feat: configure client certificate and public network access #215
Conversation
There was a problem hiding this comment.
Changes related to client certificate and public network access look good 😄 🙌 Added a few suggestions for minor improvements. We'll also have to implement the same changes for the azurerm_windows_web_app.this resource.
In regards to the Log Analytics change: Is the goal to allow users to prevent the creation of the azurerm_monitor_diagnostic_setting.this resource? If yes, what's the reason for this request? (please note that this is a public repository, so no information related specifically to your company should be shared here. Feel free to contact me directly to explain your case.)
hknutsen
changed the title
Co-authored-by: Henrik Simonsen Knutsen <[email protected]>
Co-authored-by: Henrik Simonsen Knutsen <[email protected]>
Co-authored-by: Henrik Simonsen Knutsen <[email protected]>
|
Thanks for the swift response @hknutsen. I have committed your suggestion and its looks good to me. Also, client certificate and public network access changes already applied to In regards to the Log Analytics change: Is the goal to allow users to prevent the creation of the azurerm_monitor_diagnostic_setting.this resource? If yes, what's the reason for this request? (please note that this is a public repository, so no information related specifically to your company should be shared here. Feel free to contact me directly to explain your case.) Yes, the goal is to allow users to prevent the creation of the azurerm_monitor_diagnostic_setting.this resource because we aim to provide flexibility in scenarios where logging is not required or desired. |
Didn't notice in my initial review, but yes, this looks to already be in place.
I think it would be a good idea to remove the changes to related to the diagnostic setting in this PR, then create a separate PR where we can continue to discuss a potential implementation. |
|
I'll create a quick PR with a suggested implementation for conditional diagnostic setting. Update: see #216 |
…n029/terraform-azurerm-web-app into feat/logging_public_network
|
Really appreciate your prompt response @hknutsen. I have removed log diagnostic setting. |
We used this module internally and made some changes which need to be compliant as per internal compliance policy.
Below are the changes -
log_analytics_workspace_id was mandate before now we have added a variable to handle it if this can be used or can be skip using the following logs_analytics_enable.
We have added 2 more attributes to the webapp client_certificate_mode & client_certificate_enabled and we parameterized this attribute the public_network_access_enabled.
We have done a testing with these changes and it is working as expected.