Share via


az network application-gateway ssl-policy

Manage the SSL policy of an application gateway.

Commands

Name Description Type Status
az network application-gateway ssl-policy list-options

List available SSL options for configuring SSL policy.

Core GA
az network application-gateway ssl-policy predefined

Get information on predefined SSL policies.

Core GA
az network application-gateway ssl-policy predefined list

List all SSL predefined policies for configuring SSL policy.

Core GA
az network application-gateway ssl-policy predefined show

Get SSL predefined policy with the specified policy name.

Core GA
az network application-gateway ssl-policy set

Update an SSL policy settings.

Core GA
az network application-gateway ssl-policy show

Get the details of an SSL policy settings.

Core GA
az network application-gateway ssl-policy wait

Place the CLI in a waiting state until a condition is met.

Core GA

az network application-gateway ssl-policy list-options

List available SSL options for configuring SSL policy.

az network application-gateway ssl-policy list-options

Examples

List available SSL options for configuring SSL policy.

az network application-gateway ssl-policy list-options
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-policy set

Update an SSL policy settings.

az network application-gateway ssl-policy set --gateway-name
                                              --resource-group
                                              [--cipher-suites]
                                              [--disabled-ssl-protocols]
                                              [--min-protocol-version {TLSv1_0, TLSv1_1, TLSv1_2, TLSv1_3}]
                                              [--name {AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S, AppGwSslPolicy20220101, AppGwSslPolicy20220101S}]
                                              [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                              [--policy-type {Custom, CustomV2, Predefined}]

Examples

Set a predefined SSL policy.

az network application-gateway ssl-policy set -g MyResourceGroup --gateway-name MyAppGateway -n AppGwSslPolicy20170401S --policy-type Predefined

Set a custom SSL policy with TLSv1_2 and the cipher suites below.

az network application-gateway ssl-policy set -g MyResourceGroup --gateway-name MyAppGateway --policy-type Custom --min-protocol-version TLSv1_2 --cipher-suites TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256

Required Parameters

--gateway-name

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--cipher-suites

SSL cipher suites to be enabled in the specified order to application gateway. Values from az network application-gateway ssl-policy list-options. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--disabled-ssl-protocols

Space-separated list of protocols to disable. Values from az network application-gateway ssl-policy list-options. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--min-protocol-version

Minimum version of SSL protocol to be supported on application gateway. Values from: az network application-gateway ssl-policy list-options.

Accepted values: TLSv1_0, TLSv1_1, TLSv1_2, TLSv1_3
--name -n

Name of SSL policy.

Accepted values: AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S, AppGwSslPolicy20220101, AppGwSslPolicy20220101S
--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--policy-type

Type of SSL policy.

Accepted values: Custom, CustomV2, Predefined
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-policy show

Get the details of an SSL policy settings.

az network application-gateway ssl-policy show --gateway-name
                                               --resource-group

Examples

Get the details of an SSL policy settings.

az network application-gateway ssl-policy show -g MyResourceGroup --gateway-name MyAppGateway

Required Parameters

--gateway-name

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-policy wait

Place the CLI in a waiting state until a condition is met.

az network application-gateway ssl-policy wait [--created]
                                               [--custom]
                                               [--deleted]
                                               [--exists]
                                               [--gateway-name]
                                               [--ids]
                                               [--interval]
                                               [--resource-group]
                                               [--subscription]
                                               [--timeout]
                                               [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--gateway-name

Name of the application gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

Default value: 30
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.