Microsoft.Network applicationGateways template reference

Template format

To create a Microsoft.Network/applicationGateways resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/applicationGateways",
  "apiVersion": "2018-01-01",
  "location": "string",
  "tags": {},
  "properties": {
    "sku": {
      "name": "string",
      "tier": "string",
      "capacity": "integer"
    },
    "sslPolicy": {
      "disabledSslProtocols": [
        "string"
      ],
      "policyType": "string",
      "policyName": "string",
      "cipherSuites": [
        "string"
      ],
      "minProtocolVersion": "string"
    },
    "gatewayIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "subnet": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "authenticationCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "sslCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "password": "string",
          "publicCertData": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "subnet": {
            "id": "string"
          },
          "publicIPAddress": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendPorts": [
      {
        "id": "string",
        "properties": {
          "port": "integer"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "probes": [
      {
        "id": "string",
        "properties": {
          "protocol": "string",
          "host": "string",
          "path": "string",
          "interval": "integer",
          "timeout": "integer",
          "unhealthyThreshold": "integer",
          "pickHostNameFromBackendHttpSettings": boolean,
          "minServers": "integer",
          "match": {
            "body": "string",
            "statusCodes": [
              "string"
            ]
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendAddressPools": [
      {
        "id": "string",
        "properties": {
          "backendIPConfigurations": [
            {
              "id": "string",
              "properties": {
                "applicationGatewayBackendAddressPools": [
                  "ApplicationGatewayBackendAddressPool"
                ],
                "loadBalancerBackendAddressPools": [
                  {
                    "id": "string",
                    "properties": {
                    },
                    "name": "string"
                  }
                ],
                "loadBalancerInboundNatRules": [
                  {
                    "id": "string",
                    "properties": {
                      "frontendIPConfiguration": {
                        "id": "string"
                      },
                      "protocol": "string",
                      "frontendPort": "integer",
                      "backendPort": "integer",
                      "idleTimeoutInMinutes": "integer",
                      "enableFloatingIP": boolean
                    },
                    "name": "string"
                  }
                ],
                "privateIPAddress": "string",
                "privateIPAllocationMethod": "string",
                "privateIPAddressVersion": "string",
                "subnet": {
                  "id": "string",
                  "properties": {
                    "addressPrefix": "string",
                    "networkSecurityGroup": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "securityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "defaultSecurityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "resourceGuid": "string"
                      }
                    },
                    "routeTable": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "routes": [
                          {
                            "id": "string",
                            "properties": {
                              "addressPrefix": "string",
                              "nextHopType": "string",
                              "nextHopIpAddress": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "disableBgpRoutePropagation": boolean
                      }
                    },
                    "serviceEndpoints": [
                      {
                        "service": "string",
                        "locations": [
                          "string"
                        ]
                      }
                    ],
                    "resourceNavigationLinks": [
                      {
                        "id": "string",
                        "properties": {
                          "linkedResourceType": "string",
                          "link": "string"
                        },
                        "name": "string"
                      }
                    ]
                  },
                  "name": "string"
                },
                "primary": boolean,
                "publicIPAddress": {
                  "id": "string",
                  "location": "string",
                  "tags": {},
                  "sku": {
                    "name": "string"
                  },
                  "properties": {
                    "publicIPAllocationMethod": "string",
                    "publicIPAddressVersion": "string",
                    "dnsSettings": {
                      "domainNameLabel": "string",
                      "fqdn": "string",
                      "reverseFqdn": "string"
                    },
                    "ipTags": [
                      {
                        "ipTagType": "string",
                        "tag": "string"
                      }
                    ],
                    "ipAddress": "string",
                    "idleTimeoutInMinutes": "integer",
                    "resourceGuid": "string"
                  },
                  "zones": [
                    "string"
                  ]
                },
                "applicationSecurityGroups": [
                  {
                    "id": "string",
                    "location": "string",
                    "tags": {},
                    "properties": {}
                  }
                ]
              },
              "name": "string"
            }
          ],
          "backendAddresses": [
            {
              "fqdn": "string",
              "ipAddress": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendHttpSettingsCollection": [
      {
        "id": "string",
        "properties": {
          "port": "integer",
          "protocol": "string",
          "cookieBasedAffinity": "string",
          "requestTimeout": "integer",
          "probe": {
            "id": "string"
          },
          "authenticationCertificates": [
            {
              "id": "string"
            }
          ],
          "connectionDraining": {
            "enabled": boolean,
            "drainTimeoutInSec": "integer"
          },
          "hostName": "string",
          "pickHostNameFromBackendAddress": boolean,
          "affinityCookieName": "string",
          "probeEnabled": boolean,
          "path": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "httpListeners": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": {
            "id": "string"
          },
          "protocol": "string",
          "hostName": "string",
          "sslCertificate": {
            "id": "string"
          },
          "requireServerNameIndication": boolean
        },
        "name": "string",
        "type": "string"
      }
    ],
    "urlPathMaps": [
      {
        "id": "string",
        "properties": {
          "defaultBackendAddressPool": {
            "id": "string"
          },
          "defaultBackendHttpSettings": {
            "id": "string"
          },
          "defaultRedirectConfiguration": {
            "id": "string"
          },
          "pathRules": [
            {
              "id": "string",
              "properties": {
                "paths": [
                  "string"
                ],
                "backendAddressPool": {
                  "id": "string"
                },
                "backendHttpSettings": {
                  "id": "string"
                },
                "redirectConfiguration": {
                  "id": "string"
                }
              },
              "name": "string",
              "type": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "requestRoutingRules": [
      {
        "id": "string",
        "properties": {
          "ruleType": "string",
          "backendAddressPool": {
            "id": "string"
          },
          "backendHttpSettings": {
            "id": "string"
          },
          "httpListener": {
            "id": "string"
          },
          "urlPathMap": {
            "id": "string"
          },
          "redirectConfiguration": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "redirectConfigurations": [
      {
        "id": "string",
        "properties": {
          "redirectType": "string",
          "targetListener": {
            "id": "string"
          },
          "targetUrl": "string",
          "includePath": boolean,
          "includeQueryString": boolean,
          "requestRoutingRules": [
            {
              "id": "string"
            }
          ],
          "urlPathMaps": [
            {
              "id": "string"
            }
          ],
          "pathRules": [
            {
              "id": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "webApplicationFirewallConfiguration": {
      "enabled": boolean,
      "firewallMode": "string",
      "ruleSetType": "string",
      "ruleSetVersion": "string",
      "disabledRuleGroups": [
        {
          "ruleGroupName": "string",
          "rules": [
            "integer"
          ]
        }
      ],
      "requestBodyCheck": boolean,
      "maxRequestBodySize": "integer"
    },
    "enableHttp2": boolean,
    "resourceGuid": "string"
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/applicationGateways object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Network/applicationGateways
apiVersion enum Yes 2018-01-01
location string No Resource location.
tags object No Resource tags.
properties object Yes ApplicationGatewayPropertiesFormat object

ApplicationGatewayPropertiesFormat object

Name Type Required Value
sku object No SKU of the application gateway resource. - ApplicationGatewaySku object
sslPolicy object No SSL policy of the application gateway resource. - ApplicationGatewaySslPolicy object
gatewayIPConfigurations array No Subnets of application the gateway resource. - ApplicationGatewayIPConfiguration object
authenticationCertificates array No Authentication certificates of the application gateway resource. - ApplicationGatewayAuthenticationCertificate object
sslCertificates array No SSL certificates of the application gateway resource. - ApplicationGatewaySslCertificate object
frontendIPConfigurations array No Frontend IP addresses of the application gateway resource. - ApplicationGatewayFrontendIPConfiguration object
frontendPorts array No Frontend ports of the application gateway resource. - ApplicationGatewayFrontendPort object
probes array No Probes of the application gateway resource. - ApplicationGatewayProbe object
backendAddressPools array No Backend address pool of the application gateway resource. - ApplicationGatewayBackendAddressPool object
backendHttpSettingsCollection array No Backend http settings of the application gateway resource. - ApplicationGatewayBackendHttpSettings object
httpListeners array No Http listeners of the application gateway resource. - ApplicationGatewayHttpListener object
urlPathMaps array No URL path map of the application gateway resource. - ApplicationGatewayUrlPathMap object
requestRoutingRules array No Request routing rules of the application gateway resource. - ApplicationGatewayRequestRoutingRule object
redirectConfigurations array No Redirect configurations of the application gateway resource. - ApplicationGatewayRedirectConfiguration object
webApplicationFirewallConfiguration object No Web application firewall configuration. - ApplicationGatewayWebApplicationFirewallConfiguration object
enableHttp2 boolean No Whether HTTP2 is enabled on the application gateway resource.
resourceGuid string No Resource GUID property of the application gateway resource.

ApplicationGatewaySku object

Name Type Required Value
name enum No Name of an application gateway SKU. - Standard_Small, Standard_Medium, Standard_Large, WAF_Medium, WAF_Large
tier enum No Tier of an application gateway. - Standard or WAF
capacity integer No Capacity (instance count) of an application gateway.

ApplicationGatewaySslPolicy object

Name Type Required Value
disabledSslProtocols array No Ssl protocols to be disabled on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2
policyType enum No Type of Ssl Policy. - Predefined or Custom
policyName enum No Name of Ssl predefined policy. - AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S
cipherSuites array No Ssl cipher suites to be enabled in the specified order to application gateway. - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA
minProtocolVersion enum No Minimum version of Ssl protocol to be supported on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2

ApplicationGatewayIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayIPConfigurationPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayAuthenticationCertificate object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayAuthenticationCertificatePropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewaySslCertificate object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewaySslCertificatePropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayFrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayFrontendIPConfigurationPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayFrontendPort object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayFrontendPortPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayProbe object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayProbePropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayBackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayBackendAddressPoolPropertiesFormat object
name string No Resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayBackendHttpSettings object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayBackendHttpSettingsPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayHttpListener object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayHttpListenerPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayUrlPathMap object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayUrlPathMapPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayRequestRoutingRule object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayRequestRoutingRulePropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayRedirectConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayRedirectConfigurationPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

ApplicationGatewayWebApplicationFirewallConfiguration object

Name Type Required Value
enabled boolean Yes Whether the web application firewall is enabled or not.
firewallMode enum Yes Web application firewall mode. - Detection or Prevention
ruleSetType string Yes The type of the web application firewall rule set. Possible values are: 'OWASP'.
ruleSetVersion string Yes The version of the rule set type.
disabledRuleGroups array No The disabled rule groups. - ApplicationGatewayFirewallDisabledRuleGroup object
requestBodyCheck boolean No Whether allow WAF to check request Body.
maxRequestBodySize integer No Maximum request body size for WAF.

ApplicationGatewayIPConfigurationPropertiesFormat object

Name Type Required Value
subnet object No Reference of the subnet resource. A subnet from where application gateway gets its private address. - SubResource object

ApplicationGatewayAuthenticationCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.

ApplicationGatewaySslCertificatePropertiesFormat object

Name Type Required Value
data string No Base-64 encoded pfx certificate. Only applicable in PUT Request.
password string No Password for the pfx file specified in data. Only applicable in PUT request.
publicCertData string No Base-64 encoded Public cert data corresponding to pfx specified in data. Only applicable in GET request.

ApplicationGatewayFrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No PrivateIPAddress of the network interface IP Configuration.
privateIPAllocationMethod enum No PrivateIP allocation method. - Static or Dynamic
subnet object No Reference of the subnet resource. - SubResource object
publicIPAddress object No Reference of the PublicIP resource. - SubResource object

ApplicationGatewayFrontendPortPropertiesFormat object

Name Type Required Value
port integer No Frontend port

ApplicationGatewayProbePropertiesFormat object

Name Type Required Value
protocol enum No Protocol. - Http or Https
host string No Host name to send the probe to.
path string No Relative path of probe. Valid path starts from '/'. Probe is sent to ://:
interval integer No The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds.
timeout integer No the probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds.
unhealthyThreshold integer No The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20.
pickHostNameFromBackendHttpSettings boolean No Whether the host header should be picked from the backend http settings. Default value is false.
minServers integer No Minimum number of servers that are always marked healthy. Default value is 0.
match object No Criterion for classifying a healthy probe response. - ApplicationGatewayProbeHealthResponseMatch object

ApplicationGatewayBackendAddressPoolPropertiesFormat object

Name Type Required Value
backendIPConfigurations array No Collection of references to IPs defined in network interfaces. - NetworkInterfaceIPConfiguration object
backendAddresses array No Backend addresses - ApplicationGatewayBackendAddress object

ApplicationGatewayBackendHttpSettingsPropertiesFormat object

Name Type Required Value
port integer No Port
protocol enum No Protocol. - Http or Https
cookieBasedAffinity enum No Cookie based affinity. - Enabled or Disabled
requestTimeout integer No Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds.
probe object No Probe resource of an application gateway. - SubResource object
authenticationCertificates array No Array of references to application gateway authentication certificates. - SubResource object
connectionDraining object No Connection draining of the backend http settings resource. - ApplicationGatewayConnectionDraining object
hostName string No Host header to be sent to the backend servers.
pickHostNameFromBackendAddress boolean No Whether to pick host header should be picked from the host name of the backend server. Default value is false.
affinityCookieName string No Cookie name to use for the affinity cookie.
probeEnabled boolean No Whether the probe is enabled. Default value is false.
path string No Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null.

ApplicationGatewayHttpListenerPropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No Frontend IP configuration resource of an application gateway. - SubResource object
frontendPort object No Frontend port resource of an application gateway. - SubResource object
protocol enum No Protocol. - Http or Https
hostName string No Host name of HTTP listener.
sslCertificate object No SSL certificate resource of an application gateway. - SubResource object
requireServerNameIndication boolean No Applicable only if protocol is https. Enables SNI for multi-hosting.

ApplicationGatewayUrlPathMapPropertiesFormat object

Name Type Required Value
defaultBackendAddressPool object No Default backend address pool resource of URL path map. - SubResource object
defaultBackendHttpSettings object No Default backend http settings resource of URL path map. - SubResource object
defaultRedirectConfiguration object No Default redirect configuration resource of URL path map. - SubResource object
pathRules array No Path rule of URL path map resource. - ApplicationGatewayPathRule object

ApplicationGatewayRequestRoutingRulePropertiesFormat object

Name Type Required Value
ruleType enum No Rule type. - Basic or PathBasedRouting
backendAddressPool object No Backend address pool resource of the application gateway. - SubResource object
backendHttpSettings object No Frontend port resource of the application gateway. - SubResource object
httpListener object No Http listener resource of the application gateway. - SubResource object
urlPathMap object No URL path map resource of the application gateway. - SubResource object
redirectConfiguration object No Redirect configuration resource of the application gateway. - SubResource object

ApplicationGatewayRedirectConfigurationPropertiesFormat object

Name Type Required Value
redirectType enum No Supported http redirection types - Permanent, Temporary, Found, SeeOther. - Permanent, Found, SeeOther, Temporary
targetListener object No Reference to a listener to redirect the request to. - SubResource object
targetUrl string No Url to redirect the request to.
includePath boolean No Include path in the redirected url.
includeQueryString boolean No Include query string in the redirected url.
requestRoutingRules array No Request routing specifying redirect configuration. - SubResource object
urlPathMaps array No Url path maps specifying default redirect configuration. - SubResource object
pathRules array No Path rules specifying redirect configuration. - SubResource object

ApplicationGatewayFirewallDisabledRuleGroup object

Name Type Required Value
ruleGroupName string Yes The name of the rule group that will be disabled.
rules array No The list of rules that will be disabled. If null, all rules of the rule group will be disabled. - integer

SubResource object

Name Type Required Value
id string No Resource ID.

ApplicationGatewayProbeHealthResponseMatch object

Name Type Required Value
body string No Body that must be contained in the health response. Default value is empty.
statusCodes array No Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399. - string

NetworkInterfaceIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Network interface IP configuration properties. - NetworkInterfaceIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ApplicationGatewayBackendAddress object

Name Type Required Value
fqdn string No Fully qualified domain name (FQDN).
ipAddress string No IP address

ApplicationGatewayConnectionDraining object

Name Type Required Value
enabled boolean Yes Whether connection draining is enabled or not.
drainTimeoutInSec integer Yes The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

ApplicationGatewayPathRule object

Name Type Required Value
id string No Resource ID.
properties object No ApplicationGatewayPathRulePropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Type of the resource.

NetworkInterfaceIPConfigurationPropertiesFormat object

Name Type Required Value
applicationGatewayBackendAddressPools array No The reference of ApplicationGatewayBackendAddressPool resource. - ApplicationGatewayBackendAddressPool object
loadBalancerBackendAddressPools array No The reference of LoadBalancerBackendAddressPool resource. - BackendAddressPool object
loadBalancerInboundNatRules array No A list of references of LoadBalancerInboundNatRules. - InboundNatRule object
privateIPAddress string No Private IP address of the IP configuration.
privateIPAllocationMethod enum No Defines how a private IP address is assigned. Possible values are: 'Static' and 'Dynamic'. - Static or Dynamic
privateIPAddressVersion enum No Available from Api-Version 2016-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. Possible values are: 'IPv4' and 'IPv6'. - IPv4 or IPv6
subnet object No Subnet bound to the IP configuration. - Subnet object
primary boolean No Gets whether this is a primary customer address on the network interface.
publicIPAddress object No Public IP address bound to the IP configuration. - PublicIPAddress object
applicationSecurityGroups array No Application security groups in which the IP configuration is included. - ApplicationSecurityGroup object

ApplicationGatewayPathRulePropertiesFormat object

Name Type Required Value
paths array No Path rules of URL path map. - string
backendAddressPool object No Backend address pool resource of URL path map path rule. - SubResource object
backendHttpSettings object No Backend http settings resource of URL path map path rule. - SubResource object
redirectConfiguration object No Redirect configuration resource of URL path map path rule. - SubResource object

BackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer backend address pool. - BackendAddressPoolPropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

InboundNatRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer inbound nat rule. - InboundNatRulePropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

Subnet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - SubnetPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

PublicIPAddress object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
sku object No The public IP address SKU. - PublicIPAddressSku object
properties object No Public IP address properties. - PublicIPAddressPropertiesFormat object
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

ApplicationSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the application security group. - ApplicationSecurityGroupPropertiesFormat object

BackendAddressPoolPropertiesFormat object

Name Type Required Value

InboundNatRulePropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
protocol enum No Udp, Tcp, All
frontendPort integer No The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.
backendPort integer No The port used for the internal endpoint. Acceptable values range from 1 to 65535.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.

SubnetPropertiesFormat object

Name Type Required Value
addressPrefix string No The address prefix for the subnet.
networkSecurityGroup object No The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable object No The reference of the RouteTable resource. - RouteTable object
serviceEndpoints array No An array of service endpoints. - ServiceEndpointPropertiesFormat object
resourceNavigationLinks array No Gets an array of references to the external resources using subnet. - ResourceNavigationLink object

PublicIPAddressSku object

Name Type Required Value
name enum No Name of a public IP address SKU. - Basic or Standard

PublicIPAddressPropertiesFormat object

Name Type Required Value
publicIPAllocationMethod enum No The public IP allocation method. Possible values are: 'Static' and 'Dynamic'. - Static or Dynamic
publicIPAddressVersion enum No The public IP address version. Possible values are: 'IPv4' and 'IPv6'. - IPv4 or IPv6
dnsSettings object No The FQDN of the DNS record associated with the public IP address. - PublicIPAddressDnsSettings object
ipTags array No The list of tags associated with the public IP address. - IpTag object
ipAddress string No The IP address associated with the public IP address resource.
idleTimeoutInMinutes integer No The idle timeout of the public IP address.
resourceGuid string No The resource GUID property of the public IP resource.

NetworkSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the network security group - NetworkSecurityGroupPropertiesFormat object

RouteTable object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the route table. - RouteTablePropertiesFormat object

ServiceEndpointPropertiesFormat object

Name Type Required Value
service string No The type of the endpoint service.
locations array No A list of locations. - string

Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ResourceNavigationLinkFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.

PublicIPAddressDnsSettings object

Name Type Required Value
domainNameLabel string No Gets or sets the Domain name label.The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.
fqdn string No Gets the FQDN, Fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
reverseFqdn string No Gets or Sets the Reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

IpTag object

Name Type Required Value
ipTagType string No Gets or sets the ipTag type: Example FirstPartyUsage.
tag string No Gets or sets value of the IpTag associated with the public IP. Example SQL, Storage etc

NetworkSecurityGroupPropertiesFormat object

Name Type Required Value
securityRules array No A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules array No The default security rules of network security group. - SecurityRule object
resourceGuid string No The resource GUID property of the network security group resource.

RouteTablePropertiesFormat object

Name Type Required Value
routes array No Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation boolean No Gets or sets whether to disable the routes learned by BGP on that route table. True means disable.

ResourceNavigationLinkFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource

SecurityRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the security rule - SecurityRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

Route object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the route. - RoutePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

SecurityRulePropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
protocol enum Yes Network protocol this rule applies to. Possible values are 'Tcp', 'Udp', and '*'. - Tcp, Udp, *
sourcePortRange string No The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
destinationPortRange string No The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
sourceAddressPrefix string No The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes array No The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups array No The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix string No The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes array No The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups array No The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges array No The source port ranges. - string
destinationPortRanges array No The destination port ranges. - string
access enum Yes The network traffic is allowed or denied. Possible values are: 'Allow' and 'Deny'. - Allow or Deny
priority integer No The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction enum Yes The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. Possible values are: 'Inbound' and 'Outbound'. - Inbound or Outbound

RoutePropertiesFormat object

Name Type Required Value
addressPrefix string No The destination CIDR to which the route applies.
nextHopType enum Yes The type of Azure hop the packet should be sent to. Possible values are: 'VirtualNetworkGateway', 'VnetLocal', 'Internet', 'VirtualAppliance', and 'None'. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress string No The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in a virtual network and sets up load balancing rules for any number of virtual machines
Create an Application Gateway V2 with Key Vault

Deploy to Azure
This template deploys an Application Gateway V2 in a Virtual Network, a user defined identity, Key Vault, a secret (cert data), and access policy on Key Vault and Application Gateway.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Http Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Ssl Offload and Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Redirect functionalities in a virtual network and sets up load balancing and redirect rules (basic and pathbased)
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Rewrite functionalities in a virtual network and sets up load balancing, rewrite rules
Create an Application Gateway v2

Deploy to Azure
This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Web Application Firewall functionality in a virtual network and sets up load balancing rules for any number of virtual machines
Create a WordPress site in a virtual network

Deploy to Azure
This template creates a WordPress site on Container Instance in a virtual network. And output a public site FQDN which could access WordPress site.
App Gateway with WAF, SSL, IIS and HTTPS redirection

Deploy to Azure
This template deploys an Application Gateway with WAF, end to end SSL and HTTP to HTTPS redirect on the IIS servers.
Application Gateway for Multi Hosting

Deploy to Azure
This template creates an Application Gateway and configures it for Multi Hosting on port 443.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway and shows usage of the path override feature for a backend address pool.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway with enhanced probe functionality.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a custom ssl policy.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a predefined ssl policy.
Application Gateway for Url Path Based Routing

Deploy to Azure
This template creates an Application Gateway and configures it for URL Path Based Routing.
Application Gateway for a Web App with IP Restriction

Deploy to Azure
This template creates an application gateway in front of an Azure Web App with IP restriction enabled on the Web App.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in front of two Azure Web Apps with a custom probe enabled.
Deploy an Ubuntu VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Deploy a Windows VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Create a Web App protected by Application Gateway v2

Deploy to Azure
This template creates an Azure Web App with Access Restriction for an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet) which has a 'Microsoft.Web' Service Endpoint enabled. The Web App restricts access to traffic from the subnet.
Multi tier traffic manager, L4 ILB, L7 AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Multi tier App with NSG, ILB, AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Create an Azure Application Gateway v2

Deploy to Azure
This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Create an Azure WAF v2 on Azure Application Gateway

Deploy to Azure
This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Azure Application Gateway Demo Setup

Deploy to Azure
This template allows you to quickly deploy Azure Application Gateway demo to test load-balancing with or without cookie-based affinity.
eShop Website with ILB ASE

Deploy to Azure
An App Service Environment is a Premium service plan option of Azure App Service that provides a fully isolated and dedicated environment for securely running Azure App Service apps at high scale, including Web Apps, Mobile Apps, and API Apps.
Autoscale LANSA Windows VM ScaleSet with Azure SQL Database

Deploy to Azure
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI)
SAS Viya Quickstart Template for Azure

Deploy to Azure
The SAS Viya Quickstart Template for Azure deploys these products on the cloud: SAS Visual Analytics 8.5 on Linux, SAS Visual Statistics 8.5 on Linux, and SAS Visual Data Mining and Machine Learning 8.5 on Linux. This Quickstart is a reference architecture for users who want to deploy the SAS Viya platform, using microservices and other cloud-friendly technologies. By deploying the SAS platform on Azure, you get SAS analytics, data visualization, and machine learning capabilities in an Azure-validated environment. SAS Viya is a cloud-enabled, in-memory analytics engine. It uses elastic, scalable, and fault-tolerant processing to address complex analytical challenges. SAS Viya provides faster processing for analytics by using a standardized code base that supports programming in SAS, Python, R, Java, and Lua. It also supports cloud, on-premises, or hybrid environments and deploys seamlessly to any infrastructure or application ecosystem.