Merge pull request #74 from Shenali-SJ/main

[main] Update SSL profile configuration in Application Gateway

modules/azurerm/Application-Gateway/application_gateway.tf

@@ -88,19 +88,15 @@ resource "azurerm_application_gateway" "app_gateway" {
     }
   }
 
-  ssl_policy {
-    policy_type = "Predefined"
-    policy_name = var.ssl_policy_name
-  }
-
   dynamic "ssl_profile" {
     for_each = var.ssl_profiles
 
     content {
       name = ssl_profile.value.name
       ssl_policy {
-        policy_type   = ssl_profile.value.ssl_policy.profile_policy_type
-        cipher_suites = ssl_profile.value.ssl_policy.profile_cipher_suites
+        min_protocol_version = ssl_profile.value.ssl_policy.min_protocol_version
+        policy_type          = ssl_profile.value.ssl_policy.profile_policy_type
+        cipher_suites        = ssl_profile.value.ssl_policy.profile_cipher_suites
       }
     }
   }
@@ -271,7 +267,8 @@ resource "azurerm_application_gateway" "app_gateway" {
       redirect_configuration,
       tags,
       trusted_root_certificate,
-      identity
+      identity,
+      trusted_client_certificate
     ]
   }
 }

modules/azurerm/Application-Gateway/variables.tf

@@ -160,18 +160,13 @@ variable "waf_exclusion_settings" {
   type        = list(map(string))
 }
 
-variable "ssl_policy_name" {
-  default     = "AppGwSslPolicy20170401S"
-  description = "Name of the SSLPolicy to use with Appgw"
-  type        = string
-}
-
 variable "ssl_profiles" {
   default     = {}
   description = "The SSL profile to be associate with a listener"
   type = map(object({
     name = string
     ssl_policy = object({
+      min_protocol_version  = string
       profile_policy_type   = string
       profile_cipher_suites = list(string)
     })