+++ b/app_service/README.md
@@ -82,7 +82,7 @@ No modules.
| [app\_command\_line](#input\_app\_command\_line) | (Optional) App command line to launch, e.g. /sbin/myserver -b 0.0.0.0. | `string` | `null` | no |
| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no |
| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no |
-| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
| [client\_cert\_enabled](#input\_client\_cert\_enabled) | (Optional) Does the App Service require client certificates for incoming requests? Defaults to false. | `bool` | `false` | no |
| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
diff --git a/app_service_slot/README.md b/app_service_slot/README.md
index 1b5c5100..d9752db6 100644
--- a/app_service_slot/README.md
+++ b/app_service_slot/README.md
@@ -82,7 +82,7 @@ No modules.
| [app\_service\_name](#input\_app\_service\_name) | (Required) The name of the App Service within which to create the App Service Slot. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no |
| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no |
-| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
diff --git a/application_insights_web_test_preview/README.md b/application_insights_web_test_preview/README.md
index 0105b55f..11bb56ac 100644
--- a/application_insights_web_test_preview/README.md
+++ b/application_insights_web_test_preview/README.md
@@ -67,7 +67,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
+| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
| [alert\_description](#input\_alert\_description) | Web Availability Alert description | `string` | `"Web availability check alert triggered when it fails."` | no |
| [application\_insight\_id](#input\_application\_insight\_id) | Application insight id. | `string` | n/a | yes |
| [application\_insight\_name](#input\_application\_insight\_name) | Application insight instance name. | `string` | n/a | yes |
diff --git a/azure_devops_agent/README.md b/azure_devops_agent/README.md
index c53976f5..702b9c72 100644
--- a/azure_devops_agent/README.md
+++ b/azure_devops_agent/README.md
@@ -99,7 +99,7 @@ No modules.
| [admin\_password](#input\_admin\_password) | (Optional) The Password which should be used for the local-administrator on this Virtual Machine. Changing this forces a new resource to be created. will be stored in the raw state as plain-text | `string` | `null` | no |
| [authentication\_type](#input\_authentication\_type) | (Required) Type of authentication to use with the VM. Defaults to password for Windows and SSH public key for Linux. all enables both ssh and password authentication. | `string` | `"SSH"` | no |
| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no |
-| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
| [image\_resource\_group\_name](#input\_image\_resource\_group\_name) | (Optional) Resource group name where to find the vm image used for azdo vms. If not defined, 'resource\_group\_name' will be used | `string` | `null` | no |
| [image\_type](#input\_image\_type) | (Required) Defines the source image to be used, whether 'custom' or 'standard'. `custom` requires `source_image_name` to be defined, `standard` requires `image_reference` | `string` | `"custom"` | no |
| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
diff --git a/cdn/README.md b/cdn/README.md
index 5d4cb6af..99bb8c0f 100644
--- a/cdn/README.md
+++ b/cdn/README.md
@@ -129,15 +129,15 @@ During the apply there will be 1 changed and 1 destroy related to storage see [s
| [azuread\_service\_principal\_azure\_cdn\_frontdoor\_id](#input\_azuread\_service\_principal\_azure\_cdn\_frontdoor\_id) | Azure CDN Front Door Principal ID - Microsoft.AzureFrontDoor-Cdn | `string` | `null` | no |
| [cdn\_location](#input\_cdn\_location) | If the location of the CDN needs to be different from that of the storage account, set this variable to the location where the CDN should be created. For example, cdn\_location = westeurope and location = northitaly | `string` | `null` | no |
| [custom\_hostname\_kv\_enabled](#input\_custom\_hostname\_kv\_enabled) | Flag required to enable the association between KV certificate and CDN when the hostname is different from the APEX | `bool` | `false` | no |
-| [delivery\_rule](#input\_delivery\_rule) | n/a | list(object({
name = string
order = number
// start conditions
cookies_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
device_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
http_version_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
post_arg_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
query_string_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
remote_address_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_body_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_header_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_method_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_scheme_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
request_uri_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_extension_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_name_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_path_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
// end conditions
// start actions
cache_expiration_actions = list(object({
behavior = string
duration = string
}))
cache_key_query_string_actions = list(object({
behavior = string
parameters = string
}))
modify_request_header_actions = list(object({
action = string
name = string
value = string
}))
modify_response_header_actions = list(object({
action = string
name = string
value = string
}))
url_redirect_actions = list(object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
}))
url_rewrite_actions = list(object({
source_pattern = string
destination = string
preserve_unmatched_path = string
}))
// end actions
})) | `[]` | no |
-| [delivery\_rule\_redirect](#input\_delivery\_rule\_redirect) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
-| [delivery\_rule\_request\_scheme\_condition](#input\_delivery\_rule\_request\_scheme\_condition) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
-| [delivery\_rule\_rewrite](#input\_delivery\_rule\_rewrite) | n/a | list(object({
name = string
order = number
conditions = list(object({
condition_type = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_rewrite_action = object({
source_pattern = string
destination = string
preserve_unmatched_path = string
})
})) | `[]` | no |
-| [delivery\_rule\_url\_path\_condition\_cache\_expiration\_action](#input\_delivery\_rule\_url\_path\_condition\_cache\_expiration\_action) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
behavior = string
duration = string
response_action = string
response_name = string
response_value = string
})) | `[]` | no |
+| [delivery\_rule](#input\_delivery\_rule) | n/a | list(object({
name = string
order = number
// start conditions
cookies_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
device_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
http_version_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
post_arg_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
query_string_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
remote_address_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_body_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_header_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_method_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_scheme_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
request_uri_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_extension_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_name_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_path_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
// end conditions
// start actions
cache_expiration_actions = list(object({
behavior = string
duration = string
}))
cache_key_query_string_actions = list(object({
behavior = string
parameters = string
}))
modify_request_header_actions = list(object({
action = string
name = string
value = string
}))
modify_response_header_actions = list(object({
action = string
name = string
value = string
}))
url_redirect_actions = list(object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
}))
url_rewrite_actions = list(object({
source_pattern = string
destination = string
preserve_unmatched_path = string
}))
// end actions
})) | `[]` | no |
+| [delivery\_rule\_redirect](#input\_delivery\_rule\_redirect) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_request\_scheme\_condition](#input\_delivery\_rule\_request\_scheme\_condition) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_rewrite](#input\_delivery\_rule\_rewrite) | n/a | list(object({
name = string
order = number
conditions = list(object({
condition_type = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_rewrite_action = object({
source_pattern = string
destination = string
preserve_unmatched_path = string
})
})) | `[]` | no |
+| [delivery\_rule\_url\_path\_condition\_cache\_expiration\_action](#input\_delivery\_rule\_url\_path\_condition\_cache\_expiration\_action) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
behavior = string
duration = string
response_action = string
response_name = string
response_value = string
})) | `[]` | no |
| [dns\_zone\_name](#input\_dns\_zone\_name) | n/a | `string` | n/a | yes |
| [dns\_zone\_resource\_group\_name](#input\_dns\_zone\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [error\_404\_document](#input\_error\_404\_document) | n/a | `string` | n/a | yes |
-| [global\_delivery\_rule](#input\_global\_delivery\_rule) | n/a | object({
cache_expiration_action = list(object({
behavior = string
duration = string
}))
cache_key_query_string_action = list(object({
behavior = string
parameters = string
}))
modify_request_header_action = list(object({
action = string
name = string
value = string
}))
modify_response_header_action = list(object({
action = string
name = string
value = string
}))
}) | `null` | no |
+| [global\_delivery\_rule](#input\_global\_delivery\_rule) | n/a | object({
cache_expiration_action = list(object({
behavior = string
duration = string
}))
cache_key_query_string_action = list(object({
behavior = string
parameters = string
}))
modify_request_header_action = list(object({
action = string
name = string
value = string
}))
modify_response_header_action = list(object({
action = string
name = string
value = string
}))
}) | `null` | no |
| [hostname](#input\_hostname) | n/a | `string` | n/a | yes |
| [https\_rewrite\_enabled](#input\_https\_rewrite\_enabled) | n/a | `bool` | `true` | no |
| [index\_document](#input\_index\_document) | n/a | `string` | n/a | yes |
diff --git a/container_app_job_gh_runner_v2/README.md b/container_app_job_gh_runner_v2/README.md
index 8a4bc718..af30fc01 100644
--- a/container_app_job_gh_runner_v2/README.md
+++ b/container_app_job_gh_runner_v2/README.md
@@ -89,6 +89,7 @@ No modules.
| [azurerm_key_vault_access_policy.keyvault_containerapp](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/container_app_environment) | data source |
| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault) | data source |
+| [azurerm_key_vault_secret.github_pat](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
diff --git a/container_app_job_gh_runner_v2/data.tf b/container_app_job_gh_runner_v2/data.tf
index b80d1fcd..012e2204 100644
--- a/container_app_job_gh_runner_v2/data.tf
+++ b/container_app_job_gh_runner_v2/data.tf
@@ -11,3 +11,8 @@ data "azurerm_container_app_environment" "container_app_environment" {
name = var.environment_name
resource_group_name = var.environment_rg
}
+
+data "azurerm_key_vault_secret" "github_pat" {
+ key_vault_id = data.azurerm_key_vault.key_vault.id
+ name = var.key_vault_secret_name
+}
diff --git a/container_app_job_gh_runner_v2/locals.tf b/container_app_job_gh_runner_v2/locals.tf
index cb50c49a..99a0f09d 100644
--- a/container_app_job_gh_runner_v2/locals.tf
+++ b/container_app_job_gh_runner_v2/locals.tf
@@ -21,10 +21,6 @@ locals {
container = {
env = [
- {
- name = "GITHUB_PAT"
- value = "personal-access-token"
- },
{
name = "REPO_URL"
value = "https://github.com/${var.job_meta.repo_owner}/${var.job_meta.repo}"
diff --git a/container_app_job_gh_runner_v2/main.tf b/container_app_job_gh_runner_v2/main.tf
index af1865c0..573d8e08 100644
--- a/container_app_job_gh_runner_v2/main.tf
+++ b/container_app_job_gh_runner_v2/main.tf
@@ -33,7 +33,7 @@ resource "azurerm_container_app_job" "container_app_job" {
secret {
# no versioning
- key_vault_secret_id = "${data.azurerm_key_vault.key_vault.vault_uri}secrets/${var.key_vault_secret_name}"
+ key_vault_secret_id = data.azurerm_key_vault_secret.github_pat.id
identity = "System"
name = "personal-access-token"
@@ -53,6 +53,11 @@ resource "azurerm_container_app_job" "container_app_job" {
value = env.value["value"]
}
}
+
+ env {
+ name = "GITHUB_PAT"
+ secret_name = "personal-access-token"
+ }
}
}
diff --git a/container_registry/README.md b/container_registry/README.md
index 84bae5c7..4e1ab37e 100644
--- a/container_registry/README.md
+++ b/container_registry/README.md
@@ -56,13 +56,13 @@ No modules.
|------|-------------|------|---------|:--------:|
| [admin\_enabled](#input\_admin\_enabled) | (Optional) Specifies whether the admin user is enabled. Defaults to false. | `bool` | `false` | no |
| [anonymous\_pull\_enabled](#input\_anonymous\_pull\_enabled) | (Optional) Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU. | `bool` | `false` | no |
-| [georeplications](#input\_georeplications) | A list of Azure locations where the container registry should be geo-replicated. | list(object({
location = string
regional_endpoint_enabled = bool
zone_redundancy_enabled = bool
})) | `[]` | no |
+| [georeplications](#input\_georeplications) | A list of Azure locations where the container registry should be geo-replicated. | list(object({
location = string
regional_endpoint_enabled = bool
zone_redundancy_enabled = bool
})) | `[]` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [monitor\_diagnostic\_setting\_enabled](#input\_monitor\_diagnostic\_setting\_enabled) | Enable monitor diagnostic setting | `bool` | `false` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [network\_rule\_bypass\_option](#input\_network\_rule\_bypass\_option) | (Optional) Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices. | `string` | `"AzureServices"` | no |
-| [network\_rule\_set](#input\_network\_rule\_set) | A list of network rule set defined at https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry#network_rule_set | list(object({
default_action = string
ip_rule = list(object({
action = string
ip_range = string
}))
virtual_network = list(object({
action = string
subnet_id = string
}))
})) | [
{
"default_action": "Deny",
"ip_rule": [],
"virtual_network": []
}
]
| no |
-| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable and configure private endpoint with required params | object({
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | {
"private_dns_zone_ids": [
""
],
"subnet_id": null,
"virtual_network_id": null
} | no |
+| [network\_rule\_set](#input\_network\_rule\_set) | A list of network rule set defined at https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry#network_rule_set | list(object({
default_action = string
ip_rule = list(object({
action = string
ip_range = string
}))
virtual_network = list(object({
action = string
subnet_id = string
}))
})) | [
{
"default_action": "Deny",
"ip_rule": [],
"virtual_network": []
}
]
| no |
+| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable and configure private endpoint with required params | object({
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | {
"private_dns_zone_ids": [
""
],
"subnet_id": null,
"virtual_network_id": null
} | no |
| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Enable private endpoint, default: true | `bool` | `true` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Whether public network access is allowed for the container registry. Defaults to true. | `bool` | `false` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
diff --git a/cosmosdb_account/README.md b/cosmosdb_account/README.md
index 2cad4293..0ea58f8d 100644
--- a/cosmosdb_account/README.md
+++ b/cosmosdb_account/README.md
@@ -159,13 +159,13 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
-| [additional\_geo\_locations](#input\_additional\_geo\_locations) | Specifies a list of additional geo\_location resources, used to define where data should be replicated with the failover\_priority 0 specifying the primary location. | list(object({
location = string # The name of the Azure region to host replicated data.
failover_priority = number # Required) The failover priority of the region. A failover priority of 0 indicates a write region. The maximum value for a failover priority = (total number of regions - 1). Failover priority values must be unique for each of the regions in which the database account exists. Changing this causes the location to be re-provisioned and cannot be changed for the location with failover priority 0.
zone_redundant = bool # Should zone redundancy be enabled for this region? Defaults to false.
})) | `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [additional\_geo\_locations](#input\_additional\_geo\_locations) | Specifies a list of additional geo\_location resources, used to define where data should be replicated with the failover\_priority 0 specifying the primary location. | list(object({
location = string # The name of the Azure region to host replicated data.
failover_priority = number # Required) The failover priority of the region. A failover priority of 0 indicates a write region. The maximum value for a failover priority = (total number of regions - 1). Failover priority values must be unique for each of the regions in which the database account exists. Changing this causes the location to be re-provisioned and cannot be changed for the location with failover priority 0.
zone_redundant = bool # Should zone redundancy be enabled for this region? Defaults to false.
})) | `[]` | no |
| [allowed\_virtual\_network\_subnet\_ids](#input\_allowed\_virtual\_network\_subnet\_ids) | The subnets id that are allowed to access this CosmosDB account. | `list(string)` | `[]` | no |
| [backup\_continuous\_enabled](#input\_backup\_continuous\_enabled) | Enable Continuous Backup | `bool` | `true` | no |
-| [backup\_periodic\_enabled](#input\_backup\_periodic\_enabled) | Enable Periodic Backup | object({
interval_in_minutes = string
retention_in_hours = string
storage_redundancy = string
}) | `null` | no |
+| [backup\_periodic\_enabled](#input\_backup\_periodic\_enabled) | Enable Periodic Backup | object({
interval_in_minutes = string
retention_in_hours = string
storage_redundancy = string
}) | `null` | no |
| [capabilities](#input\_capabilities) | The capabilities which should be enabled for this Cosmos DB account. | `list(string)` | `[]` | no |
-| [consistency\_policy](#input\_consistency\_policy) | Specifies a consistency\_policy resource, used to define the consistency policy for this CosmosDB account. | object({
consistency_level = string # The Consistency Level to use for this CosmosDB Account - can be either BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.
max_interval_in_seconds = number # When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 5. Required when consistency_level is set to BoundedStaleness.
max_staleness_prefix = number # When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 100. Required when consistency_level is set to BoundedStaleness.
}) | {
"consistency_level": "BoundedStaleness",
"max_interval_in_seconds": 5,
"max_staleness_prefix": 100
} | no |
+| [consistency\_policy](#input\_consistency\_policy) | Specifies a consistency\_policy resource, used to define the consistency policy for this CosmosDB account. | object({
consistency_level = string # The Consistency Level to use for this CosmosDB Account - can be either BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.
max_interval_in_seconds = number # When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 5. Required when consistency_level is set to BoundedStaleness.
max_staleness_prefix = number # When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 100. Required when consistency_level is set to BoundedStaleness.
}) | {
"consistency_level": "BoundedStaleness",
"max_interval_in_seconds": 5,
"max_staleness_prefix": 100
} | no |
| [domain](#input\_domain) | (Optional) Specifies the domain of the CosmosDB Account. | `string` | n/a | yes |
| [enable\_automatic\_failover](#input\_enable\_automatic\_failover) | Enable automatic fail over for this Cosmos DB account. | `bool` | `true` | no |
| [enable\_free\_tier](#input\_enable\_free\_tier) | Enable Free Tier pricing option for this Cosmos DB account. Defaults to false. Changing this forces a new resource to be created. | `bool` | `true` | no |
diff --git a/cosmosdb_mongodb_collection/README.md b/cosmosdb_mongodb_collection/README.md
index fe133e0a..01d3ae68 100644
--- a/cosmosdb_mongodb_collection/README.md
+++ b/cosmosdb_mongodb_collection/README.md
@@ -65,7 +65,7 @@ No modules.
| [cosmosdb\_mongo\_account\_name](#input\_cosmosdb\_mongo\_account\_name) | The name of the Cosmos DB Mongo Account in which the Cosmos DB Mongo Database exists. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [cosmosdb\_mongo\_database\_name](#input\_cosmosdb\_mongo\_database\_name) | The name of the Cosmos DB Mongo Database in which the Cosmos DB Mongo Collection is created. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [default\_ttl\_seconds](#input\_default\_ttl\_seconds) | The default Time To Live in seconds. If the value is -1 or 0, items are not automatically expired. | `number` | `null` | no |
-| [indexes](#input\_indexes) | One or more indexes. An index with an "\_id" key must be specified. | list(object({
keys = list(string)
unique = bool
})) | n/a | yes |
+| [indexes](#input\_indexes) | One or more indexes. An index with an "\_id" key must be specified. | list(object({
keys = list(string)
unique = bool
})) | n/a | yes |
| [lock\_enable](#input\_lock\_enable) | Apply lock to block accidental deletions. | `bool` | `false` | no |
| [max\_throughput](#input\_max\_throughput) | It will activate the autoscale mode setting the maximum throughput of the MongoDB collection (RU/s). Must be between 4,000 and 1,000,000. Must be set in increments of 1,000. Conflicts with throughput. Switching between autoscale and manual throughput is not supported via Terraform and must be completed via the Azure Portal and refreshed. | `number` | `null` | no |
| [name](#input\_name) | Specifies the name of the Cosmos DB Mongo Collection. Changing this forces a new resource to be created. | `string` | n/a | yes |
diff --git a/cosmosdb_sql_container/README.md b/cosmosdb_sql_container/README.md
index db1a3b6f..b6e075c0 100644
--- a/cosmosdb_sql_container/README.md
+++ b/cosmosdb_sql_container/README.md
@@ -72,7 +72,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [account\_name](#input\_account\_name) | The name of the Cosmos DB Account to create the container within. | `string` | n/a | yes |
-| [autoscale\_settings](#input\_autoscale\_settings) | Autoscale settings for collection | object({
max_throughput = number
}) | `null` | no |
+| [autoscale\_settings](#input\_autoscale\_settings) | Autoscale settings for collection | object({
max_throughput = number
}) | `null` | no |
| [database\_name](#input\_database\_name) | The name of the Cosmos DB SQL Database to create the container within. | `string` | n/a | yes |
| [default\_ttl](#input\_default\_ttl) | The default time to live of SQL container. If missing, items are not expired automatically. | `number` | `null` | no |
| [name](#input\_name) | The name of the Cosmos DB instance. | `string` | n/a | yes |
diff --git a/data_factory/README.md b/data_factory/README.md
index 8037458f..1d44ee48 100644
--- a/data_factory/README.md
+++ b/data_factory/README.md
@@ -25,10 +25,10 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [custom\_domain\_enabled](#input\_custom\_domain\_enabled) | If not null enables custom domain for the private endpoint | `string` | n/a | yes |
-| [github\_conf](#input\_github\_conf) | Configuration of the github repo associated to the data factory | object({
account_name = string
branch_name = string
git_url = string
repository_name = string
root_folder = string
}) | n/a | yes |
+| [github\_conf](#input\_github\_conf) | Configuration of the github repo associated to the data factory | object({
account_name = string
branch_name = string
git_url = string
repository_name = string
root_folder = string
}) | n/a | yes |
| [location](#input\_location) | Azure Location in which the resources are located | `string` | n/a | yes |
| [name](#input\_name) | Short Resource Name, used to customize subresource names | `string` | n/a | yes |
-| [private\_endpoint](#input\_private\_endpoint) | Enable private endpoint with required params | object({
enabled = bool
subnet_id = string
private_dns_zone = object({
id = string
name = string
rg = string
})
}) | n/a | yes |
+| [private\_endpoint](#input\_private\_endpoint) | Enable private endpoint with required params | object({
enabled = bool
subnet_id = string
private_dns_zone = object({
id = string
name = string
rg = string
})
}) | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | Resource Group in which the resources are located | `string` | n/a | yes |
| [resources\_managed\_private\_enpoint](#input\_resources\_managed\_private\_enpoint) | Map of resource to which a data factory must connect via managed private endpoint | `map(string)` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/data_indexer/README.md b/data_indexer/README.md
index 161f97df..e367ec0a 100644
--- a/data_indexer/README.md
+++ b/data_indexer/README.md
@@ -41,14 +41,14 @@ Use the example Terraform template, saved in `./tests`, to test this module and
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [config](#input\_config) | n/a | object({
sku_name = optional(string, "P0v3")
app_settings = optional(map(string), {})
allowed_subnets = optional(list(string), [])
allowed_ips = optional(list(string), [])
docker_registry_url = optional(string, "http://ghcr.io")
cdc_docker_image = optional(string, "pagopa/change-data-capturer-ms")
cdc_docker_image_tag = optional(string, "0.1.0@sha256:94379d99d78062e89353b45d6b463cd7bf80e24869b7d2d1a8b7cbf316fd07e4")
data_ti_docker_image = optional(string, "pagopa/data-ti-ms")
data_ti_docker_image_tag = optional(string, "0.1.0@sha256:dc7b8cee0aa1e22658f61a0d5d19be44202f83f0533f35de2ef0eb87697cdb94")
autoscale_minimum = optional(number, 1)
autoscale_maximum = optional(number, 20)
autoscale_default = optional(number, 5)
json_config_path = string
}) | n/a | yes |
-| [evh\_config](#input\_evh\_config) | The Internal Event Hubs (topics) configuration and related ids | object({
hub_ids = map(string)
topics = set(string)
}) | n/a | yes |
-| [internal\_storage](#input\_internal\_storage) | # Internal Storage | object({
account_kind = optional(string, "StorageV2") # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = optional(string, "Standard") # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = optional(string, "ZRS") # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = optional(string, "Hot") # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
private_dns_zone_blob_ids = optional(list(string), [])
private_dns_zone_queue_ids = optional(list(string), [])
private_dns_zone_table_ids = optional(list(string), [])
private_endpoint_subnet_id = optional(string, "")
}) | n/a | yes |
+| [config](#input\_config) | n/a | object({
sku_name = optional(string, "P0v3")
app_settings = optional(map(string), {})
allowed_subnets = optional(list(string), [])
allowed_ips = optional(list(string), [])
docker_registry_url = optional(string, "http://ghcr.io")
cdc_docker_image = optional(string, "pagopa/change-data-capturer-ms")
cdc_docker_image_tag = optional(string, "0.1.0@sha256:94379d99d78062e89353b45d6b463cd7bf80e24869b7d2d1a8b7cbf316fd07e4")
data_ti_docker_image = optional(string, "pagopa/data-ti-ms")
data_ti_docker_image_tag = optional(string, "0.1.0@sha256:dc7b8cee0aa1e22658f61a0d5d19be44202f83f0533f35de2ef0eb87697cdb94")
autoscale_minimum = optional(number, 1)
autoscale_maximum = optional(number, 20)
autoscale_default = optional(number, 5)
json_config_path = string
}) | n/a | yes |
+| [evh\_config](#input\_evh\_config) | The Internal Event Hubs (topics) configuration and related ids | object({
hub_ids = map(string)
topics = set(string)
}) | n/a | yes |
+| [internal\_storage](#input\_internal\_storage) | # Internal Storage | object({
account_kind = optional(string, "StorageV2") # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = optional(string, "Standard") # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = optional(string, "ZRS") # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = optional(string, "Hot") # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
private_dns_zone_blob_ids = optional(list(string), [])
private_dns_zone_queue_ids = optional(list(string), [])
private_dns_zone_table_ids = optional(list(string), [])
private_endpoint_subnet_id = optional(string, "")
}) | n/a | yes |
| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"northitaly"` | no |
| [name](#input\_name) | (Required) Specifies the name of the App Service. Changing this forces a new resource to be created. | `string` | n/a | yes |
-| [subnet](#input\_subnet) | n/a | object({
address_prefixes = list(string)
service_endpoints = optional(list(string), [
"Microsoft.Web",
"Microsoft.AzureCosmosDB",
"Microsoft.Storage",
"Microsoft.Sql",
"Microsoft.EventHub"
])
}) | n/a | yes |
+| [subnet](#input\_subnet) | n/a | object({
address_prefixes = list(string)
service_endpoints = optional(list(string), [
"Microsoft.Web",
"Microsoft.AzureCosmosDB",
"Microsoft.Storage",
"Microsoft.Sql",
"Microsoft.EventHub"
])
}) | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
-| [virtual\_network](#input\_virtual\_network) | n/a | object({
name = string
resource_group_name = string
}) | n/a | yes |
+| [virtual\_network](#input\_virtual\_network) | n/a | object({
name = string
resource_group_name = string
}) | n/a | yes |
## Outputs
diff --git a/dns_forwarder_scale_set_vm/README.md b/dns_forwarder_scale_set_vm/README.md
index c1fb56c5..3ca90087 100644
--- a/dns_forwarder_scale_set_vm/README.md
+++ b/dns_forwarder_scale_set_vm/README.md
@@ -67,7 +67,7 @@ No modules.
| [capacity\_maximum\_count](#input\_capacity\_maximum\_count) | (Required) The maximum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no |
| [capacity\_minimum\_count](#input\_capacity\_minimum\_count) | (Required) The minimum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no |
| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no |
-| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
| [name](#input\_name) | (Required) The name of the Linux Virtual Machine Scale Set. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group in which the Linux Virtual Machine Scale Set should be exist. Changing this forces a new resource to be created. | `string` | n/a | yes |
diff --git a/elastic_agent/README.md b/elastic_agent/README.md
index c5c924fd..4571e417 100644
--- a/elastic_agent/README.md
+++ b/elastic_agent/README.md
@@ -31,12 +31,12 @@ No modules.
## Inputs
-| Name | Description | Type | Default | Required |
-|---------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|----------------|--------------------|:--------:|
-| [es\_host](#input\_es\_host) | Elastic Host | `string` | n/a | yes |
-| [dedicated\_log\_instance\_name](#input\_dedicated\_log\_instance\_name) | n/a | `list(string)` | n/a | yes |
-| [eck\_version](#input\_eck\_version) | ECK (Elastic Cloud on Kubernetes) version, see: https://www.elastic.co/guide/en/cloud-on-k8s/index.html for futher versions | `string` | n/a | yes |
-| [namespace](#input\_namespace) | Namespace for ECK Operator | `string` | `"elastic-system"` | no |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [dedicated\_log\_instance\_name](#input\_dedicated\_log\_instance\_name) | n/a | `list(string)` | n/a | yes |
+| [eck\_version](#input\_eck\_version) | ECK (Elastic Cloud on Kubernetes) version, see: https://www.elastic.co/guide/en/cloud-on-k8s/index.html for futher versions | `string` | n/a | yes |
+| [es\_host](#input\_es\_host) | Elastic Host | `string` | n/a | yes |
+| [namespace](#input\_namespace) | Namespace for ECK Operator | `string` | `"elastic-system"` | no |
## Outputs
diff --git a/elastic_agent/main.tf b/elastic_agent/main.tf
index 797b4142..bd75225e 100644
--- a/elastic_agent/main.tf
+++ b/elastic_agent/main.tf
@@ -10,7 +10,7 @@ locals {
#https://raw.githubusercontent.com/elastic/elastic-agent/8.9/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml
agent_yaml = templatefile("${path.module}/yaml/${var.eck_version}/agent.yaml", {
- es_host = var.es_host
+ es_host = var.es_host
namespace = var.namespace
dedicated_log_instance_name = var.dedicated_log_instance_name
logs_general_to_exclude_paths = local.logs_general_to_exclude_paths
diff --git a/elastic_agent/variables.tf b/elastic_agent/variables.tf
index c8f7f9a9..9f901aa5 100644
--- a/elastic_agent/variables.tf
+++ b/elastic_agent/variables.tf
@@ -1,6 +1,6 @@
variable "es_host" {
description = "Elastic Host"
- type = string
+ type = string
}
variable "namespace" {
diff --git a/elastic_stack/README.md b/elastic_stack/README.md
index c375c39d..55769c13 100644
--- a/elastic_stack/README.md
+++ b/elastic_stack/README.md
@@ -57,7 +57,7 @@ No modules.
| [kibana\_external\_domain](#input\_kibana\_external\_domain) | Kibana external domain | `string` | n/a | yes |
| [kibana\_internal\_hostname](#input\_kibana\_internal\_hostname) | Kibana internal hostname | `string` | n/a | yes |
| [namespace](#input\_namespace) | Namespace for ECK Operator | `string` | `"elastic-system"` | no |
-| [nodeset\_config](#input\_nodeset\_config) | n/a | map(object({
count = string
roles = list(string)
storage = string
storageClassName = string
requestMemory = string
requestCPU = string
limitsMemory = string
limitsCPU = string
})) | {
"default": {
"count": 1,
"limitsCPU": "1",
"limitsMemory": "2Gi",
"requestCPU": "1",
"requestMemory": "2Gi",
"roles": [
"master",
"data",
"data_content",
"data_hot",
"data_warm",
"data_cold",
"data_frozen",
"ingest",
"ml",
"remote_cluster_client",
"transform"
],
"storage": "5Gi",
"storageClassName": "standard"
}
} | no |
+| [nodeset\_config](#input\_nodeset\_config) | n/a | map(object({
count = string
roles = list(string)
storage = string
storageClassName = string
requestMemory = string
requestCPU = string
limitsMemory = string
limitsCPU = string
})) | {
"default": {
"count": 1,
"limitsCPU": "1",
"limitsMemory": "2Gi",
"requestCPU": "1",
"requestMemory": "2Gi",
"roles": [
"master",
"data",
"data_content",
"data_hot",
"data_warm",
"data_cold",
"data_frozen",
"ingest",
"ml",
"remote_cluster_client",
"transform"
],
"storage": "5Gi",
"storageClassName": "standard"
}
} | no |
| [secret\_name](#input\_secret\_name) | Secret certificate name | `string` | n/a | yes |
| [snapshot\_secret\_name](#input\_snapshot\_secret\_name) | n/a | `string` | n/a | yes |
| [tenant\_id](#input\_tenant\_id) | Tenant ID for azure | `string` | `"7788edaf-0346-4068-9d79-c868aed15b3d"` | no |
diff --git a/eventhub/README.md b/eventhub/README.md
index 7362441d..2a265572 100644
--- a/eventhub/README.md
+++ b/eventhub/README.md
@@ -55,22 +55,22 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
| [auto\_inflate\_enabled](#input\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | `false` | no |
| [capacity](#input\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | `null` | no |
-| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
| [internal\_private\_dns\_zone\_created](#input\_internal\_private\_dns\_zone\_created) | (Deprecated: create a standalone dns zone) Choose to allow the creation of the dns zone | `bool` | `false` | no |
| [internal\_private\_dns\_zone\_resource\_group\_name](#input\_internal\_private\_dns\_zone\_resource\_group\_name) | (Deprecated: create a standalone dns zone) Name of the resource group record in the private dns zone | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [maximum\_throughput\_units](#input\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | `null` | no |
-| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
description = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
description = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
| [metric\_alerts\_create](#input\_metric\_alerts\_create) | Create metric alerts | `bool` | `true` | no |
| [minimum\_tls\_version](#input\_minimum\_tls\_version) | (Optional) The minimum supported TLS version for this EventHub Namespace. Valid values are: 1.0, 1.1 and 1.2. The current default minimum TLS version is 1.2. | `string` | `"1.2"` | no |
| [name](#input\_name) | Eventhub namespace description. | `string` | n/a | yes |
-| [network\_rulesets](#input\_network\_rulesets) | n/a | list(object({
default_action = string # (Required) The default action to take when a rule is not matched. Possible values are Allow and Deny.
virtual_network_rule = list(object({
subnet_id = string # (Required) The id of the subnet to match on.
ignore_missing_virtual_network_service_endpoint = bool # (Optional) Are missing virtual network service endpoints ignored?
}))
ip_rule = list(object({
ip_mask = string # (Required) The IP mask to match on.
action = string # (Optional) The action to take when the rule is matched. Possible values are Allow. Defaults to Allow.
}))
trusted_service_access_enabled = bool #Whether Trusted Microsoft Services are allowed to bypass firewall.
})) | `[]` | no |
+| [network\_rulesets](#input\_network\_rulesets) | n/a | list(object({
default_action = string # (Required) The default action to take when a rule is not matched. Possible values are Allow and Deny.
virtual_network_rule = list(object({
subnet_id = string # (Required) The id of the subnet to match on.
ignore_missing_virtual_network_service_endpoint = bool # (Optional) Are missing virtual network service endpoints ignored?
}))
ip_rule = list(object({
ip_mask = string # (Required) The IP mask to match on.
action = string # (Optional) The action to take when the rule is matched. Possible values are Allow. Defaults to Allow.
}))
trusted_service_access_enabled = bool #Whether Trusted Microsoft Services are allowed to bypass firewall.
})) | `[]` | no |
| [private\_dns\_zone\_record\_A\_name](#input\_private\_dns\_zone\_record\_A\_name) | Name of the A record in the private dns zone | `string` | `"eventhub"` | no |
-| [private\_dns\_zones](#input\_private\_dns\_zones) | Private DNS Zones where the private endpoint will be created | object({
id = list(string)
name = list(string)
resource_group_name = string
}) | {
"id": [],
"name": [],
"resource_group_name": ""
} | no |
+| [private\_dns\_zones](#input\_private\_dns\_zones) | Private DNS Zones where the private endpoint will be created | object({
id = list(string)
name = list(string)
resource_group_name = string
}) | {
"id": [],
"name": [],
"resource_group_name": ""
} | no |
| [private\_endpoint\_created](#input\_private\_endpoint\_created) | Choose to allow the creation of the private endpoint | `bool` | n/a | yes |
| [private\_endpoint\_resource\_group\_name](#input\_private\_endpoint\_resource\_group\_name) | Name of the resource group where the private endpoint will be created | `string` | `null` | no |
| [private\_endpoint\_subnet\_id](#input\_private\_endpoint\_subnet\_id) | The id of the subnet that will be used for the private endpoint. | `string` | `null` | no |
diff --git a/eventhub_configuration/README.md b/eventhub_configuration/README.md
index 63e13f4f..82ce0656 100644
--- a/eventhub_configuration/README.md
+++ b/eventhub_configuration/README.md
@@ -33,7 +33,7 @@ No modules.
|------|-------------|------|---------|:--------:|
| [event\_hub\_namespace\_name](#input\_event\_hub\_namespace\_name) | EventHub namespace name | `string` | n/a | yes |
| [event\_hub\_namespace\_resource\_group\_name](#input\_event\_hub\_namespace\_resource\_group\_name) | EventHub namespace resource group name | `string` | n/a | yes |
-| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
## Outputs
diff --git a/function_app/README.md b/function_app/README.md
index 08131209..b1fd1e34 100644
--- a/function_app/README.md
+++ b/function_app/README.md
@@ -240,20 +240,20 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [allowed\_ips](#input\_allowed\_ips) | The IP Address used for this IP Restriction in CIDR notation | `list(string)` | `[]` | no |
| [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the function app endpoint. | `list(string)` | `[]` | no |
| [allowed\_subnets](#input\_allowed\_subnets) | List of subnet ids, The Virtual Network Subnet ID used for this IP Restriction. | `list(string)` | `[]` | no |
| [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to null. | `bool` | `null` | no |
-| [app\_service\_logs](#input\_app\_service\_logs) | disk\_quota\_mb - (Optional) The amount of disk space to use for logs. Valid values are between 25 and 100. Defaults to 35. retention\_period\_days - (Optional) The retention period for logs in days. Valid values are between 0 and 99999.(never delete). | object({
disk_quota_mb = number
retention_period_days = number
}) | `null` | no |
+| [app\_service\_logs](#input\_app\_service\_logs) | disk\_quota\_mb - (Optional) The amount of disk space to use for logs. Valid values are between 25 and 100. Defaults to 35. retention\_period\_days - (Optional) The retention period for logs in days. Valid values are between 0 and 99999.(never delete). | object({
disk_quota_mb = number
retention_period_days = number
}) | `null` | no |
| [app\_service\_plan\_id](#input\_app\_service\_plan\_id) | The external app service plan id to associate to the function. If null a new plan is created, use app\_service\_plan\_info to configure it. | `string` | `null` | no |
-| [app\_service\_plan\_info](#input\_app\_service\_plan\_info) | Allows to configurate the internal service plan | object({
kind = string # The kind of the App Service Plan to create. Possible values are Windows (also available as App), Linux, elastic (for Premium Consumption) and FunctionApp (for a Consumption Plan).
sku_size = string # Specifies the plan's instance size.
maximum_elastic_worker_count = number # The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan.
worker_count = number # The number of Workers (instances) to be allocated.
zone_balancing_enabled = bool # Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created.
}) | {
"kind": "Linux",
"maximum_elastic_worker_count": 0,
"sku_size": "P1v3",
"worker_count": 0,
"zone_balancing_enabled": false
} | no |
+| [app\_service\_plan\_info](#input\_app\_service\_plan\_info) | Allows to configurate the internal service plan | object({
kind = string # The kind of the App Service Plan to create. Possible values are Windows (also available as App), Linux, elastic (for Premium Consumption) and FunctionApp (for a Consumption Plan).
sku_size = string # Specifies the plan's instance size.
maximum_elastic_worker_count = number # The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan.
worker_count = number # The number of Workers (instances) to be allocated.
zone_balancing_enabled = bool # Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created.
}) | {
"kind": "Linux",
"maximum_elastic_worker_count": 0,
"sku_size": "P1v3",
"worker_count": 0,
"zone_balancing_enabled": false
} | no |
| [app\_service\_plan\_name](#input\_app\_service\_plan\_name) | Name of the app service plan. If null it will be 'computed' | `string` | `null` | no |
| [app\_settings](#input\_app\_settings) | (Optional) A map of key-value pairs for App Settings and custom values. | `map(any)` | `{}` | no |
| [application\_insights\_instrumentation\_key](#input\_application\_insights\_instrumentation\_key) | Application insights instrumentation key | `string` | n/a | yes |
| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
| [client\_certificate\_mode](#input\_client\_certificate\_mode) | (Optional) The mode of the Function App's client certificates requirement for incoming requests. Possible values are Required, Optional, and OptionalInteractiveUser. | `string` | `"Optional"` | no |
-| [cors](#input\_cors) | n/a | object({
allowed_origins = list(string) # A list of origins which should be able to make cross-origin calls. * can be used to allow all calls.
}) | `null` | no |
+| [cors](#input\_cors) | n/a | object({
allowed_origins = list(string) # A list of origins which should be able to make cross-origin calls. * can be used to allow all calls.
}) | `null` | no |
| [docker](#input\_docker) | ##################### Framework choice ##################### | `any` | `{}` | no |
| [domain](#input\_domain) | Specifies the domain of the Function App. | `string` | `null` | no |
| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
@@ -264,8 +264,8 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| [health\_check\_path](#input\_health\_check\_path) | Path which will be checked for this function app health. | `string` | `null` | no |
| [healthcheck\_threshold](#input\_healthcheck\_threshold) | The healthcheck threshold. If metric average is under this value, the alert will be triggered. Default is 50 | `number` | `50` | no |
| [https\_only](#input\_https\_only) | (Required) Can the Function App only be accessed via HTTPS?. Defaults true | `bool` | `true` | no |
-| [internal\_storage](#input\_internal\_storage) | n/a | object({
enable = bool
private_endpoint_subnet_id = string
private_dns_zone_blob_ids = list(string)
private_dns_zone_queue_ids = list(string)
private_dns_zone_table_ids = list(string)
queues = list(string) # Queues names
containers = list(string) # Containers names
blobs_retention_days = number
}) | {
"blobs_retention_days": 1,
"containers": [],
"enable": false,
"private_dns_zone_blob_ids": [],
"private_dns_zone_queue_ids": [],
"private_dns_zone_table_ids": [],
"private_endpoint_subnet_id": "dummy",
"queues": []
} | no |
-| [internal\_storage\_account\_info](#input\_internal\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | `null` | no |
+| [internal\_storage](#input\_internal\_storage) | n/a | object({
enable = bool
private_endpoint_subnet_id = string
private_dns_zone_blob_ids = list(string)
private_dns_zone_queue_ids = list(string)
private_dns_zone_table_ids = list(string)
queues = list(string) # Queues names
containers = list(string) # Containers names
blobs_retention_days = number
}) | {
"blobs_retention_days": 1,
"containers": [],
"enable": false,
"private_dns_zone_blob_ids": [],
"private_dns_zone_queue_ids": [],
"private_dns_zone_table_ids": [],
"private_endpoint_subnet_id": "dummy",
"queues": []
} | no |
+| [internal\_storage\_account\_info](#input\_internal\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | `null` | no |
| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | (Optional) The Default action for traffic that does not match any ip\_restriction rule. possible values include 'Allow' and 'Deny'. If not set, it will be set to Allow if no ip restriction rules have been configured. | `string` | `null` | no |
| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
@@ -279,7 +279,7 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| [sticky\_app\_setting\_names](#input\_sticky\_app\_setting\_names) | (Optional) A list of app\_setting names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `[]` | no |
| [sticky\_connection\_string\_names](#input\_sticky\_connection\_string\_names) | (Optional) A list of connection string names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `null` | no |
| [storage\_account\_durable\_name](#input\_storage\_account\_durable\_name) | Storage account name only used by the durable function. If null it will be 'computed' | `string` | `null` | no |
-| [storage\_account\_info](#input\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | {
"access_tier": "Hot",
"account_kind": "StorageV2",
"account_replication_type": "ZRS",
"account_tier": "Standard",
"advanced_threat_protection_enable": true,
"public_network_access_enabled": false,
"use_legacy_defender_version": true
} | no |
+| [storage\_account\_info](#input\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | {
"access_tier": "Hot",
"account_kind": "StorageV2",
"account_replication_type": "ZRS",
"account_tier": "Standard",
"advanced_threat_protection_enable": true,
"public_network_access_enabled": false,
"use_legacy_defender_version": true
} | no |
| [storage\_account\_name](#input\_storage\_account\_name) | Storage account name. If null it will be 'computed' | `string` | `null` | no |
| [subnet\_id](#input\_subnet\_id) | The ID of the subnet the app service will be associated to (the subnet must have a service\_delegation configured for Microsoft.Web/serverFarms) | `string` | n/a | yes |
| [system\_identity\_enabled](#input\_system\_identity\_enabled) | Enable the System Identity and create relative Service Principal. | `bool` | `false` | no |
diff --git a/github_federated_identity/README.md b/github_federated_identity/README.md
index a3717a53..e968bacc 100644
--- a/github_federated_identity/README.md
+++ b/github_federated_identity/README.md
@@ -86,11 +86,11 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [app\_name](#input\_app\_name) | Application name | `string` | `""` | no |
-| [cd\_rbac\_roles](#input\_cd\_rbac\_roles) | Set of CD identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Contributor"
]
} | no |
-| [ci\_rbac\_roles](#input\_ci\_rbac\_roles) | Set of CI identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Reader"
]
} | no |
+| [cd\_rbac\_roles](#input\_cd\_rbac\_roles) | Set of CD identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Contributor"
]
} | no |
+| [ci\_rbac\_roles](#input\_ci\_rbac\_roles) | Set of CI identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Reader"
]
} | no |
| [domain](#input\_domain) | App domain name | `string` | `""` | no |
| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
-| [github\_federations](#input\_github\_federations) | GitHub Organization, repository name and scope permissions | list(object({
org = optional(string, "pagopa")
repository = string
audience = optional(set(string), ["api://AzureADTokenExchange"])
issuer = optional(string, "https://token.actions.githubusercontent.com")
credentials_scope = optional(string, "environment")
subject = string
})) | n/a | yes |
+| [github\_federations](#input\_github\_federations) | GitHub Organization, repository name and scope permissions | list(object({
org = optional(string, "pagopa")
repository = string
audience = optional(set(string), ["api://AzureADTokenExchange"])
issuer = optional(string, "https://token.actions.githubusercontent.com")
credentials_scope = optional(string, "environment")
subject = string
})) | n/a | yes |
| [identity\_role](#input\_identity\_role) | Identity role should be either ci or cd | `string` | n/a | yes |
| [prefix](#input\_prefix) | Project prefix | `string` | n/a | yes |
| [tags](#input\_tags) | Identity tags | `map(any)` | n/a | yes |
diff --git a/jwt_keys/README.md b/jwt_keys/README.md
index 336dc2a2..364e99d3 100644
--- a/jwt_keys/README.md
+++ b/jwt_keys/README.md
@@ -63,7 +63,7 @@ No modules.
| [early\_renewal\_hours](#input\_early\_renewal\_hours) | n/a | `number` | `720` | no |
| [jwt\_name](#input\_jwt\_name) | n/a | `string` | n/a | yes |
| [key\_vault\_id](#input\_key\_vault\_id) | n/a | `string` | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
## Outputs
diff --git a/kubernetes_cluster/README.md b/kubernetes_cluster/README.md
index 9eaf6f51..f28c5650 100644
--- a/kubernetes_cluster/README.md
+++ b/kubernetes_cluster/README.md
@@ -692,21 +692,21 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [aad\_admin\_group\_ids](#input\_aad\_admin\_group\_ids) | IDs of the Azure AD group for cluster-admin access | `list(string)` | n/a | yes |
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [addon\_azure\_key\_vault\_secrets\_provider\_enabled](#input\_addon\_azure\_key\_vault\_secrets\_provider\_enabled) | Should the Azure Secrets Store CSI addon be enabled for this Node Pool? | `bool` | `false` | no |
| [addon\_azure\_pod\_identity\_enabled](#input\_addon\_azure\_pod\_identity\_enabled) | Should the AAD pod-managed identities be enabled for this Node Pool? | `bool` | `false` | no |
| [addon\_azure\_policy\_enabled](#input\_addon\_azure\_policy\_enabled) | Should the Azure Policy addon be enabled for this Node Pool? | `bool` | `false` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
| [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. | `string` | `null` | no |
-| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"node_cpu_usage_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_cpu_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_disk_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_memory_working_set_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_memory_working_set_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status2",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_node_status_condition",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
},
{
"name": "namespace",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_pod_status_phase",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
}
} | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"node_cpu_usage_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_cpu_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_disk_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_memory_working_set_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_memory_working_set_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status2",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_node_status_condition",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
},
{
"name": "namespace",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_pod_status_phase",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
}
} | no |
| [dns\_prefix](#input\_dns\_prefix) | (Required) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [kubernetes\_version](#input\_kubernetes\_version) | (Required) Version of Kubernetes specified when creating the AKS managed cluster. | `string` | n/a | yes |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics Workspace which the OMS Agent should send data to. | `string` | `null` | no |
| [microsoft\_defender\_log\_analytics\_workspace\_id](#input\_microsoft\_defender\_log\_analytics\_workspace\_id) | Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to | `string` | `null` | no |
| [name](#input\_name) | (Required) Cluster name | `string` | n/a | yes |
-| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
dns_service_ip = optional(string, "10.2.0.10") # e.g. '10.2.0.10'. IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns)
network_policy = optional(string, "azure") # e.g. 'azure'. Sets up network policy to be used with Azure CNI. Currently supported values are calico and azure.
network_plugin = optional(string, "azure") # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
network_plugin_mode = optional(string, null) # e.g. 'azure'. Network plugin mode to use for networking. Currently supported value is overlay
outbound_type = optional(string, "loadBalancer") # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
service_cidr = optional(string, "10.2.0.0/16") # e.g. '10.2.0.0/16'. The Network Range used by the Kubernetes service
network_data_plane = optional(string, "azure") # e.g. 'azure'. (Optional) Specifies the data plane used for building the Kubernetes network. Possible values are azure and cilium. Defaults to azure. Disabling this forces a new resource to be created.
}) | {
"dns_service_ip": "10.2.0.10",
"network_data_plane": "azure",
"network_plugin": "azure",
"network_plugin_mode": null,
"network_policy": "azure",
"outbound_type": "loadBalancer",
"service_cidr": "10.2.0.0/16"
} | no |
+| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
dns_service_ip = optional(string, "10.2.0.10") # e.g. '10.2.0.10'. IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns)
network_policy = optional(string, "azure") # e.g. 'azure'. Sets up network policy to be used with Azure CNI. Currently supported values are calico and azure.
network_plugin = optional(string, "azure") # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
network_plugin_mode = optional(string, null) # e.g. 'azure'. Network plugin mode to use for networking. Currently supported value is overlay
outbound_type = optional(string, "loadBalancer") # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
service_cidr = optional(string, "10.2.0.0/16") # e.g. '10.2.0.0/16'. The Network Range used by the Kubernetes service
network_data_plane = optional(string, "azure") # e.g. 'azure'. (Optional) Specifies the data plane used for building the Kubernetes network. Possible values are azure and cilium. Defaults to azure. Disabling this forces a new resource to be created.
}) | {
"dns_service_ip": "10.2.0.10",
"network_data_plane": "azure",
"network_plugin": "azure",
"network_plugin_mode": null,
"network_policy": "azure",
"outbound_type": "loadBalancer",
"service_cidr": "10.2.0.0/16"
} | no |
| [oidc\_issuer\_enabled](#input\_oidc\_issuer\_enabled) | (Optional) Enable or Disable the OIDC issuer URL | `bool` | `false` | no |
| [oms\_agent\_monitoring\_metrics\_role\_assignment\_enabled](#input\_oms\_agent\_monitoring\_metrics\_role\_assignment\_enabled) | Enabled oms agent monitoring metrics roles | `bool` | `true` | no |
| [oms\_agent\_msi\_auth\_for\_monitoring\_enabled](#input\_oms\_agent\_msi\_auth\_for\_monitoring\_enabled) | (Optional) Is managed identity authentication for monitoring enabled? Default false | `bool` | `false` | no |
@@ -721,7 +721,7 @@ No modules.
| [storage\_profile\_disk\_driver\_version](#input\_storage\_profile\_disk\_driver\_version) | (Optional) Disk CSI Driver version to be used. Possible values are v1 and v2. Defaults to v1 | `string` | `"v1"` | no |
| [storage\_profile\_file\_driver\_enabled](#input\_storage\_profile\_file\_driver\_enabled) | (Optional) Is the File CSI driver enabled? Defaults to true | `bool` | `true` | no |
| [storage\_profile\_snapshot\_controller\_enabled](#input\_storage\_profile\_snapshot\_controller\_enabled) | (Optional) Is the Snapshot Controller enabled? Defaults to true | `bool` | `true` | no |
-| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
+| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
| [system\_node\_pool\_enable\_host\_encryption](#input\_system\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `true` | no |
| [system\_node\_pool\_max\_pods](#input\_system\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no |
| [system\_node\_pool\_name](#input\_system\_node\_pool\_name) | (Required) The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created. | `string` | n/a | yes |
@@ -737,7 +737,7 @@ No modules.
| [system\_node\_pool\_vm\_size](#input\_system\_node\_pool\_vm\_size) | (Required) The size of the Virtual Machine, such as Standard\_B4ms or Standard\_D4s\_vX. See https://pagopa.atlassian.net/wiki/spaces/DEVOPS/pages/134840344/Best+practice+su+prodotti | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
| [upgrade\_settings\_max\_surge](#input\_upgrade\_settings\_max\_surge) | The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade. | `string` | `"33%"` | no |
-| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
+| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
| [user\_node\_pool\_enable\_host\_encryption](#input\_user\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `false` | no |
| [user\_node\_pool\_enabled](#input\_user\_node\_pool\_enabled) | Is user node pool enabled? | `bool` | `false` | no |
| [user\_node\_pool\_max\_pods](#input\_user\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no |
diff --git a/kubernetes_cluster_udr/README.md b/kubernetes_cluster_udr/README.md
index f717f7f5..897280c5 100644
--- a/kubernetes_cluster_udr/README.md
+++ b/kubernetes_cluster_udr/README.md
@@ -685,15 +685,15 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [aad\_admin\_group\_ids](#input\_aad\_admin\_group\_ids) | IDs of the Azure AD group for cluster-admin access | `list(string)` | n/a | yes |
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [addon\_azure\_key\_vault\_secrets\_provider\_enabled](#input\_addon\_azure\_key\_vault\_secrets\_provider\_enabled) | Should the Azure Secrets Store CSI addon be enabled for this Node Pool? | `bool` | `false` | no |
| [addon\_azure\_pod\_identity\_enabled](#input\_addon\_azure\_pod\_identity\_enabled) | Should the AAD pod-managed identities be enabled for this Node Pool? | `bool` | `false` | no |
| [addon\_azure\_policy\_enabled](#input\_addon\_azure\_policy\_enabled) | Should the Azure Policy addon be enabled for this Node Pool? | `bool` | `false` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
| [api\_server\_authorized\_ip\_ranges](#input\_api\_server\_authorized\_ip\_ranges) | The IP ranges to whitelist for incoming traffic to the masters. | `list(string)` | `[]` | no |
| [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. | `string` | `null` | no |
-| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"container_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_oom": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "oomKilledContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"container_restart": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "restartingContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"node_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuUsagePercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "DiskUsedPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT5M",
"metric_name": "nodesCount",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
}
],
"frequency": "PT5M",
"metric_name": "podCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "PodReadyPercentage",
"metric_namespace": "Insights.Container/pods",
"operator": "LessThan",
"threshold": 80,
"window_size": "PT30M"
}
} | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"container_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_oom": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "oomKilledContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"container_restart": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "restartingContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"node_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuUsagePercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "DiskUsedPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT5M",
"metric_name": "nodesCount",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
}
],
"frequency": "PT5M",
"metric_name": "podCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "PodReadyPercentage",
"metric_namespace": "Insights.Container/pods",
"operator": "LessThan",
"threshold": 80,
"window_size": "PT30M"
}
} | no |
| [disk\_encryption\_set\_id](#input\_disk\_encryption\_set\_id) | ID of the disk EncryptionSet . | `string` | `null` | no |
| [dns\_prefix](#input\_dns\_prefix) | (Required) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [dns\_prefix\_private\_cluster](#input\_dns\_prefix\_private\_cluster) | Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created. | `string` | `null` | no |
@@ -702,7 +702,7 @@ No modules.
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics Workspace which the OMS Agent should send data to. | `string` | `null` | no |
| [microsoft\_defender\_log\_analytics\_workspace\_id](#input\_microsoft\_defender\_log\_analytics\_workspace\_id) | Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to | `string` | `null` | no |
| [name](#input\_name) | (Required) Cluster name | `string` | n/a | yes |
-| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
network_plugin = string # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
outbound_type = string # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
network_plugin_mode = string
}) | {
"network_plugin": "azure",
"network_plugin_mode": "Overlay",
"outbound_type": "userDefinedRouting"
} | no |
+| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
network_plugin = string # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
outbound_type = string # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
network_plugin_mode = string
}) | {
"network_plugin": "azure",
"network_plugin_mode": "Overlay",
"outbound_type": "userDefinedRouting"
} | no |
| [outbound\_ip\_address\_ids](#input\_outbound\_ip\_address\_ids) | The ID of the Public IP Addresses which should be used for outbound communication for the cluster load balancer. | `list(string)` | `[]` | no |
| [private\_cluster\_enabled](#input\_private\_cluster\_enabled) | (Optional) Provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. | `bool` | `false` | no |
| [rbac\_enabled](#input\_rbac\_enabled) | Is Role Based Access Control Enabled? | `bool` | `true` | no |
@@ -710,7 +710,7 @@ No modules.
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sku\_tier](#input\_sku\_tier) | (Optional) The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free and Paid (which includes the Uptime SLA) | `string` | `"Free"` | no |
-| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
+| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
| [system\_node\_pool\_enable\_host\_encryption](#input\_system\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `true` | no |
| [system\_node\_pool\_max\_pods](#input\_system\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no |
| [system\_node\_pool\_name](#input\_system\_node\_pool\_name) | (Required) The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created. | `string` | n/a | yes |
@@ -725,7 +725,7 @@ No modules.
| [system\_node\_pool\_vm\_size](#input\_system\_node\_pool\_vm\_size) | (Required) The size of the Virtual Machine, such as Standard\_B4ms or Standard\_D4s\_vX. See https://pagopa.atlassian.net/wiki/spaces/DEVOPS/pages/134840344/Best+practice+su+prodotti | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
| [upgrade\_settings\_max\_surge](#input\_upgrade\_settings\_max\_surge) | The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade. | `string` | `"33%"` | no |
-| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
+| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` | [
"1",
"2",
"3"
]
| no |
| [user\_node\_pool\_enable\_host\_encryption](#input\_user\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `false` | no |
| [user\_node\_pool\_enabled](#input\_user\_node\_pool\_enabled) | Is user node pool enabled? | `bool` | `false` | no |
| [user\_node\_pool\_max\_pods](#input\_user\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no |
diff --git a/kubernetes_prometheus_install/README.md b/kubernetes_prometheus_install/README.md
index 35ea8a0f..bfdffacd 100644
--- a/kubernetes_prometheus_install/README.md
+++ b/kubernetes_prometheus_install/README.md
@@ -42,7 +42,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [prometheus\_helm](#input\_prometheus\_helm) | Prometheus helm chart configuration | object({
chart_version = optional(string, "25.24.1")
server = object({
image_name = optional(string, "quay.io/prometheus/prometheus"),
image_tag = optional(string, "v2.53.1"),
}),
alertmanager = object({
image_name = optional(string, "quay.io/prometheus/alertmanager"),
image_tag = optional(string, "v0.27.0"),
}),
node_exporter = object({
image_name = optional(string, "quay.io/prometheus/node-exporter"),
image_tag = optional(string, "v1.8.2"),
}),
configmap_reload_prometheus = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
configmap_reload_alertmanager = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
pushgateway = object({
image_name = optional(string, "prom/pushgateway"),
image_tag = optional(string, "v1.9.0"),
}),
}) | {
"alertmanager": {
"image_name": "quay.io/prometheus/alertmanager",
"image_tag": "v0.27.0"
},
"chart_version": "25.24.1",
"configmap_reload_alertmanager": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"configmap_reload_prometheus": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"node_exporter": {
"image_name": "quay.io/prometheus/node-exporter",
"image_tag": "v1.8.2"
},
"pushgateway": {
"image_name": "prom/pushgateway",
"image_tag": "v1.9.0"
},
"server": {
"image_name": "quay.io/prometheus/prometheus",
"image_tag": "v2.53.1"
}
} | no |
+| [prometheus\_helm](#input\_prometheus\_helm) | Prometheus helm chart configuration | object({
chart_version = optional(string, "25.24.1")
server = object({
image_name = optional(string, "quay.io/prometheus/prometheus"),
image_tag = optional(string, "v2.53.1"),
}),
alertmanager = object({
image_name = optional(string, "quay.io/prometheus/alertmanager"),
image_tag = optional(string, "v0.27.0"),
}),
node_exporter = object({
image_name = optional(string, "quay.io/prometheus/node-exporter"),
image_tag = optional(string, "v1.8.2"),
}),
configmap_reload_prometheus = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
configmap_reload_alertmanager = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
pushgateway = object({
image_name = optional(string, "prom/pushgateway"),
image_tag = optional(string, "v1.9.0"),
}),
}) | {
"alertmanager": {
"image_name": "quay.io/prometheus/alertmanager",
"image_tag": "v0.27.0"
},
"chart_version": "25.24.1",
"configmap_reload_alertmanager": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"configmap_reload_prometheus": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"node_exporter": {
"image_name": "quay.io/prometheus/node-exporter",
"image_tag": "v1.8.2"
},
"pushgateway": {
"image_name": "prom/pushgateway",
"image_tag": "v1.9.0"
},
"server": {
"image_name": "quay.io/prometheus/prometheus",
"image_tag": "v2.53.1"
}
} | no |
| [prometheus\_namespace](#input\_prometheus\_namespace) | (Required) Name of the monitoring namespace, used to install prometheus resources | `string` | n/a | yes |
| [storage\_class\_name](#input\_storage\_class\_name) | (Optional) Storage class name used for prometheus server and alertmanager | `string` | `"default"` | no |
diff --git a/load_balancer/README.md b/load_balancer/README.md
index 61e4c935..f79294b2 100644
--- a/load_balancer/README.md
+++ b/load_balancer/README.md
@@ -31,9 +31,9 @@ No modules.
| [frontend\_private\_ip\_address](#input\_frontend\_private\_ip\_address) | (Optional) Private ip address to assign to frontend. Use it with type = private | `string` | `""` | no |
| [frontend\_private\_ip\_address\_allocation](#input\_frontend\_private\_ip\_address\_allocation) | (Optional) Frontend ip allocation type (Static or Dynamic) | `string` | `"Dynamic"` | no |
| [frontend\_subnet\_id](#input\_frontend\_subnet\_id) | (Optional) Frontend subnet id to use when in private mode | `string` | `""` | no |
-| [lb\_backend\_pools](#input\_lb\_backend\_pools) | (Optional) Backend pool and ip address configuration | list(object(
{
name = string
ips = list(object(
{
ip = string
type = optional(string)
vnet_id = string
}))
}))
| [
{
"ips": [],
"name": "default"
}
]
| no |
-| [lb\_port](#input\_lb\_port) | Protocols to be used for lb rules. Format as name => {frontend\_port, protocol, backend\_port, backend\_pool\_name, probe\_name} | map(object({
frontend_port = string
protocol = string
backend_port = string
backend_pool_name = string
probe_name = string
})) | `{}` | no |
-| [lb\_probe](#input\_lb\_probe) | (Optional) Protocols to be used for lb health probes. Format as name => {protocol, port, request\_path} | map(object({
protocol = string
port = string
request_path = string
})) | `{}` | no |
+| [lb\_backend\_pools](#input\_lb\_backend\_pools) | (Optional) Backend pool and ip address configuration | list(object(
{
name = string
ips = list(object(
{
ip = string
type = optional(string)
vnet_id = string
}))
}))
| [
{
"ips": [],
"name": "default"
}
]
| no |
+| [lb\_port](#input\_lb\_port) | Protocols to be used for lb rules. Format as name => {frontend\_port, protocol, backend\_port, backend\_pool\_name, probe\_name} | map(object({
frontend_port = string
protocol = string
backend_port = string
backend_pool_name = string
probe_name = string
})) | `{}` | no |
+| [lb\_probe](#input\_lb\_probe) | (Optional) Protocols to be used for lb health probes. Format as name => {protocol, port, request\_path} | map(object({
protocol = string
port = string
request_path = string
})) | `{}` | no |
| [lb\_probe\_interval](#input\_lb\_probe\_interval) | Interval in seconds the load balancer health probe rule does a check | `number` | `5` | no |
| [lb\_probe\_unhealthy\_threshold](#input\_lb\_probe\_unhealthy\_threshold) | Number of times the load balancer health probe has an unsuccessful attempt before considering the endpoint unhealthy. | `number` | `2` | no |
| [lb\_sku](#input\_lb\_sku) | (Optional) The SKU of the Azure Load Balancer. Accepted values are Basic and Standard. | `string` | `"Basic"` | no |
@@ -41,7 +41,7 @@ No modules.
| [name](#input\_name) | Name of the load balancer. | `string` | n/a | yes |
| [pip\_sku](#input\_pip\_sku) | (Optional) The SKU of the Azure Public IP. Accepted values are Basic and Standard. | `string` | `"Basic"` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the resource group where the load balancer resources will be imported. | `string` | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(string)` | {
"source": "terraform"
} | no |
+| [tags](#input\_tags) | n/a | `map(string)` | {
"source": "terraform"
} | no |
| [type](#input\_type) | (Optional) Defined if the loadbalancer is private or public | `string` | `"public"` | no |
## Outputs
diff --git a/monitoring_function/README.md b/monitoring_function/README.md
index f2dba4d9..9442ac03 100644
--- a/monitoring_function/README.md
+++ b/monitoring_function/README.md
@@ -198,15 +198,15 @@ module "monitoring_function" {
| [application\_insight\_name](#input\_application\_insight\_name) | (Required) name of the application insight instance where to publish metrics | `string` | n/a | yes |
| [application\_insight\_rg\_name](#input\_application\_insight\_rg\_name) | (Required) name of the application insight instance resource group where to publish metrics | `string` | n/a | yes |
| [application\_insights\_action\_group\_ids](#input\_application\_insights\_action\_group\_ids) | (Required) Application insights action group ids | `list(string)` | n/a | yes |
-| [docker\_settings](#input\_docker\_settings) | n/a | object({
registry_url = optional(string, "ghcr.io") #(Optional) Docker container registry url where to find the monitoring image
image_tag = string #(Optional) Docker image tag
image_name = optional(string, "pagopa/azure-synthetic-monitoring") #(Optional) Docker image name
}) | {
"image_name": "pagopa/azure-synthetic-monitoring",
"image_tag": "1.0.0",
"registry_url": "ghcr.io"
} | no |
-| [job\_settings](#input\_job\_settings) | n/a | object({
execution_timeout_seconds = optional(number, 300) #(Optional) Job execution timeout, in seconds
cron_scheduling = optional(string, "* * * * *") #(Optional) Cron expression defining the execution scheduling of the monitoring function
cpu_requirement = optional(number, 0.25) #(Optional) Decimal; cpu requirement
memory_requirement = optional(string, "0.5Gi") #(Optional) Memory requirement
http_client_timeout = optional(number, 30000) #(Optional) Default http client response timeout, in milliseconds
default_duration_limit = optional(number, 10000) #(Optional) Duration limit applied if none is given in the monitoring configuration. in milliseconds
availability_prefix = optional(string, "synthetic") #(Optional) Prefix used for prefixing availability test names
container_app_environment_id = string #(Required) If defined, the id of the container app environment tu be used to run the monitoring job. If provided, skips the creation of a dedicated subnet
cert_validity_range_days = optional(number, 7) #(Optional) Number of days before the expiration date of a certificate over which the check is considered success
}) | {
"availability_prefix": "synthetic",
"cert_validity_range_days": 7,
"container_app_environment_id": null,
"cpu_requirement": 0.25,
"cron_scheduling": "* * * * *",
"default_duration_limit": 10000,
"execution_timeout_seconds": 300,
"http_client_timeout": 30000,
"memory_requirement": "0.5Gi"
} | no |
+| [docker\_settings](#input\_docker\_settings) | n/a | object({
registry_url = optional(string, "ghcr.io") #(Optional) Docker container registry url where to find the monitoring image
image_tag = string #(Optional) Docker image tag
image_name = optional(string, "pagopa/azure-synthetic-monitoring") #(Optional) Docker image name
}) | {
"image_name": "pagopa/azure-synthetic-monitoring",
"image_tag": "1.0.0",
"registry_url": "ghcr.io"
} | no |
+| [job\_settings](#input\_job\_settings) | n/a | object({
execution_timeout_seconds = optional(number, 300) #(Optional) Job execution timeout, in seconds
cron_scheduling = optional(string, "* * * * *") #(Optional) Cron expression defining the execution scheduling of the monitoring function
cpu_requirement = optional(number, 0.25) #(Optional) Decimal; cpu requirement
memory_requirement = optional(string, "0.5Gi") #(Optional) Memory requirement
http_client_timeout = optional(number, 30000) #(Optional) Default http client response timeout, in milliseconds
default_duration_limit = optional(number, 10000) #(Optional) Duration limit applied if none is given in the monitoring configuration. in milliseconds
availability_prefix = optional(string, "synthetic") #(Optional) Prefix used for prefixing availability test names
container_app_environment_id = string #(Required) If defined, the id of the container app environment tu be used to run the monitoring job. If provided, skips the creation of a dedicated subnet
cert_validity_range_days = optional(number, 7) #(Optional) Number of days before the expiration date of a certificate over which the check is considered success
}) | {
"availability_prefix": "synthetic",
"cert_validity_range_days": 7,
"container_app_environment_id": null,
"cpu_requirement": 0.25,
"cron_scheduling": "* * * * *",
"default_duration_limit": 10000,
"execution_timeout_seconds": 300,
"http_client_timeout": 30000,
"memory_requirement": "0.5Gi"
} | no |
| [location](#input\_location) | (Required) Resource location | `string` | n/a | yes |
| [monitoring\_configuration\_encoded](#input\_monitoring\_configuration\_encoded) | (Required) monitoring configuration provided in JSON string format (use jsonencode) | `string` | n/a | yes |
| [prefix](#input\_prefix) | (Required) Prefix used in the Velero dedicated resource names | `string` | n/a | yes |
| [private\_endpoint\_subnet\_id](#input\_private\_endpoint\_subnet\_id) | (Optional) Subnet id where to create the private endpoint for backups storage account | `string` | `null` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) Name of the resource group in which the function and its related components are created | `string` | n/a | yes |
-| [self\_alert\_configuration](#input\_self\_alert\_configuration) | Configuration for the alert on the job itself | object({
enabled = optional(bool, true) # "(Optional) if true, enables the alert on the self monitoring availability metric"
frequency = optional(string, "PT1M") # (Optional) The evaluation frequency of this Metric Alert, represented in ISO 8601 duration format. Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
severity = optional(number, 0) # (Optional) The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4
threshold = optional(number, 100) # (Optional) The criteria threshold value that activates the alert
operator = optional(string, "LessThan") # (Optional) The criteria operator. Possible values are Equals, GreaterThan, GreaterThanOrEqual, LessThan and LessThanOrEqual
aggregation = optional(string, "Average") # (Required) The statistic that runs over the metric values. Possible values are Average, Count, Minimum, Maximum and Total.
}) | {
"aggregation": "Average",
"enabled": true,
"frequency": "PT1M",
"operator": "LessThan",
"severity": 0,
"threshold": 100
} | no |
-| [storage\_account\_settings](#input\_storage\_account\_settings) | n/a | object({
tier = optional(string, "Standard") #(Optional) Tier used for the backup storage account
replication_type = optional(string, "ZRS") #(Optional) Replication type used for the backup storage account
kind = optional(string, "StorageV2") #(Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2
backup_retention_days = optional(number, 0) #(Optional) number of days for which the storage account is available for point in time recovery
backup_enabled = optional(bool, false) # (Optional) enables storage account point in time recovery
private_endpoint_enabled = optional(bool, false) #(Optional) enables the creation and usage of private endpoint
table_private_dns_zone_id = string # (Optional) table storage private dns zone id
}) | {
"backup_enabled": false,
"backup_retention_days": 0,
"kind": "StorageV2",
"private_endpoint_enabled": false,
"replication_type": "ZRS",
"table_private_dns_zone_id": null,
"tier": "Standard"
} | no |
+| [self\_alert\_configuration](#input\_self\_alert\_configuration) | Configuration for the alert on the job itself | object({
enabled = optional(bool, true) # "(Optional) if true, enables the alert on the self monitoring availability metric"
frequency = optional(string, "PT1M") # (Optional) The evaluation frequency of this Metric Alert, represented in ISO 8601 duration format. Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
severity = optional(number, 0) # (Optional) The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4
threshold = optional(number, 100) # (Optional) The criteria threshold value that activates the alert
operator = optional(string, "LessThan") # (Optional) The criteria operator. Possible values are Equals, GreaterThan, GreaterThanOrEqual, LessThan and LessThanOrEqual
aggregation = optional(string, "Average") # (Required) The statistic that runs over the metric values. Possible values are Average, Count, Minimum, Maximum and Total.
}) | {
"aggregation": "Average",
"enabled": true,
"frequency": "PT1M",
"operator": "LessThan",
"severity": 0,
"threshold": 100
} | no |
+| [storage\_account\_settings](#input\_storage\_account\_settings) | n/a | object({
tier = optional(string, "Standard") #(Optional) Tier used for the backup storage account
replication_type = optional(string, "ZRS") #(Optional) Replication type used for the backup storage account
kind = optional(string, "StorageV2") #(Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2
backup_retention_days = optional(number, 0) #(Optional) number of days for which the storage account is available for point in time recovery
backup_enabled = optional(bool, false) # (Optional) enables storage account point in time recovery
private_endpoint_enabled = optional(bool, false) #(Optional) enables the creation and usage of private endpoint
table_private_dns_zone_id = string # (Optional) table storage private dns zone id
}) | {
"backup_enabled": false,
"backup_retention_days": 0,
"kind": "StorageV2",
"private_endpoint_enabled": false,
"replication_type": "ZRS",
"table_private_dns_zone_id": null,
"tier": "Standard"
} | no |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
## Outputs
diff --git a/postgres_flexible_server/README.md b/postgres_flexible_server/README.md
index bf95b434..3a2a22bf 100644
--- a/postgres_flexible_server/README.md
+++ b/postgres_flexible_server/README.md
@@ -317,15 +317,15 @@ No modules.
|------|-------------|------|---------|:--------:|
| [administrator\_login](#input\_administrator\_login) | Flexible PostgreSql server administrator\_login | `string` | n/a | yes |
| [administrator\_password](#input\_administrator\_password) | Flexible PostgreSql server administrator\_password | `string` | n/a | yes |
-| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
| [backup\_retention\_days](#input\_backup\_retention\_days) | (Optional) The backup retention days for the PostgreSQL Flexible Server. Possible values are between 7 and 35 days. | `number` | `7` | no |
| [create\_mode](#input\_create\_mode) | (Optional) The creation mode. Can be used to restore or replicate existing servers. Possible values are Default, Replica, GeoRestore, and PointInTimeRestore | `string` | `"Default"` | no |
-| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `null` | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `null` | no |
| [customer\_managed\_key\_enabled](#input\_customer\_managed\_key\_enabled) | enable customer\_managed\_key | `bool` | `false` | no |
| [customer\_managed\_key\_kv\_key\_id](#input\_customer\_managed\_key\_kv\_key\_id) | The ID of the Key Vault Key | `string` | `null` | no |
| [db\_version](#input\_db\_version) | (Required) The version of PostgreSQL Flexible Server to use. Possible values are 11,12 and 13. Required when create\_mode is Default | `number` | n/a | yes |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | {
"active_connections": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "active_connections",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"connections_failed": {
"aggregation": "Total",
"frequency": "PT5M",
"metric_name": "connections_failed",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"cpu_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "cpu_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"memory_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "memory_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"storage_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "storage_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
}
} | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | {
"active_connections": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "active_connections",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"connections_failed": {
"aggregation": "Total",
"frequency": "PT5M",
"metric_name": "connections_failed",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"cpu_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "cpu_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"memory_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "memory_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"storage_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "storage_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
}
} | no |
| [delegated\_subnet\_id](#input\_delegated\_subnet\_id) | (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. | `string` | `null` | no |
| [diagnostic\_setting\_destination\_storage\_id](#input\_diagnostic\_setting\_destination\_storage\_id) | (Optional) The ID of the Storage Account where logs should be sent. Changing this forces a new resource to be created. | `string` | `null` | no |
| [diagnostic\_settings\_enabled](#input\_diagnostic\_settings\_enabled) | Is diagnostic settings enabled? | `bool` | `true` | no |
@@ -333,7 +333,7 @@ No modules.
| [high\_availability\_enabled](#input\_high\_availability\_enabled) | (Required) Is the High Availability Enabled | `bool` | n/a | yes |
| [location](#input\_location) | (Required) The Azure Region where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | (Optional) Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | `string` | `null` | no |
-| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
+| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
| [name](#input\_name) | (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | n/a | yes |
| [pgbouncer\_enabled](#input\_pgbouncer\_enabled) | Is PgBouncer enabled into configurations? | `bool` | `true` | no |
| [primary\_user\_assigned\_identity\_id](#input\_primary\_user\_assigned\_identity\_id) | Manages a User Assigned Identity | `string` | `null` | no |
diff --git a/postgres_flexible_server_replica/README.md b/postgres_flexible_server_replica/README.md
index 16bbf719..98f6183e 100644
--- a/postgres_flexible_server_replica/README.md
+++ b/postgres_flexible_server_replica/README.md
@@ -171,7 +171,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
| [delegated\_subnet\_id](#input\_delegated\_subnet\_id) | (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. | `string` | `null` | no |
| [diagnostic\_setting\_destination\_storage\_id](#input\_diagnostic\_setting\_destination\_storage\_id) | (Optional) The ID of the Storage Account where logs should be sent. Changing this forces a new resource to be created. | `string` | `null` | no |
@@ -179,13 +179,13 @@ No modules.
| [high\_availability\_enabled](#input\_high\_availability\_enabled) | (Required) Is the High Availability Enabled | `bool` | n/a | yes |
| [location](#input\_location) | (Required) The Azure Region where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | (Optional) Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | `string` | `null` | no |
-| [main\_server\_additional\_alerts](#input\_main\_server\_additional\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
-| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
+| [main\_server\_additional\_alerts](#input\_main\_server\_additional\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
+| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
| [name](#input\_name) | (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | n/a | yes |
| [pgbouncer\_enabled](#input\_pgbouncer\_enabled) | Is PgBouncer enabled into configurations? | `bool` | `true` | no |
| [private\_dns\_zone\_id](#input\_private\_dns\_zone\_id) | (Optional) The ID of the private dns zone to create the PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | `null` | no |
| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Is this instance private only? | `bool` | n/a | yes |
-| [replica\_server\_metric\_alerts](#input\_replica\_server\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
+| [replica\_server\_metric\_alerts](#input\_replica\_server\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
| [sku\_name](#input\_sku\_name) | The SKU Name for the PostgreSQL Flexible Server. The name of the SKU, follows the tier + name pattern (e.g. B\_Standard\_B1ms, GP\_Standard\_D2s\_v3, MO\_Standard\_E4s\_v3). | `string` | n/a | yes |
| [source\_server\_id](#input\_source\_server\_id) | (Required) Id of the source server to be replicated | `string` | n/a | yes |
diff --git a/postgresql_server/README.md b/postgresql_server/README.md
index 47436c73..b54d5b3d 100644
--- a/postgresql_server/README.md
+++ b/postgresql_server/README.md
@@ -201,7 +201,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [administrator\_login](#input\_administrator\_login) | The Administrator Login for the PostgreSQL Server. | `string` | n/a | yes |
| [administrator\_login\_password](#input\_administrator\_login\_password) | The Password associated with the administrator\_login for the PostgreSQL Server. | `string` | n/a | yes |
| [alerts\_enabled](#input\_alerts\_enabled) | Should Metric Alerts be enabled? | `bool` | `true` | no |
@@ -216,15 +216,15 @@ No modules.
| [geo\_redundant\_backup\_enabled](#input\_geo\_redundant\_backup\_enabled) | Turn Geo-redundant server backups on/off. | `bool` | `false` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [lock\_enable](#input\_lock\_enable) | Apply lock to block accedentaly deletions. | `bool` | `false` | no |
-| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported#microsoftdbforpostgresqlservers
https://docs.microsoft.com/en-us/azure/postgresql/concepts-limits#maximum-connections | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported#microsoftdbforpostgresqlservers
https://docs.microsoft.com/en-us/azure/postgresql/concepts-limits#maximum-connections | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [network\_rules](#input\_network\_rules) | Network rules restricting access to the postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
-| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable vnet private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
+| [network\_rules](#input\_network\_rules) | Network rules restricting access to the postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
+| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable vnet private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether or not public network access is allowed for this server. | `bool` | `false` | no |
-| [replica\_action](#input\_replica\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [replica\_action](#input\_replica\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [replica\_allowed\_subnets](#input\_replica\_allowed\_subnets) | (Optional) Allowed subnets ids | `list(string)` | `[]` | no |
-| [replica\_monitor\_metric\_alert\_criteria](#input\_replica\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported#microsoftdbforpostgresqlservers
https://docs.microsoft.com/en-us/azure/postgresql/concepts-limits#maximum-connections | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [replica\_network\_rules](#input\_replica\_network\_rules) | Network rules restricting access to the replica postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
+| [replica\_monitor\_metric\_alert\_criteria](#input\_replica\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported#microsoftdbforpostgresqlservers
https://docs.microsoft.com/en-us/azure/postgresql/concepts-limits#maximum-connections | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [replica\_network\_rules](#input\_replica\_network\_rules) | Network rules restricting access to the replica postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [restore\_point\_in\_time](#input\_restore\_point\_in\_time) | When create\_mode is PointInTimeRestore the point in time to restore from creation\_source\_server\_id. | `string` | `null` | no |
| [sku\_name](#input\_sku\_name) | Specifies the SKU Name for this PostgreSQL Server. | `string` | n/a | yes |
diff --git a/redis_cache/README.md b/redis_cache/README.md
index 89bc4977..71245fa5 100644
--- a/redis_cache/README.md
+++ b/redis_cache/README.md
@@ -67,7 +67,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [backup\_configuration](#input\_backup\_configuration) | n/a | object({
frequency = number
max_snapshot_count = number
storage_connection_string = string
}) | `null` | no |
+| [backup\_configuration](#input\_backup\_configuration) | n/a | object({
frequency = number
max_snapshot_count = number
storage_connection_string = string
}) | `null` | no |
| [capacity](#input\_capacity) | The size of the Redis cache to deploy | `number` | `1` | no |
| [data\_persistence\_authentication\_method](#input\_data\_persistence\_authentication\_method) | (Optional) Preferred auth method to communicate to storage account used for data persistence. Possible values are SAS and ManagedIdentity. Defaults to SAS. | `string` | `"SAS"` | no |
| [enable\_authentication](#input\_enable\_authentication) | If set to false, the Redis instance will be accessible without authentication. Defaults to true. | `bool` | `true` | no |
@@ -75,8 +75,8 @@ No modules.
| [family](#input\_family) | The SKU family/pricing group to use | `string` | n/a | yes |
| [location](#input\_location) | The location of the resource group. | `string` | n/a | yes |
| [name](#input\_name) | The name of the Redis instance. | `string` | n/a | yes |
-| [patch\_schedules](#input\_patch\_schedules) | n/a | list(object({
day_of_week = string
start_hour_utc = number
})) | `[]` | no |
-| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
+| [patch\_schedules](#input\_patch\_schedules) | n/a | list(object({
day_of_week = string
start_hour_utc = number
})) | `[]` | no |
+| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
| [private\_static\_ip\_address](#input\_private\_static\_ip\_address) | The Static IP Address to assign to the Redis Cache when hosted inside the Virtual Network | `string` | `null` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether or not public network access is allowed for this Redis Cache. true means this resource could be accessed by both public and private endpoint. false means only private endpoint access is allowed. Defaults to false. | `string` | `false` | no |
| [redis\_version](#input\_redis\_version) | The version of Redis to use: 4 (deprecated) or 6 | `string` | n/a | yes |
diff --git a/route_table/README.md b/route_table/README.md
index c4ab5bc1..eba57001 100644
--- a/route_table/README.md
+++ b/route_table/README.md
@@ -26,7 +26,7 @@ No modules.
| [location](#input\_location) | The location of the resource group. | `string` | n/a | yes |
| [name](#input\_name) | The name of route table | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
-| [routes](#input\_routes) | n/a | list(object({
name = string
address_prefix = string
next_hop_type = string
next_hop_in_ip_address = string
})) | n/a | yes |
+| [routes](#input\_routes) | n/a | list(object({
name = string
address_prefix = string
next_hop_type = string
next_hop_in_ip_address = string
})) | n/a | yes |
| [subnet\_ids](#input\_subnet\_ids) | List of ids of subnet to associate to the route table. | `list(string)` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/storage_account/README.md b/storage_account/README.md
index c30d46fc..5501ee01 100644
--- a/storage_account/README.md
+++ b/storage_account/README.md
@@ -146,7 +146,7 @@ No modules.
| [account\_kind](#input\_account\_kind) | (Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. | `string` | `"StorageV2"` | no |
| [account\_replication\_type](#input\_account\_replication\_type) | Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa | `string` | n/a | yes |
| [account\_tier](#input\_account\_tier) | Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid. Changing this forces a new resource to be created. | `string` | n/a | yes |
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(
{
action_group_id = string
webhook_properties = map(string)
}
))
| `[]` | no |
| [advanced\_threat\_protection](#input\_advanced\_threat\_protection) | Should Advanced Threat Protection be enabled on this resource? | `bool` | `false` | no |
| [allow\_nested\_items\_to\_be\_public](#input\_allow\_nested\_items\_to\_be\_public) | Allow or disallow public access to all blobs or containers in the storage account. | `bool` | `false` | no |
| [blob\_change\_feed\_enabled](#input\_blob\_change\_feed\_enabled) | (Optional) Is the blob service properties for change feed events enabled? Default to false. | `bool` | `false` | no |
@@ -154,15 +154,15 @@ No modules.
| [blob\_container\_delete\_retention\_days](#input\_blob\_container\_delete\_retention\_days) | Retention days for deleted container. Valid value is between 1 and 365 (set to 0 to disable). | `number` | `0` | no |
| [blob\_delete\_retention\_days](#input\_blob\_delete\_retention\_days) | Retention days for deleted blob. Valid value is between 1 and 365 (set to 0 to disable). | `number` | `0` | no |
| [blob\_last\_access\_time\_enabled](#input\_blob\_last\_access\_time\_enabled) | (Optional) Is the blob service properties for trace last access time. Default to false. | `bool` | `false` | no |
-| [blob\_storage\_policy](#input\_blob\_storage\_policy) | Handle immutability policy for stored elements | object({
enable_immutability_policy = bool
blob_restore_policy_days = number
}) | {
"blob_restore_policy_days": 0,
"enable_immutability_policy": false
} | no |
+| [blob\_storage\_policy](#input\_blob\_storage\_policy) | Handle immutability policy for stored elements | object({
enable_immutability_policy = bool
blob_restore_policy_days = number
}) | {
"blob_restore_policy_days": 0,
"enable_immutability_policy": false
} | no |
| [blob\_versioning\_enabled](#input\_blob\_versioning\_enabled) | Controls whether blob object versioning is enabled. | `bool` | `false` | no |
| [cross\_tenant\_replication\_enabled](#input\_cross\_tenant\_replication\_enabled) | (Optional) Should cross Tenant replication be enabled? Defaults to false. | `bool` | `false` | no |
-| [custom\_domain](#input\_custom\_domain) | Custom domain for accessing blob data | object({
name = string
use_subdomain = bool
}) | {
"name": null,
"use_subdomain": false
} | no |
+| [custom\_domain](#input\_custom\_domain) | Custom domain for accessing blob data | object({
name = string
use_subdomain = bool
}) | {
"name": null,
"use_subdomain": false
} | no |
| [domain](#input\_domain) | (Optional) Specifies the domain of the Storage Account. | `string` | `null` | no |
| [enable\_identity](#input\_enable\_identity) | (Optional) If true, set the identity as SystemAssigned | `bool` | `false` | no |
| [enable\_low\_availability\_alert](#input\_enable\_low\_availability\_alert) | Enable the Low Availability alert. Default is true | `bool` | `true` | no |
| [error\_404\_document](#input\_error\_404\_document) | The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file. | `string` | `null` | no |
-| [immutability\_policy\_props](#input\_immutability\_policy\_props) | Properties to setup the immutability policy. The resource can be created only with "Disabled" and "Unlocked" state. Change to "Locked" state doens't update the resource for a bug of the current module. | object({
allow_protected_append_writes = bool
period_since_creation_in_days = number
}) | {
"allow_protected_append_writes": false,
"period_since_creation_in_days": 730
} | no |
+| [immutability\_policy\_props](#input\_immutability\_policy\_props) | Properties to setup the immutability policy. The resource can be created only with "Disabled" and "Unlocked" state. Change to "Locked" state doens't update the resource for a bug of the current module. | object({
allow_protected_append_writes = bool
period_since_creation_in_days = number
}) | {
"allow_protected_append_writes": false,
"period_since_creation_in_days": 730
} | no |
| [index\_document](#input\_index\_document) | The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive. | `string` | `null` | no |
| [is\_hns\_enabled](#input\_is\_hns\_enabled) | Enable Hierarchical Namespace enabled (Azure Data Lake Storage Gen 2). Changing this forces a new resource to be created. | `bool` | `false` | no |
| [is\_sftp\_enabled](#input\_is\_sftp\_enabled) | Enable SFTP | `bool` | `false` | no |
@@ -170,7 +170,7 @@ No modules.
| [low\_availability\_threshold](#input\_low\_availability\_threshold) | The Low Availability threshold. If metric average is under this value, the alert will be triggered. Default is 99.8 | `number` | `99.8` | no |
| [min\_tls\_version](#input\_min\_tls\_version) | The minimum supported TLS version for the storage account. Possible values are TLS1\_0, TLS1\_1, and TLS1\_2 | `string` | `"TLS1_2"` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [network\_rules](#input\_network\_rules) | n/a | object({
default_action = string # Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow
bypass = set(string) # Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None
ip_rules = list(string) # List of public IP or IP ranges in CIDR Format. Only IPV4 addresses are allowed
virtual_network_subnet_ids = list(string) # A list of resource ids for subnets.
}) | `null` | no |
+| [network\_rules](#input\_network\_rules) | n/a | object({
default_action = string # Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow
bypass = set(string) # Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None
ip_rules = list(string) # List of public IP or IP ranges in CIDR Format. Only IPV4 addresses are allowed
virtual_network_subnet_ids = list(string) # A list of resource ids for subnets.
}) | `null` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Enable or Disable public access. It should always set to false unless there are special needs | `bool` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/storage_management_policy/README.md b/storage_management_policy/README.md
index 1e3320c7..3a5c2c54 100644
--- a/storage_management_policy/README.md
+++ b/storage_management_policy/README.md
@@ -55,7 +55,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [rules](#input\_rules) | n/a | list(object({
name = string
enabled = bool
filters = object({
prefix_match = list(string) # (Optional) An array of strings for prefixes to be matched.
blob_types = list(string) # (Required) An array of predefined values. Valid options are blockBlob and appendBlob.
})
actions = object({
base_blob = object({
delete_after_days_since_modification_greater_than = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
delete_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_cool_after_days_since_modification_greater_than = optional(number, null)
tier_to_cool_after_days_since_creation_greater_than = optional(number, null)
tier_to_cool_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_modification_greater_than = optional(number, null)
tier_to_archive_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
})
snapshot = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
version = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
})
})) | `[]` | no |
+| [rules](#input\_rules) | n/a | list(object({
name = string
enabled = bool
filters = object({
prefix_match = list(string) # (Optional) An array of strings for prefixes to be matched.
blob_types = list(string) # (Required) An array of predefined values. Valid options are blockBlob and appendBlob.
})
actions = object({
base_blob = object({
delete_after_days_since_modification_greater_than = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
delete_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_cool_after_days_since_modification_greater_than = optional(number, null)
tier_to_cool_after_days_since_creation_greater_than = optional(number, null)
tier_to_cool_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_modification_greater_than = optional(number, null)
tier_to_archive_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
})
snapshot = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
version = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
})
})) | `[]` | no |
| [storage\_account\_id](#input\_storage\_account\_id) | Specifies the id of the storage account to apply the management policy to. | `string` | n/a | yes |
## Outputs
diff --git a/storage_object_replication/README.md b/storage_object_replication/README.md
index a5346c6e..4bbf1242 100644
--- a/storage_object_replication/README.md
+++ b/storage_object_replication/README.md
@@ -26,7 +26,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [destination\_storage\_account\_id](#input\_destination\_storage\_account\_id) | The ID of the destination storage account. | `string` | n/a | yes |
-| [rules](#input\_rules) | n/a | list(
object({
source_container_name = string
destination_container_name = string
copy_blobs_created_after = string
})
)
| n/a | yes |
+| [rules](#input\_rules) | n/a | list(
object({
source_container_name = string
destination_container_name = string
copy_blobs_created_after = string
})
)
| n/a | yes |
| [source\_storage\_account\_id](#input\_source\_storage\_account\_id) | The ID of the source storage account. | `string` | n/a | yes |
## Outputs
diff --git a/subnet/README.md b/subnet/README.md
index 3287eeb4..7e151fe7 100644
--- a/subnet/README.md
+++ b/subnet/README.md
@@ -85,7 +85,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [address\_prefixes](#input\_address\_prefixes) | (Optional) The address prefixes to use for the subnet. (e.g. ['10.1.137.0/24']) | `list(string)` | `[]` | no |
-| [delegation](#input\_delegation) | n/a | object({
name = string #(Required) A name for this delegation.
service_delegation = object({
name = string #(Required) The name of service to delegate to. Possible values are https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#service_delegation
actions = list(string) #(Optional) A list of Actions which should be delegated. Here the list: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#actions
})
}) | `null` | no |
+| [delegation](#input\_delegation) | n/a | object({
name = string #(Required) A name for this delegation.
service_delegation = object({
name = string #(Required) The name of service to delegate to. Possible values are https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#service_delegation
actions = list(string) #(Optional) A list of Actions which should be delegated. Here the list: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#actions
})
}) | `null` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [private\_endpoint\_network\_policies\_enabled](#input\_private\_endpoint\_network\_policies\_enabled) | (Optional) Enable or Disable network policies for the private endpoint on the subnet. Setting this to true will Enable the policy and setting this to false will Disable the policy. Defaults to true. | `bool` | `false` | no |
| [private\_link\_service\_network\_policies\_enabled](#input\_private\_link\_service\_network\_policies\_enabled) | (Optional) Enable or Disable network policies for the private link service on the subnet. Setting this to true will Enable the policy and setting this to false will Disable the policy. Defaults to true. | `bool` | `true` | no |
diff --git a/virtual_network/README.md b/virtual_network/README.md
index 6431b33b..a47af086 100644
--- a/virtual_network/README.md
+++ b/virtual_network/README.md
@@ -49,7 +49,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [address\_space](#input\_address\_space) | n/a | `list(string)` | n/a | yes |
-| [ddos\_protection\_plan](#input\_ddos\_protection\_plan) | n/a | object({
id = string
enable = bool
}) | `null` | no |
+| [ddos\_protection\_plan](#input\_ddos\_protection\_plan) | n/a | object({
id = string
enable = bool
}) | `null` | no |
| [location](#input\_location) | The location/region where the virtual network is created. | `string` | n/a | yes |
| [name](#input\_name) | The name of the virtual network. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which to create the virtual network. | `string` | n/a | yes |
diff --git a/vpn_gateway/README.md b/vpn_gateway/README.md
index c725a3fd..03c8fcd5 100644
--- a/vpn_gateway/README.md
+++ b/vpn_gateway/README.md
@@ -105,7 +105,7 @@ No modules.
| [sku](#input\_sku) | Configuration of the size and capacity of the virtual network gateway. | `any` | n/a | yes |
| [subnet\_id](#input\_subnet\_id) | Id of subnet where gateway should be deployed, have to be names GatewaySubnet. | `any` | n/a | yes |
| [tags](#input\_tags) | Tags to apply to all resources created. | `map(string)` | `{}` | no |
-| [vpn\_client\_configuration](#input\_vpn\_client\_configuration) | If set it will activate point-to-site configuration. | list(object(
{
aad_audience = string
aad_issuer = string
aad_tenant = string
address_space = list(string)
radius_server_address = string
radius_server_secret = string
revoked_certificate = list(object(
{
name = string
thumbprint = string
}
))
root_certificate = list(object(
{
name = string
public_cert_data = string
}
))
vpn_client_protocols = list(string)
}
))
| `[]` | no |
+| [vpn\_client\_configuration](#input\_vpn\_client\_configuration) | If set it will activate point-to-site configuration. | list(object(
{
aad_audience = string
aad_issuer = string
aad_tenant = string
address_space = list(string)
radius_server_address = string
radius_server_secret = string
revoked_certificate = list(object(
{
name = string
thumbprint = string
}
))
root_certificate = list(object(
{
name = string
public_cert_data = string
}
))
vpn_client_protocols = list(string)
}
))
| `[]` | no |
## Outputs