Microsoft.Network applicationGateways template reference

Template format

To create a Microsoft.Network/applicationGateways resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/applicationGateways",
  "apiVersion": "2018-11-01",
  "location": "string",
  "tags": {},
  "properties": {
    "sku": {
      "name": "string",
      "tier": "string",
      "capacity": "integer"
    },
    "sslPolicy": {
      "disabledSslProtocols": [
        "string"
      ],
      "policyType": "string",
      "policyName": "string",
      "cipherSuites": [
        "string"
      ],
      "minProtocolVersion": "string"
    },
    "gatewayIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "subnet": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "authenticationCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "trustedRootCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "sslCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "password": "string",
          "publicCertData": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "subnet": {
            "id": "string"
          },
          "publicIPAddress": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendPorts": [
      {
        "id": "string",
        "properties": {
          "port": "integer"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "probes": [
      {
        "id": "string",
        "properties": {
          "protocol": "string",
          "host": "string",
          "path": "string",
          "interval": "integer",
          "timeout": "integer",
          "unhealthyThreshold": "integer",
          "pickHostNameFromBackendHttpSettings": boolean,
          "minServers": "integer",
          "match": {
            "body": "string",
            "statusCodes": [
              "string"
            ]
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendAddressPools": [
      {
        "id": "string",
        "properties": {
          "backendIPConfigurations": [
            {
              "id": "string",
              "properties": {
                "virtualNetworkTaps": [
                  {
                    "id": "string",
                    "location": "string",
                    "tags": {},
                    "properties": {
                      "destinationNetworkInterfaceIPConfiguration": "NetworkInterfaceIPConfiguration",
                      "destinationLoadBalancerFrontEndIPConfiguration": {
                        "id": "string",
                        "properties": {
                          "privateIPAddress": "string",
                          "privateIPAllocationMethod": "string",
                          "subnet": {
                            "id": "string",
                            "properties": {
                              "addressPrefix": "string",
                              "addressPrefixes": [
                                "string"
                              ],
                              "networkSecurityGroup": {
                                "id": "string",
                                "location": "string",
                                "tags": {},
                                "properties": {
                                  "securityRules": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "description": "string",
                                        "protocol": "string",
                                        "sourcePortRange": "string",
                                        "destinationPortRange": "string",
                                        "sourceAddressPrefix": "string",
                                        "sourceAddressPrefixes": [
                                          "string"
                                        ],
                                        "sourceApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "destinationAddressPrefix": "string",
                                        "destinationAddressPrefixes": [
                                          "string"
                                        ],
                                        "destinationApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "sourcePortRanges": [
                                          "string"
                                        ],
                                        "destinationPortRanges": [
                                          "string"
                                        ],
                                        "access": "string",
                                        "priority": "integer",
                                        "direction": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "defaultSecurityRules": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "description": "string",
                                        "protocol": "string",
                                        "sourcePortRange": "string",
                                        "destinationPortRange": "string",
                                        "sourceAddressPrefix": "string",
                                        "sourceAddressPrefixes": [
                                          "string"
                                        ],
                                        "sourceApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "destinationAddressPrefix": "string",
                                        "destinationAddressPrefixes": [
                                          "string"
                                        ],
                                        "destinationApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "sourcePortRanges": [
                                          "string"
                                        ],
                                        "destinationPortRanges": [
                                          "string"
                                        ],
                                        "access": "string",
                                        "priority": "integer",
                                        "direction": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "resourceGuid": "string"
                                }
                              },
                              "routeTable": {
                                "id": "string",
                                "location": "string",
                                "tags": {},
                                "properties": {
                                  "routes": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "addressPrefix": "string",
                                        "nextHopType": "string",
                                        "nextHopIpAddress": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "disableBgpRoutePropagation": boolean
                                }
                              },
                              "serviceEndpoints": [
                                {
                                  "service": "string",
                                  "locations": [
                                    "string"
                                  ]
                                }
                              ],
                              "serviceEndpointPolicies": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {
                                    "serviceEndpointPolicyDefinitions": [
                                      {
                                        "id": "string",
                                        "properties": {
                                          "description": "string",
                                          "service": "string",
                                          "serviceResources": [
                                            "string"
                                          ]
                                        },
                                        "name": "string"
                                      }
                                    ]
                                  }
                                }
                              ],
                              "resourceNavigationLinks": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "linkedResourceType": "string",
                                    "link": "string"
                                  },
                                  "name": "string"
                                }
                              ],
                              "serviceAssociationLinks": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "linkedResourceType": "string",
                                    "link": "string"
                                  },
                                  "name": "string"
                                }
                              ],
                              "delegations": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "serviceName": "string",
                                    "actions": [
                                      "string"
                                    ]
                                  },
                                  "name": "string"
                                }
                              ]
                            },
                            "name": "string"
                          },
                          "publicIPAddress": {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "sku": {
                              "name": "string"
                            },
                            "properties": {
                              "publicIPAllocationMethod": "string",
                              "publicIPAddressVersion": "string",
                              "dnsSettings": {
                                "domainNameLabel": "string",
                                "fqdn": "string",
                                "reverseFqdn": "string"
                              },
                              "ddosSettings": {
                                "ddosCustomPolicy": {
                                  "id": "string"
                                },
                                "protectionCoverage": "string"
                              },
                              "ipTags": [
                                {
                                  "ipTagType": "string",
                                  "tag": "string"
                                }
                              ],
                              "ipAddress": "string",
                              "publicIPPrefix": {
                                "id": "string"
                              },
                              "idleTimeoutInMinutes": "integer",
                              "resourceGuid": "string"
                            },
                            "zones": [
                              "string"
                            ]
                          },
                          "publicIPPrefix": {
                            "id": "string"
                          }
                        },
                        "name": "string",
                        "zones": [
                          "string"
                        ]
                      },
                      "destinationPort": "integer"
                    }
                  }
                ],
                "applicationGatewayBackendAddressPools": [
                  "ApplicationGatewayBackendAddressPool"
                ],
                "loadBalancerBackendAddressPools": [
                  {
                    "id": "string",
                    "properties": {
                    },
                    "name": "string"
                  }
                ],
                "loadBalancerInboundNatRules": [
                  {
                    "id": "string",
                    "properties": {
                      "frontendIPConfiguration": {
                        "id": "string"
                      },
                      "protocol": "string",
                      "frontendPort": "integer",
                      "backendPort": "integer",
                      "idleTimeoutInMinutes": "integer",
                      "enableFloatingIP": boolean,
                      "enableTcpReset": boolean
                    },
                    "name": "string"
                  }
                ],
                "privateIPAddress": "string",
                "privateIPAllocationMethod": "string",
                "privateIPAddressVersion": "string",
                "subnet": {
                  "id": "string",
                  "properties": {
                    "addressPrefix": "string",
                    "addressPrefixes": [
                      "string"
                    ],
                    "networkSecurityGroup": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "securityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "defaultSecurityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "resourceGuid": "string"
                      }
                    },
                    "routeTable": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "routes": [
                          {
                            "id": "string",
                            "properties": {
                              "addressPrefix": "string",
                              "nextHopType": "string",
                              "nextHopIpAddress": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "disableBgpRoutePropagation": boolean
                      }
                    },
                    "serviceEndpoints": [
                      {
                        "service": "string",
                        "locations": [
                          "string"
                        ]
                      }
                    ],
                    "serviceEndpointPolicies": [
                      {
                        "id": "string",
                        "location": "string",
                        "tags": {},
                        "properties": {
                          "serviceEndpointPolicyDefinitions": [
                            {
                              "id": "string",
                              "properties": {
                                "description": "string",
                                "service": "string",
                                "serviceResources": [
                                  "string"
                                ]
                              },
                              "name": "string"
                            }
                          ]
                        }
                      }
                    ],
                    "resourceNavigationLinks": [
                      {
                        "id": "string",
                        "properties": {
                          "linkedResourceType": "string",
                          "link": "string"
                        },
                        "name": "string"
                      }
                    ],
                    "serviceAssociationLinks": [
                      {
                        "id": "string",
                        "properties": {
                          "linkedResourceType": "string",
                          "link": "string"
                        },
                        "name": "string"
                      }
                    ],
                    "delegations": [
                      {
                        "id": "string",
                        "properties": {
                          "serviceName": "string",
                          "actions": [
                            "string"
                          ]
                        },
                        "name": "string"
                      }
                    ]
                  },
                  "name": "string"
                },
                "primary": boolean,
                "publicIPAddress": {
                  "id": "string",
                  "location": "string",
                  "tags": {},
                  "sku": {
                    "name": "string"
                  },
                  "properties": {
                    "publicIPAllocationMethod": "string",
                    "publicIPAddressVersion": "string",
                    "dnsSettings": {
                      "domainNameLabel": "string",
                      "fqdn": "string",
                      "reverseFqdn": "string"
                    },
                    "ddosSettings": {
                      "ddosCustomPolicy": {
                        "id": "string"
                      },
                      "protectionCoverage": "string"
                    },
                    "ipTags": [
                      {
                        "ipTagType": "string",
                        "tag": "string"
                      }
                    ],
                    "ipAddress": "string",
                    "publicIPPrefix": {
                      "id": "string"
                    },
                    "idleTimeoutInMinutes": "integer",
                    "resourceGuid": "string"
                  },
                  "zones": [
                    "string"
                  ]
                },
                "applicationSecurityGroups": [
                  {
                    "id": "string",
                    "location": "string",
                    "tags": {},
                    "properties": {}
                  }
                ]
              },
              "name": "string"
            }
          ],
          "backendAddresses": [
            {
              "fqdn": "string",
              "ipAddress": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendHttpSettingsCollection": [
      {
        "id": "string",
        "properties": {
          "port": "integer",
          "protocol": "string",
          "cookieBasedAffinity": "string",
          "requestTimeout": "integer",
          "probe": {
            "id": "string"
          },
          "authenticationCertificates": [
            {
              "id": "string"
            }
          ],
          "trustedRootCertificates": [
            {
              "id": "string"
            }
          ],
          "connectionDraining": {
            "enabled": boolean,
            "drainTimeoutInSec": "integer"
          },
          "hostName": "string",
          "pickHostNameFromBackendAddress": boolean,
          "affinityCookieName": "string",
          "probeEnabled": boolean,
          "path": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "httpListeners": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": {
            "id": "string"
          },
          "protocol": "string",
          "hostName": "string",
          "sslCertificate": {
            "id": "string"
          },
          "requireServerNameIndication": boolean,
          "customErrorConfigurations": [
            {
              "statusCode": "string",
              "customErrorPageUrl": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "urlPathMaps": [
      {
        "id": "string",
        "properties": {
          "defaultBackendAddressPool": {
            "id": "string"
          },
          "defaultBackendHttpSettings": {
            "id": "string"
          },
          "defaultRewriteRuleSet": {
            "id": "string"
          },
          "defaultRedirectConfiguration": {
            "id": "string"
          },
          "pathRules": [
            {
              "id": "string",
              "properties": {
                "paths": [
                  "string"
                ],
                "backendAddressPool": {
                  "id": "string"
                },
                "backendHttpSettings": {
                  "id": "string"
                },
                "redirectConfiguration": {
                  "id": "string"
                },
                "rewriteRuleSet": {
                  "id": "string"
                }
              },
              "name": "string",
              "type": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "requestRoutingRules": [
      {
        "id": "string",
        "properties": {
          "ruleType": "string",
          "backendAddressPool": {
            "id": "string"
          },
          "backendHttpSettings": {
            "id": "string"
          },
          "httpListener": {
            "id": "string"
          },
          "urlPathMap": {
            "id": "string"
          },
          "rewriteRuleSet": {
            "id": "string"
          },
          "redirectConfiguration": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "rewriteRuleSets": [
      {
        "id": "string",
        "properties": {
          "rewriteRules": [
            {
              "name": "string",
              "actionSet": {
                "requestHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ],
                "responseHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ]
              }
            }
          ]
        },
        "name": "string"
      }
    ],
    "redirectConfigurations": [
      {
        "id": "string",
        "properties": {
          "redirectType": "string",
          "targetListener": {
            "id": "string"
          },
          "targetUrl": "string",
          "includePath": boolean,
          "includeQueryString": boolean,
          "requestRoutingRules": [
            {
              "id": "string"
            }
          ],
          "urlPathMaps": [
            {
              "id": "string"
            }
          ],
          "pathRules": [
            {
              "id": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "webApplicationFirewallConfiguration": {
      "enabled": boolean,
      "firewallMode": "string",
      "ruleSetType": "string",
      "ruleSetVersion": "string",
      "disabledRuleGroups": [
        {
          "ruleGroupName": "string",
          "rules": [
            "integer"
          ]
        }
      ],
      "requestBodyCheck": boolean,
      "maxRequestBodySize": "integer",
      "maxRequestBodySizeInKb": "integer",
      "fileUploadLimitInMb": "integer",
      "exclusions": [
        {
          "matchVariable": "string",
          "selectorMatchOperator": "string",
          "selector": "string"
        }
      ]
    },
    "enableHttp2": boolean,
    "enableFips": boolean,
    "autoscaleConfiguration": {
      "minCapacity": "integer",
      "maxCapacity": "integer"
    },
    "resourceGuid": "string",
    "customErrorConfigurations": [
      {
        "statusCode": "string",
        "customErrorPageUrl": "string"
      }
    ]
  },
  "zones": [
    "string"
  ],
  "identity": {
    "type": "string",
    "userAssignedIdentities": {}
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/applicationGateways object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Network/applicationGateways
apiVersion enum Yes 2018-11-01
location string No Resource location.
tags object No Resource tags.
properties object Yes ApplicationGatewayPropertiesFormat object
zones array No A list of availability zones denoting where the resource needs to come from. - string
identity object No The identity of the application gateway, if configured. - ManagedServiceIdentity object

ApplicationGatewayPropertiesFormat object

Name Type Required Value
sku object No SKU of the application gateway resource. - ApplicationGatewaySku object
sslPolicy object No SSL policy of the application gateway resource. - ApplicationGatewaySslPolicy object
gatewayIPConfigurations array No Subnets of application the gateway resource. - ApplicationGatewayIPConfiguration object
authenticationCertificates array No Authentication certificates of the application gateway resource. - ApplicationGatewayAuthenticationCertificate object
trustedRootCertificates array No Trusted Root certificates of the application gateway resource. - ApplicationGatewayTrustedRootCertificate object
sslCertificates array No SSL certificates of the application gateway resource. - ApplicationGatewaySslCertificate object
frontendIPConfigurations array No Frontend IP addresses of the application gateway resource. - ApplicationGatewayFrontendIPConfiguration object
frontendPorts array No Frontend ports of the application gateway resource. - ApplicationGatewayFrontendPort object
probes array No Probes of the application gateway resource. - ApplicationGatewayProbe object
backendAddressPools array No Backend address pool of the application gateway resource. - ApplicationGatewayBackendAddressPool object
backendHttpSettingsCollection array No Backend http settings of the application gateway resource. - ApplicationGatewayBackendHttpSettings object
httpListeners array No Http listeners of the application gateway resource. - ApplicationGatewayHttpListener object
urlPathMaps array No URL path map of the application gateway resource. - ApplicationGatewayUrlPathMap object
requestRoutingRules array No Request routing rules of the application gateway resource. - ApplicationGatewayRequestRoutingRule object
rewriteRuleSets array No Rewrite rules for the application gateway resource. - ApplicationGatewayRewriteRuleSet object
redirectConfigurations array No Redirect configurations of the application gateway resource. - ApplicationGatewayRedirectConfiguration object
webApplicationFirewallConfiguration object No Web application firewall configuration. - ApplicationGatewayWebApplicationFirewallConfiguration object
enableHttp2 boolean No Whether HTTP2 is enabled on the application gateway resource.
enableFips boolean No Whether FIPS is enabled on the application gateway resource.
autoscaleConfiguration object No Autoscale Configuration. - ApplicationGatewayAutoscaleConfiguration object
resourceGuid string No Resource GUID property of the application gateway resource.
customErrorConfigurations array No Custom error configurations of the application gateway resource. - ApplicationGatewayCustomError object

ManagedServiceIdentity object

Name Type Required Value
type enum No The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, SystemAssigned, UserAssigned, None
userAssignedIdentities object No The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ApplicationGatewaySku object

Name Type Required Value
name enum No Name of an application gateway SKU. - Standard_Small, Standard_Medium, Standard_Large, WAF_Medium, WAF_Large, Standard_v2, WAF_v2
tier enum No Tier of an application gateway. - Standard, WAF, Standard_v2, WAF_v2
capacity integer No Capacity (instance count) of an application gateway.

ApplicationGatewaySslPolicy object

Name Type Required Value
disabledSslProtocols array No Ssl protocols to be disabled on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2
policyType enum No Type of Ssl Policy. - Predefined or Custom
policyName enum No Name of Ssl predefined policy. - AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S
cipherSuites array No Ssl cipher suites to be enabled in the specified order to application gateway. - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA
minProtocolVersion enum No Minimum version of Ssl protocol to be supported on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2

ApplicationGatewayIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayIPConfigurationPropertiesFormat object
name string No Name of the IP configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayAuthenticationCertificate object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayAuthenticationCertificatePropertiesFormat object
name string No Name of the authentication certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayTrustedRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayTrustedRootCertificatePropertiesFormat object
name string No Name of the trusted root certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewaySslCertificate object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewaySslCertificatePropertiesFormat object
name string No Name of the SSL certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayFrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayFrontendIPConfigurationPropertiesFormat object
name string No Name of the frontend IP configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayFrontendPort object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayFrontendPortPropertiesFormat object
name string No Name of the frontend port that is unique within an Application Gateway
type string No Type of the resource.

ApplicationGatewayProbe object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayProbePropertiesFormat object
name string No Name of the probe that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayBackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayBackendAddressPoolPropertiesFormat object
name string No Name of the backend address pool that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayBackendHttpSettings object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayBackendHttpSettingsPropertiesFormat object
name string No Name of the backend http settings that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayHttpListener object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayHttpListenerPropertiesFormat object
name string No Name of the HTTP listener that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayUrlPathMap object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayUrlPathMapPropertiesFormat object
name string No Name of the URL path map that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRequestRoutingRule object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayRequestRoutingRulePropertiesFormat object
name string No Name of the request routing rule that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRewriteRuleSet object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayRewriteRuleSetPropertiesFormat object
name string No Name of the rewrite rule set that is unique within an Application Gateway.

ApplicationGatewayRedirectConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayRedirectConfigurationPropertiesFormat object
name string No Name of the redirect configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayWebApplicationFirewallConfiguration object

Name Type Required Value
enabled boolean Yes Whether the web application firewall is enabled or not.
firewallMode enum Yes Web application firewall mode. - Detection or Prevention
ruleSetType string Yes The type of the web application firewall rule set. Possible values are: 'OWASP'.
ruleSetVersion string Yes The version of the rule set type.
disabledRuleGroups array No The disabled rule groups. - ApplicationGatewayFirewallDisabledRuleGroup object
requestBodyCheck boolean No Whether allow WAF to check request Body.
maxRequestBodySize integer No Maximum request body size for WAF.
maxRequestBodySizeInKb integer No Maximum request body size in Kb for WAF.
fileUploadLimitInMb integer No Maximum file upload size in Mb for WAF.
exclusions array No The exclusion list. - ApplicationGatewayFirewallExclusion object

ApplicationGatewayAutoscaleConfiguration object

Name Type Required Value
minCapacity integer Yes Lower bound on number of Application Gateway capacity
maxCapacity integer No Upper bound on number of Application Gateway capacity

ApplicationGatewayCustomError object

Name Type Required Value
statusCode enum No Status code of the application gateway customer error. - HttpStatus403 or HttpStatus502
customErrorPageUrl string No Error page URL of the application gateway customer error.

ApplicationGatewayIPConfigurationPropertiesFormat object

Name Type Required Value
subnet object No Reference of the subnet resource. A subnet from where application gateway gets its private address. - SubResource object

ApplicationGatewayAuthenticationCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.

ApplicationGatewayTrustedRootCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewaySslCertificatePropertiesFormat object

Name Type Required Value
data string No Base-64 encoded pfx certificate. Only applicable in PUT Request.
password string No Password for the pfx file specified in data. Only applicable in PUT request.
publicCertData string No Base-64 encoded Public cert data corresponding to pfx specified in data. Only applicable in GET request.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewayFrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No PrivateIPAddress of the network interface IP Configuration.
privateIPAllocationMethod enum No PrivateIP allocation method. - Static or Dynamic
subnet object No Reference of the subnet resource. - SubResource object
publicIPAddress object No Reference of the PublicIP resource. - SubResource object

ApplicationGatewayFrontendPortPropertiesFormat object

Name Type Required Value
port integer No Frontend port

ApplicationGatewayProbePropertiesFormat object

Name Type Required Value
protocol enum No The protocol used for the probe. Possible values are 'Http' and 'Https'. - Http or Https
host string No Host name to send the probe to.
path string No Relative path of probe. Valid path starts from '/'. Probe is sent to ://:
interval integer No The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds.
timeout integer No the probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds.
unhealthyThreshold integer No The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20.
pickHostNameFromBackendHttpSettings boolean No Whether the host header should be picked from the backend http settings. Default value is false.
minServers integer No Minimum number of servers that are always marked healthy. Default value is 0.
match object No Criterion for classifying a healthy probe response. - ApplicationGatewayProbeHealthResponseMatch object

ApplicationGatewayBackendAddressPoolPropertiesFormat object

Name Type Required Value
backendIPConfigurations array No Collection of references to IPs defined in network interfaces. - NetworkInterfaceIPConfiguration object
backendAddresses array No Backend addresses - ApplicationGatewayBackendAddress object

ApplicationGatewayBackendHttpSettingsPropertiesFormat object

Name Type Required Value
port integer No The destination port on the backend.
protocol enum No The protocol used to communicate with the backend. Possible values are 'Http' and 'Https'. - Http or Https
cookieBasedAffinity enum No Cookie based affinity. - Enabled or Disabled
requestTimeout integer No Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds.
probe object No Probe resource of an application gateway. - SubResource object
authenticationCertificates array No Array of references to application gateway authentication certificates. - SubResource object
trustedRootCertificates array No Array of references to application gateway trusted root certificates. - SubResource object
connectionDraining object No Connection draining of the backend http settings resource. - ApplicationGatewayConnectionDraining object
hostName string No Host header to be sent to the backend servers.
pickHostNameFromBackendAddress boolean No Whether to pick host header should be picked from the host name of the backend server. Default value is false.
affinityCookieName string No Cookie name to use for the affinity cookie.
probeEnabled boolean No Whether the probe is enabled. Default value is false.
path string No Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null.

ApplicationGatewayHttpListenerPropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No Frontend IP configuration resource of an application gateway. - SubResource object
frontendPort object No Frontend port resource of an application gateway. - SubResource object
protocol enum No Protocol of the HTTP listener. Possible values are 'Http' and 'Https'. - Http or Https
hostName string No Host name of HTTP listener.
sslCertificate object No SSL certificate resource of an application gateway. - SubResource object
requireServerNameIndication boolean No Applicable only if protocol is https. Enables SNI for multi-hosting.
customErrorConfigurations array No Custom error configurations of the HTTP listener. - ApplicationGatewayCustomError object

ApplicationGatewayUrlPathMapPropertiesFormat object

Name Type Required Value
defaultBackendAddressPool object No Default backend address pool resource of URL path map. - SubResource object
defaultBackendHttpSettings object No Default backend http settings resource of URL path map. - SubResource object
defaultRewriteRuleSet object No Default Rewrite rule set resource of URL path map. - SubResource object
defaultRedirectConfiguration object No Default redirect configuration resource of URL path map. - SubResource object
pathRules array No Path rule of URL path map resource. - ApplicationGatewayPathRule object

ApplicationGatewayRequestRoutingRulePropertiesFormat object

Name Type Required Value
ruleType enum No Rule type. - Basic or PathBasedRouting
backendAddressPool object No Backend address pool resource of the application gateway. - SubResource object
backendHttpSettings object No Backend http settings resource of the application gateway. - SubResource object
httpListener object No Http listener resource of the application gateway. - SubResource object
urlPathMap object No URL path map resource of the application gateway. - SubResource object
rewriteRuleSet object No Rewrite Rule Set resource in Basic rule of the application gateway. - SubResource object
redirectConfiguration object No Redirect configuration resource of the application gateway. - SubResource object

ApplicationGatewayRewriteRuleSetPropertiesFormat object

Name Type Required Value
rewriteRules array No Rewrite rules in the rewrite rule set. - ApplicationGatewayRewriteRule object

ApplicationGatewayRedirectConfigurationPropertiesFormat object

Name Type Required Value
redirectType enum No Supported http redirection types - Permanent, Temporary, Found, SeeOther. - Permanent, Found, SeeOther, Temporary
targetListener object No Reference to a listener to redirect the request to. - SubResource object
targetUrl string No Url to redirect the request to.
includePath boolean No Include path in the redirected url.
includeQueryString boolean No Include query string in the redirected url.
requestRoutingRules array No Request routing specifying redirect configuration. - SubResource object
urlPathMaps array No Url path maps specifying default redirect configuration. - SubResource object
pathRules array No Path rules specifying redirect configuration. - SubResource object

ApplicationGatewayFirewallDisabledRuleGroup object

Name Type Required Value
ruleGroupName string Yes The name of the rule group that will be disabled.
rules array No The list of rules that will be disabled. If null, all rules of the rule group will be disabled. - integer

ApplicationGatewayFirewallExclusion object

Name Type Required Value
matchVariable string Yes The variable to be excluded.
selectorMatchOperator string Yes When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to.
selector string Yes When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to.

SubResource object

Name Type Required Value
id string No Resource ID.

ApplicationGatewayProbeHealthResponseMatch object

Name Type Required Value
body string No Body that must be contained in the health response. Default value is empty.
statusCodes array No Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399. - string

NetworkInterfaceIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Network interface IP configuration properties. - NetworkInterfaceIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ApplicationGatewayBackendAddress object

Name Type Required Value
fqdn string No Fully qualified domain name (FQDN).
ipAddress string No IP address

ApplicationGatewayConnectionDraining object

Name Type Required Value
enabled boolean Yes Whether connection draining is enabled or not.
drainTimeoutInSec integer Yes The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

ApplicationGatewayPathRule object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayPathRulePropertiesFormat object
name string No Name of the path rule that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRewriteRule object

Name Type Required Value
name string No Name of the rewrite rule that is unique within an Application Gateway.
actionSet object No Set of actions to be done as part of the rewrite Rule. - ApplicationGatewayRewriteRuleActionSet object

NetworkInterfaceIPConfigurationPropertiesFormat object

Name Type Required Value
virtualNetworkTaps array No The reference to Virtual Network Taps. - VirtualNetworkTap object
applicationGatewayBackendAddressPools array No The reference of ApplicationGatewayBackendAddressPool resource. - ApplicationGatewayBackendAddressPool object
loadBalancerBackendAddressPools array No The reference of LoadBalancerBackendAddressPool resource. - BackendAddressPool object
loadBalancerInboundNatRules array No A list of references of LoadBalancerInboundNatRules. - InboundNatRule object
privateIPAddress string No Private IP address of the IP configuration.
privateIPAllocationMethod enum No Defines how a private IP address is assigned. Possible values are: 'Static' and 'Dynamic'. - Static or Dynamic
privateIPAddressVersion enum No Available from Api-Version 2016-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'. - IPv4 or IPv6
subnet object No Subnet bound to the IP configuration. - Subnet object
primary boolean No Gets whether this is a primary customer address on the network interface.
publicIPAddress object No Public IP address bound to the IP configuration. - PublicIPAddress object
applicationSecurityGroups array No Application security groups in which the IP configuration is included. - ApplicationSecurityGroup object

ApplicationGatewayPathRulePropertiesFormat object

Name Type Required Value
paths array No Path rules of URL path map. - string
backendAddressPool object No Backend address pool resource of URL path map path rule. - SubResource object
backendHttpSettings object No Backend http settings resource of URL path map path rule. - SubResource object
redirectConfiguration object No Redirect configuration resource of URL path map path rule. - SubResource object
rewriteRuleSet object No Rewrite rule set resource of URL path map path rule. - SubResource object

ApplicationGatewayRewriteRuleActionSet object

Name Type Required Value
requestHeaderConfigurations array No Request Header Actions in the Action Set - ApplicationGatewayHeaderConfiguration object
responseHeaderConfigurations array No Response Header Actions in the Action Set - ApplicationGatewayHeaderConfiguration object

VirtualNetworkTap object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Virtual Network Tap Properties. - VirtualNetworkTapPropertiesFormat object

BackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer backend address pool. - BackendAddressPoolPropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

InboundNatRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer inbound nat rule. - InboundNatRulePropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

Subnet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - SubnetPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

PublicIPAddress object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
sku object No The public IP address SKU. - PublicIPAddressSku object
properties object No Public IP address properties. - PublicIPAddressPropertiesFormat object
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

ApplicationSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the application security group. - ApplicationSecurityGroupPropertiesFormat object

ApplicationGatewayHeaderConfiguration object

Name Type Required Value
headerName string No Header name of the header configuration
headerValue string No Header value of the header configuration

VirtualNetworkTapPropertiesFormat object

Name Type Required Value
destinationNetworkInterfaceIPConfiguration object No The reference to the private IP Address of the collector nic that will receive the tap - NetworkInterfaceIPConfiguration object
destinationLoadBalancerFrontEndIPConfiguration object No The reference to the private IP address on the internal Load Balancer that will receive the tap - FrontendIPConfiguration object
destinationPort integer No The VXLAN destination port that will receive the tapped traffic.

BackendAddressPoolPropertiesFormat object

Name Type Required Value

InboundNatRulePropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
protocol enum No Udp, Tcp, All
frontendPort integer No The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.
backendPort integer No The port used for the internal endpoint. Acceptable values range from 1 to 65535.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.

SubnetPropertiesFormat object

Name Type Required Value
addressPrefix string No The address prefix for the subnet.
addressPrefixes array No List of address prefixes for the subnet. - string
networkSecurityGroup object No The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable object No The reference of the RouteTable resource. - RouteTable object
serviceEndpoints array No An array of service endpoints. - ServiceEndpointPropertiesFormat object
serviceEndpointPolicies array No An array of service endpoint policies. - ServiceEndpointPolicy object
resourceNavigationLinks array No Gets an array of references to the external resources using subnet. - ResourceNavigationLink object
serviceAssociationLinks array No Gets an array of references to services injecting into this subnet. - ServiceAssociationLink object
delegations array No Gets an array of references to the delegations on the subnet. - Delegation object

PublicIPAddressSku object

Name Type Required Value
name enum No Name of a public IP address SKU. - Basic or Standard

PublicIPAddressPropertiesFormat object

Name Type Required Value
publicIPAllocationMethod enum No The public IP allocation method. Possible values are: 'Static' and 'Dynamic'. - Static or Dynamic
publicIPAddressVersion enum No The public IP address version. Possible values are: 'IPv4' and 'IPv6'. - IPv4 or IPv6
dnsSettings object No The FQDN of the DNS record associated with the public IP address. - PublicIPAddressDnsSettings object
ddosSettings object No The DDoS protection custom policy associated with the public IP address. - DdosSettings object
ipTags array No The list of tags associated with the public IP address. - IpTag object
ipAddress string No The IP address associated with the public IP address resource.
publicIPPrefix object No The Public IP Prefix this Public IP Address should be allocated from. - SubResource object
idleTimeoutInMinutes integer No The idle timeout of the public IP address.
resourceGuid string No The resource GUID property of the public IP resource.

FrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the load balancer probe. - FrontendIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

NetworkSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the network security group - NetworkSecurityGroupPropertiesFormat object

RouteTable object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the route table. - RouteTablePropertiesFormat object

ServiceEndpointPropertiesFormat object

Name Type Required Value
service string No The type of the endpoint service.
locations array No A list of locations. - string

ServiceEndpointPolicy object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the service end point policy - ServiceEndpointPolicyPropertiesFormat object
Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ResourceNavigationLinkFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ServiceAssociationLinkPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.

Delegation object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - ServiceDelegationPropertiesFormat object
name string No The name of the resource that is unique within a subnet. This name can be used to access the resource.

PublicIPAddressDnsSettings object

Name Type Required Value
domainNameLabel string No Gets or sets the Domain name label.The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.
fqdn string No Gets the FQDN, Fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
reverseFqdn string No Gets or Sets the Reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

DdosSettings object

Name Type Required Value
ddosCustomPolicy object No The DDoS custom policy associated with the public IP. - SubResource object
protectionCoverage enum No The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. - Basic or Standard

IpTag object

Name Type Required Value
ipTagType string No Gets or sets the ipTag type: Example FirstPartyUsage.
tag string No Gets or sets value of the IpTag associated with the public IP. Example SQL, Storage etc

FrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No The private IP address of the IP configuration.
privateIPAllocationMethod enum No The Private IP allocation method. Possible values are: 'Static' and 'Dynamic'. - Static or Dynamic
subnet object No The reference of the subnet resource. - Subnet object
publicIPAddress object No The reference of the Public IP resource. - PublicIPAddress object
publicIPPrefix object No The reference of the Public IP Prefix resource. - SubResource object

NetworkSecurityGroupPropertiesFormat object

Name Type Required Value
securityRules array No A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules array No The default security rules of network security group. - SecurityRule object
resourceGuid string No The resource GUID property of the network security group resource.

RouteTablePropertiesFormat object

Name Type Required Value
routes array No Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation boolean No Gets or sets whether to disable the routes learned by BGP on that route table. True means disable.

ServiceEndpointPolicyPropertiesFormat object

Name Type Required Value
serviceEndpointPolicyDefinitions array No A collection of service endpoint policy definitions of the service endpoint policy. - ServiceEndpointPolicyDefinition object

ResourceNavigationLinkFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource

ServiceAssociationLinkPropertiesFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource.

ServiceDelegationPropertiesFormat object

Name Type Required Value
serviceName string No The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers)
actions array No Describes the actions permitted to the service upon delegation - string

SecurityRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the security rule - SecurityRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

Route object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the route. - RoutePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ServiceEndpointPolicyDefinition object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the service endpoint policy definition - ServiceEndpointPolicyDefinitionPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

SecurityRulePropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
protocol enum Yes Network protocol this rule applies to. Possible values are 'Tcp', 'Udp', and '*'. - Tcp, Udp, *
sourcePortRange string No The source port or range. Integer or range between 0 and 65535. Asterisks '*' can also be used to match all ports.
destinationPortRange string No The destination port or range. Integer or range between 0 and 65535. Asterisks '*' can also be used to match all ports.
sourceAddressPrefix string No The CIDR or source IP range. Asterisks '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes array No The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups array No The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix string No The destination address prefix. CIDR or destination IP range. Asterisks '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes array No The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups array No The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges array No The source port ranges. - string
destinationPortRanges array No The destination port ranges. - string
access enum Yes The network traffic is allowed or denied. Possible values are: 'Allow' and 'Deny'. - Allow or Deny
priority integer No The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction enum Yes The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are: 'Inbound' and 'Outbound'. - Inbound or Outbound

RoutePropertiesFormat object

Name Type Required Value
addressPrefix string No The destination CIDR to which the route applies.
nextHopType enum Yes The type of Azure hop the packet should be sent to. Possible values are: 'VirtualNetworkGateway', 'VnetLocal', 'Internet', 'VirtualAppliance', and 'None'. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress string No The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

ServiceEndpointPolicyDefinitionPropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
service string No service endpoint name.
serviceResources array No A list of service resources. - string

Quickstart templates

See Microsoft.Network templates in Azure Quickstart templates.