DFE-Digital · DrizzlyOwl · Nov 3, 2023 · Nov 3, 2023 · Nov 3, 2023 · Nov 3, 2023
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
diff --git a/terraform/README.md b/terraform/README.md
@@ -136,7 +136,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_azure_container_apps_hosting"></a> [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.1.0 |
+| <a name="module_azure_container_apps_hosting"></a> [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.3.1 |
 | <a name="module_azurerm_key_vault"></a> [azurerm\_key\_vault](#module\_azurerm\_key\_vault) | github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars | v0.2.2 |
 | <a name="module_statuscake-tls-monitor"></a> [statuscake-tls-monitor](#module\_statuscake-tls-monitor) | github.com/dfe-digital/terraform-statuscake-tls-monitor | v0.1.2 |
 
@@ -157,8 +157,6 @@ No resources.
 | <a name="input_cdn_frontdoor_origin_fqdn_override"></a> [cdn\_frontdoor\_origin\_fqdn\_override](#input\_cdn\_frontdoor\_origin\_fqdn\_override) | Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN | `string` | `""` | no |
 | <a name="input_cdn_frontdoor_origin_host_header_override"></a> [cdn\_frontdoor\_origin\_host\_header\_override](#input\_cdn\_frontdoor\_origin\_host\_header\_override) | Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host\_name (`cdn_frontdoor_origin_fqdn_override`) | `string` | `""` | no |
 | <a name="input_cdn_frontdoor_rate_limiting_threshold"></a> [cdn\_frontdoor\_rate\_limiting\_threshold](#input\_cdn\_frontdoor\_rate\_limiting\_threshold) | Maximum number of concurrent requests per minute threshold before rate limiting is applied | `number` | n/a | yes |
-| <a name="input_container_app_blob_storage_ipv4_allow_list"></a> [container\_app\_blob\_storage\_ipv4\_allow\_list](#input\_container\_app\_blob\_storage\_ipv4\_allow\_list) | A list of public IPv4 address to grant access to the Blob Storage Account | `list(string)` | n/a | yes |
-| <a name="input_container_app_blob_storage_public_access_enabled"></a> [container\_app\_blob\_storage\_public\_access\_enabled](#input\_container\_app\_blob\_storage\_public\_access\_enabled) | Should the Azure Storage Account have Public visibility? | `bool` | n/a | yes |
 | <a name="input_container_apps_allow_ips_inbound"></a> [container\_apps\_allow\_ips\_inbound](#input\_container\_apps\_allow\_ips\_inbound) | Restricts access to the Container Apps by creating a network security group rule that only allow inbound traffic from the provided list of IPs | `list(string)` | `[]` | no |
 | <a name="input_container_command"></a> [container\_command](#input\_container\_command) | Container command | `list(any)` | n/a | yes |
 | <a name="input_container_max_replicas"></a> [container\_max\_replicas](#input\_container\_max\_replicas) | Container max replicas | `number` | `2` | no |
@@ -192,6 +190,8 @@ No resources.
 | <a name="input_statuscake_contact_group_integrations"></a> [statuscake\_contact\_group\_integrations](#input\_statuscake\_contact\_group\_integrations) | List of Integration IDs to connect to your Contact Group | `list(string)` | `[]` | no |
 | <a name="input_statuscake_contact_group_name"></a> [statuscake\_contact\_group\_name](#input\_statuscake\_contact\_group\_name) | Name of the contact group in StatusCake | `string` | `""` | no |
 | <a name="input_statuscake_monitored_resource_addresses"></a> [statuscake\_monitored\_resource\_addresses](#input\_statuscake\_monitored\_resource\_addresses) | The URLs to perform TLS checks on | `list(string)` | `[]` | no |
+| <a name="input_storage_account_ipv4_allow_list"></a> [storage\_account\_ipv4\_allow\_list](#input\_storage\_account\_ipv4\_allow\_list) | A list of public IPv4 address to grant access to the Blob Storage Account | `list(string)` | n/a | yes |
+| <a name="input_storage_account_public_access_enabled"></a> [storage\_account\_public\_access\_enabled](#input\_storage\_account\_public\_access\_enabled) | Should the Azure Storage Account have Public visibility? | `bool` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to be applied to all resources | `map(string)` | n/a | yes |
 | <a name="input_tfvars_filename"></a> [tfvars\_filename](#input\_tfvars\_filename) | tfvars filename. This ensures that tfvars are kept up to date in Key Vault. | `string` | n/a | yes |
 | <a name="input_virtual_network_address_space"></a> [virtual\_network\_address\_space](#input\_virtual\_network\_address\_space) | Virtual network address space CIDR | `string` | n/a | yes |

diff --git a/terraform/container-apps-hosting.tf b/terraform/container-apps-hosting.tf
@@ -1,5 +1,5 @@
 module "azure_container_apps_hosting" {
-  source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.1.0"
+  source = "github.com/DFE-Digital/terraform-azurerm-container-apps-hosting?ref=v1.3.1"
 
   environment    = local.environment
   project_name   = local.project_name
@@ -44,9 +44,9 @@ module "azure_container_apps_hosting" {
   existing_logic_app_workflow   = local.existing_logic_app_workflow
   enable_container_health_probe = local.enable_container_health_probe
 
-  enable_container_app_blob_storage                = local.enable_container_app_blob_storage
-  container_app_blob_storage_ipv4_allow_list       = local.container_app_blob_storage_ipv4_allow_list
-  container_app_blob_storage_public_access_enabled = local.container_app_blob_storage_public_access_enabled
+  enable_container_app_blob_storage     = local.enable_container_app_blob_storage
+  storage_account_ipv4_allow_list       = local.storage_account_ipv4_allow_list
+  storage_account_public_access_enabled = local.storage_account_public_access_enabled
 
   existing_network_watcher_name                = local.existing_network_watcher_name
   existing_network_watcher_resource_group_name = local.existing_network_watcher_resource_group_name

diff --git a/terraform/locals.tf b/terraform/locals.tf
@@ -1,48 +1,48 @@
 locals {
-  environment                                      = var.environment
-  project_name                                     = var.project_name
-  azure_location                                   = var.azure_location
-  tags                                             = var.tags
-  virtual_network_address_space                    = var.virtual_network_address_space
-  enable_container_registry                        = var.enable_container_registry
-  image_name                                       = var.image_name
-  container_command                                = var.container_command
-  container_secret_environment_variables           = var.container_secret_environment_variables
-  container_max_replicas                           = var.container_max_replicas
-  enable_cdn_frontdoor                             = var.enable_cdn_frontdoor
-  enable_event_hub                                 = var.enable_event_hub
-  enable_logstash_consumer                         = var.enable_logstash_consumer
-  eventhub_export_log_analytics_table_names        = var.eventhub_export_log_analytics_table_names
-  enable_dns_zone                                  = var.enable_dns_zone
-  dns_zone_domain_name                             = var.dns_zone_domain_name
-  dns_ns_records                                   = var.dns_ns_records
-  dns_txt_records                                  = var.dns_txt_records
-  dns_a_records                                    = var.dns_a_records
-  restrict_container_apps_to_cdn_inbound_only      = var.restrict_container_apps_to_cdn_inbound_only
-  container_apps_allow_ips_inbound                 = var.container_apps_allow_ips_inbound
-  cdn_frontdoor_enable_rate_limiting               = var.cdn_frontdoor_enable_rate_limiting
-  cdn_frontdoor_rate_limiting_threshold            = var.cdn_frontdoor_rate_limiting_threshold
-  cdn_frontdoor_host_add_response_headers          = var.cdn_frontdoor_host_add_response_headers
-  cdn_frontdoor_custom_domains                     = var.cdn_frontdoor_custom_domains
-  cdn_frontdoor_host_redirects                     = var.cdn_frontdoor_host_redirects
-  cdn_frontdoor_origin_fqdn_override               = var.cdn_frontdoor_origin_fqdn_override
-  cdn_frontdoor_origin_host_header_override        = var.cdn_frontdoor_origin_host_header_override
-  cdn_frontdoor_forwarding_protocol                = var.cdn_frontdoor_forwarding_protocol
-  key_vault_access_users                           = toset(var.key_vault_access_users)
-  key_vault_access_ipv4                            = var.key_vault_access_ipv4
-  tfvars_filename                                  = var.tfvars_filename
-  enable_monitoring                                = var.enable_monitoring
-  enable_container_health_probe                    = var.enable_container_health_probe
-  monitor_email_receivers                          = var.monitor_email_receivers
-  existing_logic_app_workflow                      = var.existing_logic_app_workflow
-  enable_container_app_blob_storage                = var.enable_container_app_blob_storage
-  container_app_blob_storage_ipv4_allow_list       = var.container_app_blob_storage_ipv4_allow_list
-  container_app_blob_storage_public_access_enabled = var.container_app_blob_storage_public_access_enabled
-  existing_network_watcher_name                    = var.existing_network_watcher_name
-  existing_network_watcher_resource_group_name     = var.existing_network_watcher_resource_group_name
-  enable_redis_cache                               = var.enable_redis_cache
-  statuscake_monitored_resource_addresses          = var.statuscake_monitored_resource_addresses
-  statuscake_contact_group_name                    = var.statuscake_contact_group_name
-  statuscake_contact_group_integrations            = var.statuscake_contact_group_integrations
-  statuscake_contact_group_email_addresses         = var.statuscake_contact_group_email_addresses
+  environment                                  = var.environment
+  project_name                                 = var.project_name
+  azure_location                               = var.azure_location
+  tags                                         = var.tags
+  virtual_network_address_space                = var.virtual_network_address_space
+  enable_container_registry                    = var.enable_container_registry
+  image_name                                   = var.image_name
+  container_command                            = var.container_command
+  container_secret_environment_variables       = var.container_secret_environment_variables
+  container_max_replicas                       = var.container_max_replicas
+  enable_cdn_frontdoor                         = var.enable_cdn_frontdoor
+  enable_event_hub                             = var.enable_event_hub
+  enable_logstash_consumer                     = var.enable_logstash_consumer
+  eventhub_export_log_analytics_table_names    = var.eventhub_export_log_analytics_table_names
+  enable_dns_zone                              = var.enable_dns_zone
+  dns_zone_domain_name                         = var.dns_zone_domain_name
+  dns_ns_records                               = var.dns_ns_records
+  dns_txt_records                              = var.dns_txt_records
+  dns_a_records                                = var.dns_a_records
+  restrict_container_apps_to_cdn_inbound_only  = var.restrict_container_apps_to_cdn_inbound_only
+  container_apps_allow_ips_inbound             = var.container_apps_allow_ips_inbound
+  cdn_frontdoor_enable_rate_limiting           = var.cdn_frontdoor_enable_rate_limiting
+  cdn_frontdoor_rate_limiting_threshold        = var.cdn_frontdoor_rate_limiting_threshold
+  cdn_frontdoor_host_add_response_headers      = var.cdn_frontdoor_host_add_response_headers
+  cdn_frontdoor_custom_domains                 = var.cdn_frontdoor_custom_domains
+  cdn_frontdoor_host_redirects                 = var.cdn_frontdoor_host_redirects
+  cdn_frontdoor_origin_fqdn_override           = var.cdn_frontdoor_origin_fqdn_override
+  cdn_frontdoor_origin_host_header_override    = var.cdn_frontdoor_origin_host_header_override
+  cdn_frontdoor_forwarding_protocol            = var.cdn_frontdoor_forwarding_protocol
+  key_vault_access_users                       = toset(var.key_vault_access_users)
+  key_vault_access_ipv4                        = var.key_vault_access_ipv4
+  tfvars_filename                              = var.tfvars_filename
+  enable_monitoring                            = var.enable_monitoring
+  enable_container_health_probe                = var.enable_container_health_probe
+  monitor_email_receivers                      = var.monitor_email_receivers
+  existing_logic_app_workflow                  = var.existing_logic_app_workflow
+  enable_container_app_blob_storage            = var.enable_container_app_blob_storage
+  storage_account_ipv4_allow_list              = var.storage_account_ipv4_allow_list
+  storage_account_public_access_enabled        = var.storage_account_public_access_enabled
+  existing_network_watcher_name                = var.existing_network_watcher_name
+  existing_network_watcher_resource_group_name = var.existing_network_watcher_resource_group_name
+  enable_redis_cache                           = var.enable_redis_cache
+  statuscake_monitored_resource_addresses      = var.statuscake_monitored_resource_addresses
+  statuscake_contact_group_name                = var.statuscake_contact_group_name
+  statuscake_contact_group_integrations        = var.statuscake_contact_group_integrations
+  statuscake_contact_group_email_addresses     = var.statuscake_contact_group_email_addresses
 }
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -211,12 +211,12 @@ variable "enable_container_app_blob_storage" {
   type        = bool
 }
 
-variable "container_app_blob_storage_ipv4_allow_list" {
+variable "storage_account_ipv4_allow_list" {
   description = "A list of public IPv4 address to grant access to the Blob Storage Account"
   type        = list(string)
 }
 
-variable "container_app_blob_storage_public_access_enabled" {
+variable "storage_account_public_access_enabled" {
   description = "Should the Azure Storage Account have Public visibility?"
   type        = bool
 }