From 4a1d3aea9816e37af54469040328e370d67ad41b Mon Sep 17 00:00:00 2001
From: pasqualespica <36746022+pasqualespica@users.noreply.github.com>
Date: Fri, 18 Oct 2024 12:06:49 +0200
Subject: [PATCH] fix

---
 src/domains/afm-common/03_cosmosdb_afm.tf     | 28 +++++++++++++++++++
 src/domains/afm-common/README.md              |  6 ++--
 src/domains/observability/.terraform.lock.hcl | 19 -------------
 .../observability/env/prod/terraform.tfvars   | 10 +++----
 4 files changed, 36 insertions(+), 27 deletions(-)

diff --git a/src/domains/afm-common/03_cosmosdb_afm.tf b/src/domains/afm-common/03_cosmosdb_afm.tf
index 903d32aa93..0c46464898 100644
--- a/src/domains/afm-common/03_cosmosdb_afm.tf
+++ b/src/domains/afm-common/03_cosmosdb_afm.tf
@@ -175,3 +175,31 @@ module "afm_marketplace_cosmosdb_containers" {
 
   autoscale_settings = contains(var.afm_marketplace_cosmos_db_params.capabilities, "EnableServerless") ? null : lookup(each.value, "autoscale_settings", null)
 }
+
+# private_endpoint subresource_names analytical
+# resource "azurerm_private_endpoint" "afm_cosmos_analytical_private_endpoint" {
+#   count = var.env_short == "d" ? 0 : 1
+
+#   name                = format("%s-analytical-private-endpoint", local.project)
+#   location            = var.location
+#   resource_group_name = azurerm_resource_group.afm_rg.name
+#   subnet_id           = module.afm_marketplace_cosmosdb_snet.id
+
+#   private_dns_zone_group {
+#     name                 = "${local.project}-analytical-cosmos-private-dns-zone-group"
+#     private_dns_zone_ids = [data.azurerm_private_dns_zone.cosmos.id]
+#   }
+
+#   private_service_connection {
+#     name                           = "${local.project}-analytical-cosmos-private-service-connection"
+#     private_connection_resource_id = module.afm_marketplace_cosmosdb_account.id
+#     is_manual_connection           = false
+#     subresource_names              = ["Analytical"]
+#   }
+
+#   tags = var.tags
+
+#   depends_on = [
+#     module.afm_marketplace_cosmosdb_account
+#   ]
+# }
\ No newline at end of file
diff --git a/src/domains/afm-common/README.md b/src/domains/afm-common/README.md
index 5f23a37e38..a13665e366 100644
--- a/src/domains/afm-common/README.md
+++ b/src/domains/afm-common/README.md
@@ -66,8 +66,8 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_afm_marketplace_cosmos_db_params"></a> [afm\_marketplace\_cosmos\_db\_params](#input\_afm\_marketplace\_cosmos\_db\_params) | n/a | <pre>object({<br>    kind           = string<br>    capabilities   = list(string)<br>    offer_type     = string<br>    server_version = string<br>    consistency_policy = object({<br>      consistency_level       = string<br>      max_interval_in_seconds = number<br>      max_staleness_prefix    = number<br>    })<br>    main_geo_location_zone_redundant = bool<br>    enable_free_tier                 = bool<br>    additional_geo_locations = list(object({<br>      location          = string<br>      failover_priority = number<br>      zone_redundant    = bool<br>    }))<br>    private_endpoint_enabled          = bool<br>    public_network_access_enabled     = bool<br>    is_virtual_network_filter_enabled = bool<br>    backup_continuous_enabled         = bool<br>  })</pre> | n/a | yes |
-| <a name="input_afm_storage_params"></a> [afm\_storage\_params](#input\_afm\_storage\_params) | n/a | <pre>object({<br>    enable_backup                 = optional(bool, false)<br>    enabled                       = bool,<br>    kind                          = string,<br>    tier                          = string,<br>    account_replication_type      = string,<br>    advanced_threat_protection    = bool,<br>    retention_days                = number,<br>    public_network_access_enabled = bool,<br>    backup_retention_days         = optional(number, 0)<br>  })</pre> | <pre>{<br>  "account_replication_type": "LRS",<br>  "advanced_threat_protection": false,<br>  "backup_retention_days": 0,<br>  "enable_backup": false,<br>  "enabled": false,<br>  "kind": "StorageV2",<br>  "public_network_access_enabled": false,<br>  "retention_days": 30,<br>  "tier": "Standard"<br>}</pre> | no |
+| <a name="input_afm_marketplace_cosmos_db_params"></a> [afm\_marketplace\_cosmos\_db\_params](#input\_afm\_marketplace\_cosmos\_db\_params) | n/a | <pre>object({<br/>    kind           = string<br/>    capabilities   = list(string)<br/>    offer_type     = string<br/>    server_version = string<br/>    consistency_policy = object({<br/>      consistency_level       = string<br/>      max_interval_in_seconds = number<br/>      max_staleness_prefix    = number<br/>    })<br/>    main_geo_location_zone_redundant = bool<br/>    enable_free_tier                 = bool<br/>    additional_geo_locations = list(object({<br/>      location          = string<br/>      failover_priority = number<br/>      zone_redundant    = bool<br/>    }))<br/>    private_endpoint_enabled          = bool<br/>    public_network_access_enabled     = bool<br/>    is_virtual_network_filter_enabled = bool<br/>    backup_continuous_enabled         = bool<br/>  })</pre> | n/a | yes |
+| <a name="input_afm_storage_params"></a> [afm\_storage\_params](#input\_afm\_storage\_params) | n/a | <pre>object({<br/>    enable_backup                 = optional(bool, false)<br/>    enabled                       = bool,<br/>    kind                          = string,<br/>    tier                          = string,<br/>    account_replication_type      = string,<br/>    advanced_threat_protection    = bool,<br/>    retention_days                = number,<br/>    public_network_access_enabled = bool,<br/>    backup_retention_days         = optional(number, 0)<br/>  })</pre> | <pre>{<br/>  "account_replication_type": "LRS",<br/>  "advanced_threat_protection": false,<br/>  "backup_retention_days": 0,<br/>  "enable_backup": false,<br/>  "enabled": false,<br/>  "kind": "StorageV2",<br/>  "public_network_access_enabled": false,<br/>  "retention_days": 30,<br/>  "tier": "Standard"<br/>}</pre> | no |
 | <a name="input_application_insights_name"></a> [application\_insights\_name](#input\_application\_insights\_name) | Specifies the name of the Application Insights. | `string` | n/a | yes |
 | <a name="input_cidr_subnet_afm_marketplace_cosmosdb"></a> [cidr\_subnet\_afm\_marketplace\_cosmosdb](#input\_cidr\_subnet\_afm\_marketplace\_cosmosdb) | Cosmos DB address space | `list(string)` | `null` | no |
 | <a name="input_dns_zone_internal_prefix"></a> [dns\_zone\_internal\_prefix](#input\_dns\_zone\_internal\_prefix) | The dns subdomain. | `string` | `null` | no |
@@ -84,7 +84,7 @@
 | <a name="input_log_analytics_workspace_resource_group_name"></a> [log\_analytics\_workspace\_resource\_group\_name](#input\_log\_analytics\_workspace\_resource\_group\_name) | The name of the resource group in which the Log Analytics workspace is located in. | `string` | n/a | yes |
 | <a name="input_monitor_resource_group_name"></a> [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br>  "CreatedBy": "Terraform"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br/>  "CreatedBy": "Terraform"<br/>}</pre> | no |
 
 ## Outputs
 
diff --git a/src/domains/observability/.terraform.lock.hcl b/src/domains/observability/.terraform.lock.hcl
index 9f1c53e9f9..60c6529ded 100644
--- a/src/domains/observability/.terraform.lock.hcl
+++ b/src/domains/observability/.terraform.lock.hcl
@@ -1,25 +1,6 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 
-provider "registry.terraform.io/azure/azapi" {
-  version = "1.15.0"
-  hashes = [
-    "h1:5aoSqVISTygtAD42asvbglV/bMqjMvTA2RmuuPz87Ic=",
-    "zh:0627a8bc77254debc25dc0c7b62e055138217c97b03221e593c3c56dc7550671",
-    "zh:2fe045f07070ef75d0bec4b0595a74c14394daa838ddb964e2fd23cc98c40c34",
-    "zh:343009f39c957883b2c06145a5954e524c70f93585f943f1ea3d28ef6995d0d0",
-    "zh:53fe9ab54485aaebc9b91e27a10bce2729a1c95b1399079e631dc6bb9e3f27dc",
-    "zh:63c407e7dc04d178d4798c17ad489d9cc92f7d1941d7f4a3f560b95908b6107b",
-    "zh:7d6fc2b432b264f036bb80ab2b2ba67f80a5d98da8a8c322aa097833dad598c9",
-    "zh:7ec49c0a8799d469eb6e2a1f856693f9862f1b73f5ed70adc1b346e5a4c6458d",
-    "zh:889704f10319d301d677539d788fc82a7c73608ab78cb93e1280ac2be39e6e00",
-    "zh:90b4b07405b7cde9ebae3b034cb5bb5dd18484d1b95bd250f905451f1e86ac3f",
-    "zh:92aa9c241a8cb2a6d81ad47bc007c119f8b818464a960ebaf39008766c361e6b",
-    "zh:f28fbd0a2c59e239b53067bc1adc691be444876bcb2d4f78d310f549724da6e0",
-    "zh:ffb15e0ddfa505d0e9b75341570199076ae574887124f398162b1ead9376b25f",
-  ]
-}
-
 provider "registry.terraform.io/hashicorp/azuread" {
   version     = "2.21.0"
   constraints = "2.21.0"
diff --git a/src/domains/observability/env/prod/terraform.tfvars b/src/domains/observability/env/prod/terraform.tfvars
index a96cf4313a..450ae45295 100644
--- a/src/domains/observability/env/prod/terraform.tfvars
+++ b/src/domains/observability/env/prod/terraform.tfvars
@@ -52,10 +52,10 @@ external_domain      = "NOT_USED"
 apim_dns_zone_prefix = "NOT_USED"
 
 # observability Ingestion cfg
-observability_storage_account_replication_type = "GZRS"
-enable_sa_backup                               = true
-cidr_subnet_observability_storage              = ["10.3.14.0/27"]
-cidr_subnet_observability_evh                  = ["10.3.14.32/27"]
+# observability_storage_account_replication_type = "GZRS" # Standard_GZRS, Kind: StorageV2 is not available in zone.
+enable_sa_backup                  = true
+cidr_subnet_observability_storage = ["10.3.14.0/27"]
+cidr_subnet_observability_evh     = ["10.3.14.32/27"]
 # <free>= ["10.3.14.64/27"]
 # <free>= ["10.3.14.96/27"]
 # <free>= ["10.3.14.128/27"]
@@ -76,7 +76,7 @@ ehns_zone_redundant           = true
 ehns_public_network_access       = false
 ehns_private_endpoint_is_present = true
 
-eventhubs_04 = [
+eventhubs = [
   {
     name              = "gec-ingestion-bundles-dl"
     partitions        = 32