diff --git a/.github/workflows/dependabot.yaml b/.github/workflows/dependabot.yaml
index 876045b..6afcadb 100644
--- a/.github/workflows/dependabot.yaml
+++ b/.github/workflows/dependabot.yaml
@@ -11,7 +11,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v1.3.3
+        uses: dependabot/fetch-metadata@v1.3.5
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Approve a PR
diff --git a/.github/workflows/megalinter.yaml b/.github/workflows/megalinter.yaml
index 49e8f72..98f5e2d 100644
--- a/.github/workflows/megalinter.yaml
+++ b/.github/workflows/megalinter.yaml
@@ -18,7 +18,7 @@ jobs:
           fetch-depth: 0
       - name: MegaLinter
         id: ml
-        uses: megalinter/megalinter/flavors/terraform@v6.5.0
+        uses: megalinter/megalinter/flavors/terraform@v6.17.0
         env:
           VALIDATE_ALL_CODEBASE: true
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/tagging.yaml b/.github/workflows/tagging.yaml
index 816de24..48e30a0 100644
--- a/.github/workflows/tagging.yaml
+++ b/.github/workflows/tagging.yaml
@@ -18,7 +18,7 @@ jobs:
           fetch-depth: 0
       - name: Bump version and push tag
         id: tag_version
-        uses: mathieudutour/github-tag-action@v6.0
+        uses: mathieudutour/github-tag-action@v6.1
         with:
           github_token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
       - name: Create a GitHub release
diff --git a/README.md b/README.md
index d9d6a17..aa5dd6f 100644
--- a/README.md
+++ b/README.md
@@ -122,7 +122,9 @@ No modules.
 | Name | Type |
 |------|------|
 | [kubernetes_deployment.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |
+| [kubernetes_horizontal_pod_autoscaler.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/horizontal_pod_autoscaler) | resource |
 | [kubernetes_ingress_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress_v1) | resource |
+| [kubernetes_pod_disruption_budget.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod_disruption_budget) | resource |
 | [kubernetes_service.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service) | resource |
 | [kubernetes_service_account.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |
 
@@ -135,8 +137,10 @@ No modules.
 | <a name="input_domain"></a> [domain](#input\_domain) | Domain that should be configured to route traffic from. | `string` | n/a | yes |
 | <a name="input_environment_variables"></a> [environment\_variables](#input\_environment\_variables) | Map with environment variables injected to the containers. | `map(any)` | n/a | yes |
 | <a name="input_health_check"></a> [health\_check](#input\_health\_check) | Health check configuration. | <pre>object({<br>    path                  = string<br>    initial_delay_seconds = number<br>    timeout_seconds       = number<br>    success_threshold     = number<br>    failure_threshold     = number<br>    period_seconds        = number<br>  })</pre> | n/a | yes |
+| <a name="input_hpa"></a> [hpa](#input\_hpa) | Object with autoscaler limits and requests. | <pre>object({<br>    max_replicas                      = number<br>    min_replicas                      = number<br>    target_cpu_utilization_percentage = number<br>  })</pre> | n/a | yes |
 | <a name="input_image"></a> [image](#input\_image) | Image name and tag to deploy. | `string` | n/a | yes |
 | <a name="input_ingress_annotations"></a> [ingress\_annotations](#input\_ingress\_annotations) | Annotations to be added to the ingress resource. | `map(string)` | n/a | yes |
+| <a name="input_ingress_class"></a> [ingress\_class](#input\_ingress\_class) | Class name for ingress. defaults to kong | `string` | `"kong"` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name used to identify deployed container and all related resources. | `string` | n/a | yes |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | Kubernetes namespace where resources must be created. | `string` | n/a | yes |
 | <a name="input_paths"></a> [paths](#input\_paths) | Object mapping local paths to container paths | `map(any)` | `{}` | no |
diff --git a/main.tf b/main.tf
index d4bd603..007ab61 100755
--- a/main.tf
+++ b/main.tf
@@ -44,7 +44,7 @@ resource "kubernetes_deployment" "this" {
         }
       }
       spec {
-        service_account_name = join("", kubernetes_service_account.this.metadata.*.name)
+        service_account_name = join("", kubernetes_service_account.this.metadata[*].name)
         dynamic "volume" {
           for_each = var.paths
           content {
@@ -110,6 +110,11 @@ resource "kubernetes_deployment" "this" {
 
     }
   }
+  lifecycle {
+    ignore_changes = [
+      spec[0].replicas,
+    ]
+  }
 }
 resource "kubernetes_service" "this" {
   metadata {
@@ -139,10 +144,7 @@ resource "kubernetes_ingress_v1" "this" {
     labels      = local.labels
   }
   spec {
-    tls {
-      hosts       = [var.domain]
-      secret_name = "cert-${var.name}"
-    }
+    ingress_class_name = var.ingress_class
     rule {
       host = var.domain
       http {
@@ -151,7 +153,7 @@ resource "kubernetes_ingress_v1" "this" {
 
           backend {
             service {
-              name = kubernetes_service.this.metadata.0.name
+              name = kubernetes_service.this.metadata[0].name
               port {
                 number = var.container_port
               }
@@ -162,3 +164,37 @@ resource "kubernetes_ingress_v1" "this" {
     }
   }
 }
+resource "kubernetes_horizontal_pod_autoscaler" "this" {
+  metadata {
+    name      = "hpa-${var.name}"
+    namespace = var.namespace
+    labels    = local.labels
+  }
+
+  spec {
+    max_replicas                      = var.hpa.max_replicas
+    min_replicas                      = var.hpa.min_replicas
+    target_cpu_utilization_percentage = var.hpa.target_cpu_utilization_percentage
+    scale_target_ref {
+      api_version = "apps/v1"
+      kind        = "Deployment"
+      name        = kubernetes_deployment.this.metadata[0].name
+    }
+  }
+}
+resource "kubernetes_pod_disruption_budget" "this" {
+  metadata {
+    name      = "pdb-${var.name}"
+    namespace = var.namespace
+    labels    = local.labels
+  }
+  spec {
+    max_unavailable = "20%"
+    min_available   = "50%"
+    selector {
+      match_labels = {
+        k8s-app = kubernetes_deployment.this.metadata[0].labels.k8s-app
+      }
+    }
+  }
+}
diff --git a/variables.tf b/variables.tf
index 7044758..2904ed6 100755
--- a/variables.tf
+++ b/variables.tf
@@ -6,6 +6,11 @@ variable "image" {
   type        = string
   description = "Image name and tag to deploy."
 }
+variable "ingress_class" {
+  type        = string
+  description = "Class name for ingress. defaults to kong"
+  default     = "kong"
+}
 variable "paths" {
   type        = map(any)
   description = "Object mapping local paths to container paths"
@@ -74,6 +79,15 @@ variable "resource_config" {
   }
   description = "Object with resource limits and requests."
 }
+variable "hpa" {
+  type = object({
+    max_replicas                      = number
+    min_replicas                      = number
+    target_cpu_utilization_percentage = number
+  })
+  description = "Object with autoscaler limits and requests."
+
+}
 variable "context" {
   type = object({
     organization = string
