diff --git a/.gitignore b/.gitignore
index ee04274..9c10aaa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -48,6 +48,11 @@ terraform.rc
 *.pem
 *.p12
 *.pub
+*.pfx
+*.crt
 
 #Licenses
 *.license
+
+#Private key
+privatekey.key
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index ed4df98..a160542 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -28,6 +28,7 @@ provider "registry.terraform.io/hashicorp/cloudinit" {
   constraints = "~> 2.3.3"
   hashes = [
     "h1:S3j8poSaLbaftlKq2STBkQEkZH253ZLaHhBHBifdpBQ=",
+    "h1:cVIIhnXweOHavu1uV2bdKScTjLbM1WnKM/25wqYBJWo=",
     "h1:iDq03pOzp/UsXya2h+32VOOrvGdJgI9L2/EZJoN9t4A=",
     "zh:09f1f1e1d232da96fbf9513b0fb5263bc2fe9bee85697aa15d40bb93835efbeb",
     "zh:381e74b90d7a038c3a8dcdcc2ce8c72d6b86da9f208a27f4b98cabe1a1032773",
@@ -50,6 +51,7 @@ provider "registry.terraform.io/hashicorp/random" {
   hashes = [
     "h1:Gd3WitYIzSYo/Suo+PMxpZpIGpRPrwl0JU0+DhxycFM=",
     "h1:VavG5unYCa3SYISMKF9pzc3718M0bhPlcbUZZGl7wuo=",
+    "h1:wmG0QFjQ2OfyPy6BB7mQ57WtoZZGGV07uAPQeDmIrAE=",
     "zh:0ef01a4f81147b32c1bea3429974d4d104bbc4be2ba3cfa667031a8183ef88ec",
     "zh:1bcd2d8161e89e39886119965ef0f37fcce2da9c1aca34263dd3002ba05fcb53",
     "zh:37c75d15e9514556a5f4ed02e1548aaa95c0ecd6ff9af1119ac905144c70c114",
diff --git a/main.tf b/main.tf
index 7a897cb..46feccb 100644
--- a/main.tf
+++ b/main.tf
@@ -158,6 +158,7 @@ module "tls" {
 # Creates a public IP address and an Application Gateway for forwarding internet traffic to the GraphDB proxies/instances
 module "application_gateway" {
   source = "./modules/gateway"
+  count  = var.disable_agw ? 0 : 1
 
   resource_name_prefix = var.resource_name_prefix
   location             = var.location
@@ -179,14 +180,11 @@ module "application_gateway" {
   # Public / Private toggle
   gateway_enable_private_access = var.gateway_enable_private_access
 
+  disable_agw = var.disable_agw
+
   # TLS
-<<<<<<< HEAD
-  gateway_tls_certificate_identity_id = var.tls_manage_id != null ? var.tls_manage_id : module.tls.tls_identity_id
-  gateway_tls_certificate_secret_id   = var.tls_certificate != null ? var.tls_certificate : module.tls.tls_certificate_key_vault_secret_id
-=======
   gateway_tls_certificate_secret_id   = var.tls_certificate_id != null ? var.tls_certificate_id : module.tls[0].tls_certificate_id
   gateway_tls_certificate_identity_id = var.tls_certificate_id != null ? var.tls_certificate_identity_id : module.tls[0].tls_identity_id
->>>>>>> a5909aaae4b39df58dd7a317bf50d9dbd232a291
 
   # Private Link
   gateway_enable_private_link_service                   = var.gateway_enable_private_link_service
@@ -227,7 +225,7 @@ module "monitoring" {
   location             = var.location
   node_count           = var.node_count
 
-  web_test_availability_request_url = module.application_gateway.public_ip_address_fqdn
+  web_test_availability_request_url = var.disable_agw ? null : module.application_gateway[0].public_ip_address_fqdn
   web_test_geo_locations            = var.web_test_geo_locations
   web_test_ssl_check_enabled        = var.web_test_ssl_check_enabled
   graphdb_external_address_fqdn     = var.graphdb_external_address_fqdn != null ? var.graphdb_external_address_fqdn : module.application_gateway.public_ip_address_fqdn
@@ -275,14 +273,14 @@ module "graphdb" {
   graphdb_outbound_address_prefixes    = var.outbound_allowed_address_prefixes
 
   # Gateway
-  application_gateway_backend_address_pool_ids = [module.application_gateway.gateway_backend_address_pool_id]
+  application_gateway_backend_address_pool_ids = var.disable_agw ? [] : [module.application_gateway[0].gateway_backend_address_pool_id]
 
   # App Configuration
   app_configuration_id       = module.appconfig.app_configuration_id
   app_configuration_endpoint = module.appconfig.app_configuration_endpoint
 
   # GraphDB Configurations
-  graphdb_external_address_fqdn = var.graphdb_external_address_fqdn != null ? var.graphdb_external_address_fqdn : module.application_gateway.public_ip_address_fqdn
+  graphdb_external_address_fqdn = var.graphdb_external_address_fqdn != null ? var.graphdb_external_address_fqdn : (var.disable_agw ? null : module.application_gateway[0].public_ip_address_fqdn)
   graphdb_password              = var.graphdb_password
   graphdb_license_path          = var.graphdb_license_path
   graphdb_cluster_token         = var.graphdb_cluster_token
@@ -323,4 +321,4 @@ module "graphdb" {
 
   # Wait for the configurations to be created in the App Configuration store
   depends_on = [module.appconfig]
-}
+}
\ No newline at end of file
diff --git a/modules/gateway/outputs.tf b/modules/gateway/outputs.tf
index a10aada..d8f2526 100644
--- a/modules/gateway/outputs.tf
+++ b/modules/gateway/outputs.tf
@@ -24,10 +24,14 @@ output "public_ip_address_fqdn" {
 
 output "gateway_id" {
   description = "Identifier of the application gateway for GraphDB"
-  value       = var.gateway_enable_private_access ? azurerm_application_gateway.graphdb-private[0].id : azurerm_application_gateway.graphdb-public[0].id
+  value       = var.gateway_enable_private_access && length(azurerm_application_gateway.graphdb-private) > 0 ? azurerm_application_gateway.graphdb-private[0].id : !var.gateway_enable_private_access && length(azurerm_application_gateway.graphdb-public) > 0 ? azurerm_application_gateway.graphdb-public[0].id : null
 }
 
 output "gateway_backend_address_pool_id" {
   description = "Identifier of the application gateway backend address pool"
-  value       = var.gateway_enable_private_access ? one(azurerm_application_gateway.graphdb-private[0].backend_address_pool).id : one(azurerm_application_gateway.graphdb-public[0].backend_address_pool).id
+  value = (var.gateway_enable_private_access && length(azurerm_application_gateway.graphdb-private) > 0 && length(azurerm_application_gateway.graphdb-private[0].backend_address_pool) > 0
+    ? one(azurerm_application_gateway.graphdb-private[0].backend_address_pool).id
+    : !var.gateway_enable_private_access && length(azurerm_application_gateway.graphdb-public) > 0 && length(azurerm_application_gateway.graphdb-public[0].backend_address_pool) > 0
+    ? one(azurerm_application_gateway.graphdb-public[0].backend_address_pool).id
+  : null)
 }
diff --git a/modules/gateway/variables.tf b/modules/gateway/variables.tf
index 122810e..1e08134 100644
--- a/modules/gateway/variables.tf
+++ b/modules/gateway/variables.tf
@@ -55,6 +55,12 @@ variable "gateway_enable_private_access" {
   type        = bool
 }
 
+variable "disable_agw" {
+  description = "Disables the application gateway"
+  type        = bool
+  default     = false
+}
+
 variable "gateway_min_capacity" {
   description = "Minimum capacity for the Application Gateway autoscaling"
   type        = number
@@ -161,4 +167,4 @@ variable "gateway_global_response_buffering_enabled" {
 variable "node_count" {
   description = "Number of GraphDB nodes to deploy in ASG"
   type        = number
-}
+}
\ No newline at end of file
diff --git a/modules/graphdb/variables.tf b/modules/graphdb/variables.tf
index f7af694..babfbfe 100644
--- a/modules/graphdb/variables.tf
+++ b/modules/graphdb/variables.tf
@@ -306,3 +306,8 @@ variable "user_supplied_scripts" {
   type        = list(string)
 }
 
+variable "disable_agw" {
+  description = "Disables the application gateway"
+  type        = bool
+  default     = false
+}
\ No newline at end of file
diff --git a/output.tf b/output.tf
index f45ecd2..b87d0a1 100644
--- a/output.tf
+++ b/output.tf
@@ -1,9 +1,9 @@
 output "public_address" {
   description = "Public address for GraphDB"
-  value       = "https://${module.application_gateway.public_ip_address_fqdn}"
+  value       = var.disable_agw ? null : "https://${module.application_gateway[0].public_ip_address_fqdn}"
 }
 
 output "public_ip_address" {
   description = "The public IP address of the application gateway"
-  value       = module.application_gateway.public_ip_address
-}
+  value       = var.disable_agw ? null : module.application_gateway[0].public_ip_address
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 7a0dfa0..f6021e9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -136,6 +136,12 @@ variable "gateway_enable_private_access" {
   default     = false
 }
 
+variable "disable_agw" {
+  description = "Disables the creation of application gateway by the terraform module."
+  type        = bool
+  default     = false
+}
+
 variable "gateway_enable_private_link_service" {
   description = "Set to true to enable Private Link service, false to disable it."
   type        = bool
@@ -176,24 +182,13 @@ variable "gateway_probe_threshold" {
 variable "tls_certificate_path" {
   description = "Path to a TLS certificate that will be imported in Azure Key Vault and used in the Application Gateway TLS listener for GraphDB."
   type        = string
-  default     = null
 }
 
 variable "tls_certificate_password" {
   description = "TLS certificate password for password protected certificates."
   type        = string
-  default     = null
 }
 
-<<<<<<< HEAD
-variable "tls_certificate" {
-  description = "TLS Certificate Secret Identifier."
-  type        = string
-}
-
-variable "tls_manage_id" {
-  description = "ID for managing TLS. If provided it will use this isntead of the one created by the Terraform Script."
-=======
 variable "tls_certificate_id" {
   description = "Resource identifier for a TLS certificate secret from a Key Vault. Overrides tls_certificate_path"
   type        = string
@@ -202,7 +197,6 @@ variable "tls_certificate_id" {
 
 variable "tls_certificate_identity_id" {
   description = "Identifier of a managed identity giving access to the TLS certificate specified with tls_certificate_id"
->>>>>>> a5909aaae4b39df58dd7a317bf50d9dbd232a291
   type        = string
   default     = null
 }
@@ -511,4 +505,4 @@ variable "notification_recipients_email_list" {
   description = "List of emails which will be notified via e-mail and/or push notifications"
   type        = list(string)
   default     = []
-}
+}
\ No newline at end of file