microsoft · ShakutaiGit · Jan 2, 2025 · Dec 31, 2024 · Dec 31, 2024 · Dec 31, 2024
diff --git a/templates/workspace_services/guacamole/porter.yaml b/templates/workspace_services/guacamole/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole
-version: 0.12.5
+version: 0.12.6
 description: "An Azure TRE service for Guacamole"
 dockerfile: Dockerfile.tmpl
 registry: azuretre

diff --git a/templates/workspace_services/guacamole/terraform/data.tf b/templates/workspace_services/guacamole/terraform/data.tf
@@ -71,3 +71,8 @@ data "azurerm_monitor_diagnostic_categories" "guacamole" {
     azurerm_linux_web_app.guacamole,
   ]
 }
+
+data "azurerm_service_plan" "workspace" {
+  name                = "plan-${var.workspace_id}"
+  resource_group_name = data.azurerm_resource_group.ws.name
+}
diff --git a/templates/workspace_services/guacamole/terraform/web_app.tf b/templates/workspace_services/guacamole/terraform/web_app.tf
@@ -1,8 +1,3 @@
-data "azurerm_service_plan" "workspace" {
-  name                = "plan-${var.workspace_id}"
-  resource_group_name = data.azurerm_resource_group.ws.name
-}
-
 # we have to use user-assigned to break a cycle in the dependencies: app identity, kv-policy, secrets in app settings
 resource "azurerm_user_assigned_identity" "guacamole_id" {
   resource_group_name = data.azurerm_resource_group.ws.name
@@ -24,6 +19,7 @@ resource "azurerm_linux_web_app" "guacamole" {
   ftp_publish_basic_authentication_enabled       = false
   webdeploy_publish_basic_authentication_enabled = false
   tags                                           = local.workspace_service_tags
+  public_network_access_enabled                  = var.is_exposed_externally
 
   site_config {
     http2_enabled                                 = true