From 1387429591de1becc88bcb21ed1ef71cccf882dd Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 3 Nov 2023 14:54:15 +0000
Subject: [PATCH 1/3] Update Terraform
 github.com/DFE-Digital/terraform-azurerm-container-apps-hosting to v1.3.1

---
 terraform/container-apps-hosting.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/container-apps-hosting.tf b/terraform/container-apps-hosting.tf
index 890d9a10b..57b9b2809 100644
--- a/terraform/container-apps-hosting.tf
+++ b/terraform/container-apps-hosting.tf
@@ -1,5 +1,5 @@
 module "azure_container_apps_hosting" {
-  source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.1.0"
+  source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.3.1"
 
   environment    = local.environment
   project_name   = local.project_name

From 858faf13463cee16ab811f32ccc0f83c404d0739 Mon Sep 17 00:00:00 2001
From: Ash Davies <3853061+DrizzlyOwl@users.noreply.github.com>
Date: Fri, 3 Nov 2023 14:57:03 +0000
Subject: [PATCH 2/3] Updated Readme

---
 terraform/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/README.md b/terraform/README.md
index caa981959..2e8721179 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -136,7 +136,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_azure_container_apps_hosting"></a> [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.1.0 |
+| <a name="module_azure_container_apps_hosting"></a> [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.3.1 |
 | <a name="module_azurerm_key_vault"></a> [azurerm\_key\_vault](#module\_azurerm\_key\_vault) | github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars | v0.2.2 |
 | <a name="module_statuscake-tls-monitor"></a> [statuscake-tls-monitor](#module\_statuscake-tls-monitor) | github.com/dfe-digital/terraform-statuscake-tls-monitor | v0.1.2 |
 

From 704e47d440b6a317db83a59621d51743134400f0 Mon Sep 17 00:00:00 2001
From: Ash Davies <3853061+DrizzlyOwl@users.noreply.github.com>
Date: Fri, 3 Nov 2023 15:16:12 +0000
Subject: [PATCH 3/3] Renamed vars to match updated version

---
 terraform/.terraform.lock.hcl       | 15 +++++
 terraform/README.md                 |  4 +-
 terraform/container-apps-hosting.tf |  6 +-
 terraform/locals.tf                 | 92 ++++++++++++++---------------
 terraform/variables.tf              |  4 +-
 5 files changed, 68 insertions(+), 53 deletions(-)

diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index d5e7ed094..d777a99fa 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -97,5 +97,20 @@ provider "registry.terraform.io/statuscakedev/statuscake" {
     "h1:phIY76XC5ij8dZUSHJqU4Aj/vq17wq3rQFZ9guLtVF4=",
     "h1:v9W0xSeWF2bz3b3txV0s43el5DCxCZGZO13hiVBkz9c=",
     "h1:wFoZJfmNvG6XTf65NLai67geSHqYV1Tilx7OITrHilE=",
+    "zh:0916313344c579d6e05d70f88129a10fe48f7dabe0e61cad17874d6c496f288d",
+    "zh:0d491ff72c2eda6482855033ca2146c5ace1663d07cb3da7253b59ed2e2ec6f4",
+    "zh:11fffbce18eb3d3c283e877242f477e0c561342c19090240b60af7d948bd84ac",
+    "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7",
+    "zh:1c6116092c59bc0010e147dc7832ae981d528f235cef563e5ae05a93ef8bac5c",
+    "zh:1f13a543b1d32cc1f1e3d2ed5ca83445f088787c335690fe20dee1203488a8bc",
+    "zh:23f55fd0714696c3863f892646a79a780cea1923c0c4d2b1064df735ba4156f5",
+    "zh:288fbb4431ac12014aa5aab10ee7166dfe71fd1158464e06e8a527aa4919e64e",
+    "zh:2a0746d3c8cdc7d0875df0f4605d81130e6da0ce6196d0f5f8661fe9191bc2ab",
+    "zh:31d660756abc53d252906fe1239fad58ecb6c1d0dbb087408a8af266be1f9ae4",
+    "zh:6765281d1b7efb41085c5375660b6c6b271babc5d09b2c030bec7176f7a7bfb6",
+    "zh:6d7204eadb667c1f2cab762a7a97234cf47452f0ecad680f5106c8fd02524c87",
+    "zh:b70a97b0eba471d683e23ce8744a5c67ef9952086e2d6f5825b72f32b6caff89",
+    "zh:df89ee4aaba88faea33d33384a36ea52588b5514644d335f724378a682d8d9da",
+    "zh:ffe2e1e7224ea5f4dd65b9eef45464e3124cfc824473b04e7af429f9177f2375",
   ]
 }
diff --git a/terraform/README.md b/terraform/README.md
index 2e8721179..b46bcd99d 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -157,8 +157,6 @@ No resources.
 | <a name="input_cdn_frontdoor_origin_fqdn_override"></a> [cdn\_frontdoor\_origin\_fqdn\_override](#input\_cdn\_frontdoor\_origin\_fqdn\_override) | Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN | `string` | `""` | no |
 | <a name="input_cdn_frontdoor_origin_host_header_override"></a> [cdn\_frontdoor\_origin\_host\_header\_override](#input\_cdn\_frontdoor\_origin\_host\_header\_override) | Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host\_name (`cdn_frontdoor_origin_fqdn_override`) | `string` | `""` | no |
 | <a name="input_cdn_frontdoor_rate_limiting_threshold"></a> [cdn\_frontdoor\_rate\_limiting\_threshold](#input\_cdn\_frontdoor\_rate\_limiting\_threshold) | Maximum number of concurrent requests per minute threshold before rate limiting is applied | `number` | n/a | yes |
-| <a name="input_container_app_blob_storage_ipv4_allow_list"></a> [container\_app\_blob\_storage\_ipv4\_allow\_list](#input\_container\_app\_blob\_storage\_ipv4\_allow\_list) | A list of public IPv4 address to grant access to the Blob Storage Account | `list(string)` | n/a | yes |
-| <a name="input_container_app_blob_storage_public_access_enabled"></a> [container\_app\_blob\_storage\_public\_access\_enabled](#input\_container\_app\_blob\_storage\_public\_access\_enabled) | Should the Azure Storage Account have Public visibility? | `bool` | n/a | yes |
 | <a name="input_container_apps_allow_ips_inbound"></a> [container\_apps\_allow\_ips\_inbound](#input\_container\_apps\_allow\_ips\_inbound) | Restricts access to the Container Apps by creating a network security group rule that only allow inbound traffic from the provided list of IPs | `list(string)` | `[]` | no |
 | <a name="input_container_command"></a> [container\_command](#input\_container\_command) | Container command | `list(any)` | n/a | yes |
 | <a name="input_container_max_replicas"></a> [container\_max\_replicas](#input\_container\_max\_replicas) | Container max replicas | `number` | `2` | no |
@@ -192,6 +190,8 @@ No resources.
 | <a name="input_statuscake_contact_group_integrations"></a> [statuscake\_contact\_group\_integrations](#input\_statuscake\_contact\_group\_integrations) | List of Integration IDs to connect to your Contact Group | `list(string)` | `[]` | no |
 | <a name="input_statuscake_contact_group_name"></a> [statuscake\_contact\_group\_name](#input\_statuscake\_contact\_group\_name) | Name of the contact group in StatusCake | `string` | `""` | no |
 | <a name="input_statuscake_monitored_resource_addresses"></a> [statuscake\_monitored\_resource\_addresses](#input\_statuscake\_monitored\_resource\_addresses) | The URLs to perform TLS checks on | `list(string)` | `[]` | no |
+| <a name="input_storage_account_ipv4_allow_list"></a> [storage\_account\_ipv4\_allow\_list](#input\_storage\_account\_ipv4\_allow\_list) | A list of public IPv4 address to grant access to the Blob Storage Account | `list(string)` | n/a | yes |
+| <a name="input_storage_account_public_access_enabled"></a> [storage\_account\_public\_access\_enabled](#input\_storage\_account\_public\_access\_enabled) | Should the Azure Storage Account have Public visibility? | `bool` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to be applied to all resources | `map(string)` | n/a | yes |
 | <a name="input_tfvars_filename"></a> [tfvars\_filename](#input\_tfvars\_filename) | tfvars filename. This ensures that tfvars are kept up to date in Key Vault. | `string` | n/a | yes |
 | <a name="input_virtual_network_address_space"></a> [virtual\_network\_address\_space](#input\_virtual\_network\_address\_space) | Virtual network address space CIDR | `string` | n/a | yes |
diff --git a/terraform/container-apps-hosting.tf b/terraform/container-apps-hosting.tf
index 57b9b2809..0be7a5950 100644
--- a/terraform/container-apps-hosting.tf
+++ b/terraform/container-apps-hosting.tf
@@ -44,9 +44,9 @@ module "azure_container_apps_hosting" {
   existing_logic_app_workflow   = local.existing_logic_app_workflow
   enable_container_health_probe = local.enable_container_health_probe
 
-  enable_container_app_blob_storage                = local.enable_container_app_blob_storage
-  container_app_blob_storage_ipv4_allow_list       = local.container_app_blob_storage_ipv4_allow_list
-  container_app_blob_storage_public_access_enabled = local.container_app_blob_storage_public_access_enabled
+  enable_container_app_blob_storage     = local.enable_container_app_blob_storage
+  storage_account_ipv4_allow_list       = local.storage_account_ipv4_allow_list
+  storage_account_public_access_enabled = local.storage_account_public_access_enabled
 
   existing_network_watcher_name                = local.existing_network_watcher_name
   existing_network_watcher_resource_group_name = local.existing_network_watcher_resource_group_name
diff --git a/terraform/locals.tf b/terraform/locals.tf
index 34e6590ed..2fac624db 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -1,48 +1,48 @@
 locals {
-  environment                                      = var.environment
-  project_name                                     = var.project_name
-  azure_location                                   = var.azure_location
-  tags                                             = var.tags
-  virtual_network_address_space                    = var.virtual_network_address_space
-  enable_container_registry                        = var.enable_container_registry
-  image_name                                       = var.image_name
-  container_command                                = var.container_command
-  container_secret_environment_variables           = var.container_secret_environment_variables
-  container_max_replicas                           = var.container_max_replicas
-  enable_cdn_frontdoor                             = var.enable_cdn_frontdoor
-  enable_event_hub                                 = var.enable_event_hub
-  enable_logstash_consumer                         = var.enable_logstash_consumer
-  eventhub_export_log_analytics_table_names        = var.eventhub_export_log_analytics_table_names
-  enable_dns_zone                                  = var.enable_dns_zone
-  dns_zone_domain_name                             = var.dns_zone_domain_name
-  dns_ns_records                                   = var.dns_ns_records
-  dns_txt_records                                  = var.dns_txt_records
-  dns_a_records                                    = var.dns_a_records
-  restrict_container_apps_to_cdn_inbound_only      = var.restrict_container_apps_to_cdn_inbound_only
-  container_apps_allow_ips_inbound                 = var.container_apps_allow_ips_inbound
-  cdn_frontdoor_enable_rate_limiting               = var.cdn_frontdoor_enable_rate_limiting
-  cdn_frontdoor_rate_limiting_threshold            = var.cdn_frontdoor_rate_limiting_threshold
-  cdn_frontdoor_host_add_response_headers          = var.cdn_frontdoor_host_add_response_headers
-  cdn_frontdoor_custom_domains                     = var.cdn_frontdoor_custom_domains
-  cdn_frontdoor_host_redirects                     = var.cdn_frontdoor_host_redirects
-  cdn_frontdoor_origin_fqdn_override               = var.cdn_frontdoor_origin_fqdn_override
-  cdn_frontdoor_origin_host_header_override        = var.cdn_frontdoor_origin_host_header_override
-  cdn_frontdoor_forwarding_protocol                = var.cdn_frontdoor_forwarding_protocol
-  key_vault_access_users                           = toset(var.key_vault_access_users)
-  key_vault_access_ipv4                            = var.key_vault_access_ipv4
-  tfvars_filename                                  = var.tfvars_filename
-  enable_monitoring                                = var.enable_monitoring
-  enable_container_health_probe                    = var.enable_container_health_probe
-  monitor_email_receivers                          = var.monitor_email_receivers
-  existing_logic_app_workflow                      = var.existing_logic_app_workflow
-  enable_container_app_blob_storage                = var.enable_container_app_blob_storage
-  container_app_blob_storage_ipv4_allow_list       = var.container_app_blob_storage_ipv4_allow_list
-  container_app_blob_storage_public_access_enabled = var.container_app_blob_storage_public_access_enabled
-  existing_network_watcher_name                    = var.existing_network_watcher_name
-  existing_network_watcher_resource_group_name     = var.existing_network_watcher_resource_group_name
-  enable_redis_cache                               = var.enable_redis_cache
-  statuscake_monitored_resource_addresses          = var.statuscake_monitored_resource_addresses
-  statuscake_contact_group_name                    = var.statuscake_contact_group_name
-  statuscake_contact_group_integrations            = var.statuscake_contact_group_integrations
-  statuscake_contact_group_email_addresses         = var.statuscake_contact_group_email_addresses
+  environment                                  = var.environment
+  project_name                                 = var.project_name
+  azure_location                               = var.azure_location
+  tags                                         = var.tags
+  virtual_network_address_space                = var.virtual_network_address_space
+  enable_container_registry                    = var.enable_container_registry
+  image_name                                   = var.image_name
+  container_command                            = var.container_command
+  container_secret_environment_variables       = var.container_secret_environment_variables
+  container_max_replicas                       = var.container_max_replicas
+  enable_cdn_frontdoor                         = var.enable_cdn_frontdoor
+  enable_event_hub                             = var.enable_event_hub
+  enable_logstash_consumer                     = var.enable_logstash_consumer
+  eventhub_export_log_analytics_table_names    = var.eventhub_export_log_analytics_table_names
+  enable_dns_zone                              = var.enable_dns_zone
+  dns_zone_domain_name                         = var.dns_zone_domain_name
+  dns_ns_records                               = var.dns_ns_records
+  dns_txt_records                              = var.dns_txt_records
+  dns_a_records                                = var.dns_a_records
+  restrict_container_apps_to_cdn_inbound_only  = var.restrict_container_apps_to_cdn_inbound_only
+  container_apps_allow_ips_inbound             = var.container_apps_allow_ips_inbound
+  cdn_frontdoor_enable_rate_limiting           = var.cdn_frontdoor_enable_rate_limiting
+  cdn_frontdoor_rate_limiting_threshold        = var.cdn_frontdoor_rate_limiting_threshold
+  cdn_frontdoor_host_add_response_headers      = var.cdn_frontdoor_host_add_response_headers
+  cdn_frontdoor_custom_domains                 = var.cdn_frontdoor_custom_domains
+  cdn_frontdoor_host_redirects                 = var.cdn_frontdoor_host_redirects
+  cdn_frontdoor_origin_fqdn_override           = var.cdn_frontdoor_origin_fqdn_override
+  cdn_frontdoor_origin_host_header_override    = var.cdn_frontdoor_origin_host_header_override
+  cdn_frontdoor_forwarding_protocol            = var.cdn_frontdoor_forwarding_protocol
+  key_vault_access_users                       = toset(var.key_vault_access_users)
+  key_vault_access_ipv4                        = var.key_vault_access_ipv4
+  tfvars_filename                              = var.tfvars_filename
+  enable_monitoring                            = var.enable_monitoring
+  enable_container_health_probe                = var.enable_container_health_probe
+  monitor_email_receivers                      = var.monitor_email_receivers
+  existing_logic_app_workflow                  = var.existing_logic_app_workflow
+  enable_container_app_blob_storage            = var.enable_container_app_blob_storage
+  storage_account_ipv4_allow_list              = var.storage_account_ipv4_allow_list
+  storage_account_public_access_enabled        = var.storage_account_public_access_enabled
+  existing_network_watcher_name                = var.existing_network_watcher_name
+  existing_network_watcher_resource_group_name = var.existing_network_watcher_resource_group_name
+  enable_redis_cache                           = var.enable_redis_cache
+  statuscake_monitored_resource_addresses      = var.statuscake_monitored_resource_addresses
+  statuscake_contact_group_name                = var.statuscake_contact_group_name
+  statuscake_contact_group_integrations        = var.statuscake_contact_group_integrations
+  statuscake_contact_group_email_addresses     = var.statuscake_contact_group_email_addresses
 }
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 3edd7562a..c82d894d0 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -211,12 +211,12 @@ variable "enable_container_app_blob_storage" {
   type        = bool
 }
 
-variable "container_app_blob_storage_ipv4_allow_list" {
+variable "storage_account_ipv4_allow_list" {
   description = "A list of public IPv4 address to grant access to the Blob Storage Account"
   type        = list(string)
 }
 
-variable "container_app_blob_storage_public_access_enabled" {
+variable "storage_account_public_access_enabled" {
   description = "Should the Azure Storage Account have Public visibility?"
   type        = bool
 }