diff --git a/src/aks-platform/02_aks.tf b/src/aks-platform/02_aks.tf
index 8094c2ff9..43e4c1733 100644
--- a/src/aks-platform/02_aks.tf
+++ b/src/aks-platform/02_aks.tf
@@ -7,7 +7,7 @@ resource "azurerm_resource_group" "aks_rg" {
module "aks" {
- source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_cluster?ref=v8.58.0"
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_cluster?ref=v8.66.1"
name = local.aks_name
location = var.location
diff --git a/src/aks-platform/README.md b/src/aks-platform/README.md
index a2101f84c..ccde18514 100644
--- a/src/aks-platform/README.md
+++ b/src/aks-platform/README.md
@@ -15,7 +15,7 @@
| Name | Source | Version |
|------|--------|---------|
-| [aks](#module\_aks) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_cluster | v8.58.0 |
+| [aks](#module\_aks) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_cluster | v8.66.1 |
| [aks\_snet](#module\_aks\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v8.53.0 |
| [keda\_pod\_identity](#module\_keda\_pod\_identity) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity | v8.53.0 |
| [monitoring\_pod\_identity](#module\_monitoring\_pod\_identity) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity | v8.53.0 |
diff --git a/src/domains/ecommerce-app/README.md b/src/domains/ecommerce-app/README.md
index 7045d5b71..8a2798a45 100644
--- a/src/domains/ecommerce-app/README.md
+++ b/src/domains/ecommerce-app/README.md
@@ -201,13 +201,13 @@
| [log\_analytics\_workspace\_name](#input\_log\_analytics\_workspace\_name) | Specifies the name of the Log Analytics Workspace. | `string` | n/a | yes |
| [log\_analytics\_workspace\_resource\_group\_name](#input\_log\_analytics\_workspace\_resource\_group\_name) | The name of the resource group in which the Log Analytics workspace is located in. | `string` | n/a | yes |
| [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes |
-| [pagopa\_vpn](#input\_pagopa\_vpn) | pagoPA on prem VPN | object({
ips = list(string)
}) | n/a | yes |
-| [pagopa\_vpn\_dr](#input\_pagopa\_vpn\_dr) | pagoPA on prem VPN DR | object({
ips = list(string)
}) | n/a | yes |
+| [pagopa\_vpn](#input\_pagopa\_vpn) | pagoPA on prem VPN | object({
ips = list(string)
}) | n/a | yes |
+| [pagopa\_vpn\_dr](#input\_pagopa\_vpn\_dr) | pagoPA on prem VPN DR | object({
ips = list(string)
}) | n/a | yes |
| [pdv\_api\_base\_path](#input\_pdv\_api\_base\_path) | Personal data vault api base path | `string` | `null` | no |
-| [pod\_disruption\_budgets](#input\_pod\_disruption\_budgets) | Pod disruption budget for domain namespace | map(object({
name = optional(string, null)
minAvailable = optional(number, null)
matchLabels = optional(map(any), {})
})) | `{}` | no |
+| [pod\_disruption\_budgets](#input\_pod\_disruption\_budgets) | Pod disruption budget for domain namespace | map(object({
name = optional(string, null)
minAvailable = optional(number, null)
matchLabels = optional(map(any), {})
})) | `{}` | no |
| [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
-| [tls\_cert\_check\_helm](#input\_tls\_cert\_check\_helm) | tls cert helm chart configuration | object({
chart_version = string,
image_name = string,
image_tag = string
}) | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [tls\_cert\_check\_helm](#input\_tls\_cert\_check\_helm) | tls cert helm chart configuration | object({
chart_version = string,
image_name = string,
image_tag = string
}) | n/a | yes |
## Outputs
diff --git a/src/domains/ecommerce-common/README.md b/src/domains/ecommerce-common/README.md
index 2f2e98d43..badaaf8f6 100644
--- a/src/domains/ecommerce-common/README.md
+++ b/src/domains/ecommerce-common/README.md
@@ -158,13 +158,13 @@
| [cidr\_subnet\_cosmosdb\_ecommerce](#input\_cidr\_subnet\_cosmosdb\_ecommerce) | Cosmos DB address space for ecommerce. | `list(string)` | n/a | yes |
| [cidr\_subnet\_redis\_ecommerce](#input\_cidr\_subnet\_redis\_ecommerce) | Redis DB address space for ecommerce. | `list(string)` | n/a | yes |
| [cidr\_subnet\_storage\_ecommerce](#input\_cidr\_subnet\_storage\_ecommerce) | Azure storage DB address space for ecommerce. | `list(string)` | n/a | yes |
-| [cosmos\_mongo\_db\_ecommerce\_history\_params](#input\_cosmos\_mongo\_db\_ecommerce\_history\_params) | n/a | object({
enable_serverless = bool
enable_autoscaling = bool
throughput = number
max_throughput = number
}) | n/a | yes |
-| [cosmos\_mongo\_db\_ecommerce\_params](#input\_cosmos\_mongo\_db\_ecommerce\_params) | n/a | object({
enable_serverless = bool
enable_autoscaling = bool
throughput = number
max_throughput = number
}) | n/a | yes |
-| [cosmos\_mongo\_db\_params](#input\_cosmos\_mongo\_db\_params) | n/a | object({
enabled = bool
capabilities = list(string)
offer_type = string
server_version = string
kind = string
consistency_policy = object({
consistency_level = string
max_interval_in_seconds = number
max_staleness_prefix = number
})
enable_free_tier = bool
main_geo_location_zone_redundant = bool
additional_geo_locations = list(object({
location = string
failover_priority = number
zone_redundant = bool
}))
private_endpoint_enabled = bool
public_network_access_enabled = bool
is_virtual_network_filter_enabled = bool
backup_continuous_enabled = bool
enable_provisioned_throughput_exceeded_alert = bool
}) | n/a | yes |
+| [cosmos\_mongo\_db\_ecommerce\_history\_params](#input\_cosmos\_mongo\_db\_ecommerce\_history\_params) | n/a | object({
enable_serverless = bool
enable_autoscaling = bool
throughput = number
max_throughput = number
}) | n/a | yes |
+| [cosmos\_mongo\_db\_ecommerce\_params](#input\_cosmos\_mongo\_db\_ecommerce\_params) | n/a | object({
enable_serverless = bool
enable_autoscaling = bool
throughput = number
max_throughput = number
}) | n/a | yes |
+| [cosmos\_mongo\_db\_params](#input\_cosmos\_mongo\_db\_params) | n/a | object({
enabled = bool
capabilities = list(string)
offer_type = string
server_version = string
kind = string
consistency_policy = object({
consistency_level = string
max_interval_in_seconds = number
max_staleness_prefix = number
})
enable_free_tier = bool
main_geo_location_zone_redundant = bool
additional_geo_locations = list(object({
location = string
failover_priority = number
zone_redundant = bool
}))
private_endpoint_enabled = bool
public_network_access_enabled = bool
is_virtual_network_filter_enabled = bool
backup_continuous_enabled = bool
enable_provisioned_throughput_exceeded_alert = bool
}) | n/a | yes |
| [dns\_zone\_internal\_prefix](#input\_dns\_zone\_internal\_prefix) | The dns subdomain. | `string` | `null` | no |
| [domain](#input\_domain) | n/a | `string` | n/a | yes |
-| [ecommerce\_storage\_deadletter\_params](#input\_ecommerce\_storage\_deadletter\_params) | Azure storage DB params for ecommerce deadletter resources. | object({
enabled = bool,
kind = string,
tier = string,
account_replication_type = string,
advanced_threat_protection = bool,
retention_days = number,
public_network_access_enabled = bool,
}) | {
"account_replication_type": "LRS",
"advanced_threat_protection": true,
"enabled": false,
"kind": "StorageV2",
"public_network_access_enabled": false,
"retention_days": 7,
"tier": "Standard"
} | no |
-| [ecommerce\_storage\_transient\_params](#input\_ecommerce\_storage\_transient\_params) | Azure storage DB params for ecommerce transient resources. | object({
enabled = bool,
kind = string,
tier = string,
account_replication_type = string,
advanced_threat_protection = bool,
retention_days = number,
public_network_access_enabled = bool,
}) | {
"account_replication_type": "LRS",
"advanced_threat_protection": true,
"enabled": false,
"kind": "StorageV2",
"public_network_access_enabled": false,
"retention_days": 7,
"tier": "Standard"
} | no |
+| [ecommerce\_storage\_deadletter\_params](#input\_ecommerce\_storage\_deadletter\_params) | Azure storage DB params for ecommerce deadletter resources. | object({
enabled = bool,
kind = string,
tier = string,
account_replication_type = string,
advanced_threat_protection = bool,
retention_days = number,
public_network_access_enabled = bool,
}) | {
"account_replication_type": "LRS",
"advanced_threat_protection": true,
"enabled": false,
"kind": "StorageV2",
"public_network_access_enabled": false,
"retention_days": 7,
"tier": "Standard"
} | no |
+| [ecommerce\_storage\_transient\_params](#input\_ecommerce\_storage\_transient\_params) | Azure storage DB params for ecommerce transient resources. | object({
enabled = bool,
kind = string,
tier = string,
account_replication_type = string,
advanced_threat_protection = bool,
retention_days = number,
public_network_access_enabled = bool,
}) | {
"account_replication_type": "LRS",
"advanced_threat_protection": true,
"enabled": false,
"kind": "StorageV2",
"public_network_access_enabled": false,
"retention_days": 7,
"tier": "Standard"
} | no |
| [enable\_iac\_pipeline](#input\_enable\_iac\_pipeline) | If true create the key vault policy to allow used by azure devops iac pipelines. | `bool` | `false` | no |
| [env](#input\_env) | n/a | `string` | n/a | yes |
| [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes |
@@ -177,8 +177,8 @@
| [log\_analytics\_workspace\_resource\_group\_name](#input\_log\_analytics\_workspace\_resource\_group\_name) | The name of the resource group in which the Log Analytics workspace is located in. | `string` | n/a | yes |
| [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes |
| [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
-| [redis\_ecommerce\_params](#input\_redis\_ecommerce\_params) | n/a | object({
capacity = number
sku_name = string
family = string
version = string
ha_enabled = bool
zones = list(number)
}) | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [redis\_ecommerce\_params](#input\_redis\_ecommerce\_params) | n/a | object({
capacity = number
sku_name = string
family = string
version = string
ha_enabled = bool
zones = list(number)
}) | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
## Outputs
diff --git a/src/domains/qi-app/README.md b/src/domains/qi-app/README.md
index 207cb8821..3afe6b10d 100644
--- a/src/domains/qi-app/README.md
+++ b/src/domains/qi-app/README.md
@@ -18,8 +18,10 @@
|------|--------|---------|
| [\_\_v3\_\_](#module\_\_\_v3\_\_) | git::https://github.com/pagopa/terraform-azurerm-v3 | 3fc1dafaf4354e24ca8673005ec0caf4106343a3 |
| [apim\_pagopa\_qi\_fdr\_kpi\_service\_api](#module\_apim\_pagopa\_qi\_fdr\_kpi\_service\_api) | ./.terraform/modules/__v3__/api_management_api | n/a |
+| [apim\_pagopa\_qi\_smo\_jira\_tickets\_service\_api](#module\_apim\_pagopa\_qi\_smo\_jira\_tickets\_service\_api) | ./.terraform/modules/__v3__/api_management_api | n/a |
| [apim\_qi\_fdr\_product](#module\_apim\_qi\_fdr\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
| [apim\_qi\_product](#module\_apim\_qi\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
+| [apim\_qi\_smo\_jira\_tickets\_product](#module\_apim\_qi\_smo\_jira\_tickets\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
| [pod\_identity](#module\_pod\_identity) | ./.terraform/modules/__v3__/kubernetes_pod_identity | n/a |
| [tls\_checker](#module\_tls\_checker) | ./.terraform/modules/__v3__/tls_checker | n/a |
@@ -28,6 +30,7 @@
| Name | Type |
|------|------|
| [azurerm_api_management_api_version_set.pagopa_qi_fdr_kpi_service_api](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_version_set) | resource |
+| [azurerm_api_management_api_version_set.pagopa_qi_smo_jira_tickets_service_api](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_version_set) | resource |
| [azurerm_key_vault_secret.aks_apiserver_url](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.azure_devops_sa_cacrt](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.azure_devops_sa_token](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
diff --git a/src/domains/qi-common/02_security.tf b/src/domains/qi-common/02_security.tf
index 62aa1ef5d..b4d8050b2 100644
--- a/src/domains/qi-common/02_security.tf
+++ b/src/domains/qi-common/02_security.tf
@@ -170,3 +170,44 @@ module "letsencrypt_qi" {
key_vault_name = "${local.product}-${var.domain}-kv"
subscription_name = local.subscription_name
}
+
+### TODO migrate in SOPS
+resource "azurerm_key_vault_secret" "azure_data_explorer_re_client_id" {
+ name = "azure-data-explorer-re-client-id"
+ value = ""
+ content_type = "text/plain"
+ key_vault_id = module.key_vault.id
+
+ lifecycle {
+ ignore_changes = [
+ value,
+ ]
+ }
+}
+
+### TODO migrate in SOPS
+resource "azurerm_key_vault_secret" "azure_data_explorer_re_application_key" {
+ name = "azure-data-explorer-re-application-key"
+ value = ""
+ content_type = "text/plain"
+ key_vault_id = module.key_vault.id
+
+ lifecycle {
+ ignore_changes = [
+ value,
+ ]
+ }
+}
+
+### TODO migrate in SOPS
+resource "azurerm_key_vault_secret" "elastic_otel_token_header" {
+ name = "elastic-otel-token-header"
+ value = ""
+ key_vault_id = module.key_vault.id
+
+ lifecycle {
+ ignore_changes = [
+ value,
+ ]
+ }
+}
\ No newline at end of file
diff --git a/src/domains/qi-common/README.md b/src/domains/qi-common/README.md
index 005bc3cef..ae5b26fd9 100644
--- a/src/domains/qi-common/README.md
+++ b/src/domains/qi-common/README.md
@@ -27,10 +27,13 @@
| [azurerm_key_vault_access_policy.azdevops_iac_managed_identities](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_access_policy.azdevops_iac_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_secret.ai_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.azure_data_explorer_re_application_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.azure_data_explorer_re_client_id](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.ehub_alert_qi_rx_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.ehub_alert_qi_rx_debug_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.ehub_alert_qi_rx_pdnd_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.ehub_alert_qi_tx_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.elastic_otel_token_header](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_key_vault_secret.qi_azurewebjobsstorage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
| [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource |
| [azurerm_resource_group.qi_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |