If I create a new Azure Application Gateway, I can enable Web Application Firewall via the Settings | Web application firewall page.
e.g.

If I do that, I don't see a separate WAF resource created, and I also don't see a way to do things like add custom rules to the firewall.
Conversely, if I create a new "Web Application Firewall (WAF)" resource, then I can assign that to an Application Gateway at creation time, and then I can see the option to add custom rules.
Is there any documentation clarifying the difference between these two? All I can find seems to refer to the full "policy" type WAF. eg. https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview