diff --git a/terraform/README.md b/terraform/README.md
index d8a57264f..6245bd82d 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -153,6 +153,7 @@ No resources.
| [cdn\_frontdoor\_health\_probe\_path](#input\_cdn\_frontdoor\_health\_probe\_path) | Specifies the path relative to the origin that is used to determine the health of the origin. | `string` | n/a | yes |
| [cdn\_frontdoor\_host\_add\_response\_headers](#input\_cdn\_frontdoor\_host\_add\_response\_headers) | List of response headers to add at the CDN Front Door `[{ "name" = "Strict-Transport-Security", "value" = "max-age=31536000" }]` | `list(map(string))` | n/a | yes |
| [cdn\_frontdoor\_origin\_fqdn\_override](#input\_cdn\_frontdoor\_origin\_fqdn\_override) | Manually specify the hostname that the CDN Front Door should target. Defaults to the Container App FQDN | `string` | `""` | no |
+| [cdn\_frontdoor\_origin\_host\_header\_override](#input\_cdn\_frontdoor\_origin\_host\_header\_override) | Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host\_name (`cdn_frontdoor_origin_fqdn_override`) | `string` | `""` | no |
| [cdn\_frontdoor\_rate\_limiting\_duration\_in\_minutes](#input\_cdn\_frontdoor\_rate\_limiting\_duration\_in\_minutes) | CDN Front Door rate limiting duration in minutes | `number` | n/a | yes |
| [cdn\_frontdoor\_rate\_limiting\_threshold](#input\_cdn\_frontdoor\_rate\_limiting\_threshold) | CDN Front Door rate limiting duration in minutes | `number` | n/a | yes |
| [container\_command](#input\_container\_command) | Container command | `list(any)` | n/a | yes |
diff --git a/terraform/container-apps-hosting.tf b/terraform/container-apps-hosting.tf
index f643f8c95..f561f036a 100644
--- a/terraform/container-apps-hosting.tf
+++ b/terraform/container-apps-hosting.tf
@@ -30,6 +30,7 @@ module "azure_container_apps_hosting" {
cdn_frontdoor_host_add_response_headers = local.cdn_frontdoor_host_add_response_headers
cdn_frontdoor_custom_domains = local.cdn_frontdoor_custom_domains
cdn_frontdoor_origin_fqdn_override = local.cdn_frontdoor_origin_fqdn_override
+ cdn_frontdoor_origin_host_header_override = local.cdn_frontdoor_origin_host_header_override
enable_monitoring = local.enable_monitoring
monitor_email_receivers = local.monitor_email_receivers
diff --git a/terraform/locals.tf b/terraform/locals.tf
index 3068906d1..e4a842159 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -21,6 +21,7 @@ locals {
cdn_frontdoor_host_add_response_headers = var.cdn_frontdoor_host_add_response_headers
cdn_frontdoor_custom_domains = var.cdn_frontdoor_custom_domains
cdn_frontdoor_origin_fqdn_override = var.cdn_frontdoor_origin_fqdn_override
+ cdn_frontdoor_origin_host_header_override = var.cdn_frontdoor_origin_host_header_override
key_vault_access_users = toset(var.key_vault_access_users)
key_vault_access_ipv4 = var.key_vault_access_ipv4
tfvars_filename = var.tfvars_filename
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 03499f423..09516b6a6 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -75,6 +75,13 @@ variable "cdn_frontdoor_origin_fqdn_override" {
default = ""
}
+variable "cdn_frontdoor_origin_host_header_override" {
+ description = "Manually specify the host header that the CDN sends to the target. Defaults to the recieved host header. Set to null to set it to the host_name (`cdn_frontdoor_origin_fqdn_override`)"
+ type = string
+ default = ""
+ nullable = true
+}
+
variable "cdn_frontdoor_enable_rate_limiting" {
description = "Enable CDN Front Door Rate Limiting. This will create a WAF policy, and CDN security policy. For pricing reasons, there will only be one WAF policy created."
type = bool