Merge pull request #327 from DFE-Digital/tf-override-host-header

Set override option for CDN Origin Hostname and Host Header

terraform/README.md

@@ -152,6 +152,8 @@ No resources.
 | <a name="input_cdn_frontdoor_enable_rate_limiting"></a> [cdn\_frontdoor\_enable\_rate\_limiting](#input\_cdn\_frontdoor\_enable\_rate\_limiting) | Enable CDN Front Door Rate Limiting. This will create a WAF policy, and CDN security policy. For pricing reasons, there will only be one WAF policy created. | `bool` | n/a | yes |
 | <a name="input_cdn_frontdoor_health_probe_path"></a> [cdn\_frontdoor\_health\_probe\_path](#input\_cdn\_frontdoor\_health\_probe\_path) | Specifies the path relative to the origin that is used to determine the health of the origin. | `string` | n/a | yes |
 | <a name="input_cdn_frontdoor_host_add_response_headers"></a> [cdn\_frontdoor\_host\_add\_response\_headers](#input\_cdn\_frontdoor\_host\_add\_response\_headers) | List of response headers to add at the CDN Front Door `[{ "Name" = "Strict-Transport-Security", "value" = "max-age=31536000" }]` | `list(map(string))` | n/a | yes |
+| <a name="input_cdn_frontdoor_origin_fqdn_override"></a> [cdn\_frontdoor\_origin\_fqdn\_override](#input\_cdn\_frontdoor\_origin\_fqdn\_override) | Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN | `string` | `""` | no |
+| <a name="input_cdn_frontdoor_origin_host_header_override"></a> [cdn\_frontdoor\_origin\_host\_header\_override](#input\_cdn\_frontdoor\_origin\_host\_header\_override) | Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host\_name (`cdn_frontdoor_origin_fqdn_override`) | `string` | `""` | no |
 | <a name="input_container_command"></a> [container\_command](#input\_container\_command) | Container command | `list(any)` | n/a | yes |
 | <a name="input_container_health_probe_path"></a> [container\_health\_probe\_path](#input\_container\_health\_probe\_path) | Specifies the path that is used to determine the liveness of the Container | `string` | n/a | yes |
 | <a name="input_container_secret_environment_variables"></a> [container\_secret\_environment\_variables](#input\_container\_secret\_environment\_variables) | Container secret environment variables | `map(string)` | n/a | yes |

terraform/container-apps-hosting.tf

@@ -19,10 +19,12 @@ module "azure_container_apps_hosting" {
   container_command                      = local.container_command
   container_secret_environment_variables = local.container_secret_environment_variables
 
-  enable_cdn_frontdoor                    = local.enable_cdn_frontdoor
-  cdn_frontdoor_enable_rate_limiting      = local.cdn_frontdoor_enable_rate_limiting
-  cdn_frontdoor_host_add_response_headers = local.cdn_frontdoor_host_add_response_headers
-  cdn_frontdoor_custom_domains            = local.cdn_frontdoor_custom_domains
+  enable_cdn_frontdoor                      = local.enable_cdn_frontdoor
+  cdn_frontdoor_enable_rate_limiting        = local.cdn_frontdoor_enable_rate_limiting
+  cdn_frontdoor_host_add_response_headers   = local.cdn_frontdoor_host_add_response_headers
+  cdn_frontdoor_custom_domains              = local.cdn_frontdoor_custom_domains
+  cdn_frontdoor_origin_fqdn_override        = local.cdn_frontdoor_origin_fqdn_override
+  cdn_frontdoor_origin_host_header_override = local.cdn_frontdoor_origin_host_header_override
 
   enable_event_hub = local.enable_event_hub
 

terraform/locals.tf

@@ -22,6 +22,8 @@ locals {
   cdn_frontdoor_enable_rate_limiting           = var.cdn_frontdoor_enable_rate_limiting
   cdn_frontdoor_host_add_response_headers      = var.cdn_frontdoor_host_add_response_headers
   cdn_frontdoor_custom_domains                 = var.cdn_frontdoor_custom_domains
+  cdn_frontdoor_origin_fqdn_override           = var.cdn_frontdoor_origin_fqdn_override
+  cdn_frontdoor_origin_host_header_override    = var.cdn_frontdoor_origin_host_header_override
   container_health_probe_path                  = var.container_health_probe_path
   cdn_frontdoor_health_probe_path              = var.cdn_frontdoor_health_probe_path
   monitor_endpoint_healthcheck                 = var.monitor_endpoint_healthcheck

terraform/variables.tf

@@ -119,6 +119,18 @@ variable "container_health_probe_path" {
   type        = string
 }
 
+variable "cdn_frontdoor_origin_fqdn_override" {
+  description = "Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN"
+  type        = string
+  default     = ""
+}
+
+variable "cdn_frontdoor_origin_host_header_override" {
+  description = "Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host_name (`cdn_frontdoor_origin_fqdn_override`)"
+  type        = string
+  default     = ""
+}
+
 variable "cdn_frontdoor_health_probe_path" {
   description = "Specifies the path relative to the origin that is used to determine the health of the origin."
   type        = string