Microsoft.Network applicationGateways template reference

Template format

To create a Microsoft.Network/applicationGateways resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/applicationGateways",
  "apiVersion": "2019-04-01",
  "location": "string",
  "tags": {},
  "properties": {
    "sku": {
      "name": "string",
      "tier": "string",
      "capacity": "integer"
    },
    "sslPolicy": {
      "disabledSslProtocols": [
        "string"
      ],
      "policyType": "string",
      "policyName": "string",
      "cipherSuites": [
        "string"
      ],
      "minProtocolVersion": "string"
    },
    "gatewayIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "subnet": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "authenticationCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "trustedRootCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "sslCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "password": "string",
          "publicCertData": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "subnet": {
            "id": "string"
          },
          "publicIPAddress": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "frontendPorts": [
      {
        "id": "string",
        "properties": {
          "port": "integer"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "probes": [
      {
        "id": "string",
        "properties": {
          "protocol": "string",
          "host": "string",
          "path": "string",
          "interval": "integer",
          "timeout": "integer",
          "unhealthyThreshold": "integer",
          "pickHostNameFromBackendHttpSettings": "boolean",
          "minServers": "integer",
          "match": {
            "body": "string",
            "statusCodes": [
              "string"
            ]
          },
          "port": "integer"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendAddressPools": [
      {
        "id": "string",
        "properties": {
          "backendIPConfigurations": [
            {
              "id": "string",
              "properties": {
                "virtualNetworkTaps": [
                  {
                    "id": "string",
                    "location": "string",
                    "tags": {},
                    "properties": {
                      "destinationNetworkInterfaceIPConfiguration": "NetworkInterfaceIPConfiguration",
                      "destinationLoadBalancerFrontEndIPConfiguration": {
                        "id": "string",
                        "properties": {
                          "privateIPAddress": "string",
                          "privateIPAllocationMethod": "string",
                          "privateIPAddressVersion": "string",
                          "subnet": {
                            "id": "string",
                            "properties": {
                              "addressPrefix": "string",
                              "addressPrefixes": [
                                "string"
                              ],
                              "networkSecurityGroup": {
                                "id": "string",
                                "location": "string",
                                "tags": {},
                                "properties": {
                                  "securityRules": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "description": "string",
                                        "protocol": "string",
                                        "sourcePortRange": "string",
                                        "destinationPortRange": "string",
                                        "sourceAddressPrefix": "string",
                                        "sourceAddressPrefixes": [
                                          "string"
                                        ],
                                        "sourceApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "destinationAddressPrefix": "string",
                                        "destinationAddressPrefixes": [
                                          "string"
                                        ],
                                        "destinationApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "sourcePortRanges": [
                                          "string"
                                        ],
                                        "destinationPortRanges": [
                                          "string"
                                        ],
                                        "access": "string",
                                        "priority": "integer",
                                        "direction": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "defaultSecurityRules": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "description": "string",
                                        "protocol": "string",
                                        "sourcePortRange": "string",
                                        "destinationPortRange": "string",
                                        "sourceAddressPrefix": "string",
                                        "sourceAddressPrefixes": [
                                          "string"
                                        ],
                                        "sourceApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "destinationAddressPrefix": "string",
                                        "destinationAddressPrefixes": [
                                          "string"
                                        ],
                                        "destinationApplicationSecurityGroups": [
                                          {
                                            "id": "string",
                                            "location": "string",
                                            "tags": {},
                                            "properties": {}
                                          }
                                        ],
                                        "sourcePortRanges": [
                                          "string"
                                        ],
                                        "destinationPortRanges": [
                                          "string"
                                        ],
                                        "access": "string",
                                        "priority": "integer",
                                        "direction": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "resourceGuid": "string"
                                }
                              },
                              "routeTable": {
                                "id": "string",
                                "location": "string",
                                "tags": {},
                                "properties": {
                                  "routes": [
                                    {
                                      "id": "string",
                                      "properties": {
                                        "addressPrefix": "string",
                                        "nextHopType": "string",
                                        "nextHopIpAddress": "string"
                                      },
                                      "name": "string"
                                    }
                                  ],
                                  "disableBgpRoutePropagation": "boolean"
                                }
                              },
                              "natGateway": {
                                "id": "string"
                              },
                              "serviceEndpoints": [
                                {
                                  "service": "string",
                                  "locations": [
                                    "string"
                                  ]
                                }
                              ],
                              "serviceEndpointPolicies": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {
                                    "serviceEndpointPolicyDefinitions": [
                                      {
                                        "id": "string",
                                        "properties": {
                                          "description": "string",
                                          "service": "string",
                                          "serviceResources": [
                                            "string"
                                          ]
                                        },
                                        "name": "string"
                                      }
                                    ]
                                  }
                                }
                              ],
                              "resourceNavigationLinks": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "linkedResourceType": "string",
                                    "link": "string"
                                  },
                                  "name": "string"
                                }
                              ],
                              "serviceAssociationLinks": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "linkedResourceType": "string",
                                    "link": "string",
                                    "allowDelete": "boolean",
                                    "locations": [
                                      "string"
                                    ]
                                  },
                                  "name": "string",
                                  "type": "string"
                                }
                              ],
                              "delegations": [
                                {
                                  "id": "string",
                                  "properties": {
                                    "serviceName": "string",
                                    "actions": [
                                      "string"
                                    ]
                                  },
                                  "name": "string"
                                }
                              ],
                              "privateEndpointNetworkPolicies": "string",
                              "privateLinkServiceNetworkPolicies": "string"
                            },
                            "name": "string"
                          },
                          "publicIPAddress": {
                            "id": "string",
                            "location": "string",
                            "tags": {},
                            "sku": {
                              "name": "string"
                            },
                            "properties": {
                              "publicIPAllocationMethod": "string",
                              "publicIPAddressVersion": "string",
                              "dnsSettings": {
                                "domainNameLabel": "string",
                                "fqdn": "string",
                                "reverseFqdn": "string"
                              },
                              "ddosSettings": {
                                "ddosCustomPolicy": {
                                  "id": "string"
                                },
                                "protectionCoverage": "string"
                              },
                              "ipTags": [
                                {
                                  "ipTagType": "string",
                                  "tag": "string"
                                }
                              ],
                              "ipAddress": "string",
                              "publicIPPrefix": {
                                "id": "string"
                              },
                              "idleTimeoutInMinutes": "integer",
                              "resourceGuid": "string"
                            },
                            "zones": [
                              "string"
                            ]
                          },
                          "publicIPPrefix": {
                            "id": "string"
                          }
                        },
                        "name": "string",
                        "zones": [
                          "string"
                        ]
                      },
                      "destinationPort": "integer"
                    }
                  }
                ],
                "applicationGatewayBackendAddressPools": [
                  "ApplicationGatewayBackendAddressPool"
                ],
                "loadBalancerBackendAddressPools": [
                  {
                    "id": "string",
                    "properties": {
                    },
                    "name": "string"
                  }
                ],
                "loadBalancerInboundNatRules": [
                  {
                    "id": "string",
                    "properties": {
                      "frontendIPConfiguration": {
                        "id": "string"
                      },
                      "protocol": "string",
                      "frontendPort": "integer",
                      "backendPort": "integer",
                      "idleTimeoutInMinutes": "integer",
                      "enableFloatingIP": "boolean",
                      "enableTcpReset": "boolean"
                    },
                    "name": "string"
                  }
                ],
                "privateIPAddress": "string",
                "privateIPAllocationMethod": "string",
                "privateIPAddressVersion": "string",
                "subnet": {
                  "id": "string",
                  "properties": {
                    "addressPrefix": "string",
                    "addressPrefixes": [
                      "string"
                    ],
                    "networkSecurityGroup": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "securityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "defaultSecurityRules": [
                          {
                            "id": "string",
                            "properties": {
                              "description": "string",
                              "protocol": "string",
                              "sourcePortRange": "string",
                              "destinationPortRange": "string",
                              "sourceAddressPrefix": "string",
                              "sourceAddressPrefixes": [
                                "string"
                              ],
                              "sourceApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "destinationAddressPrefix": "string",
                              "destinationAddressPrefixes": [
                                "string"
                              ],
                              "destinationApplicationSecurityGroups": [
                                {
                                  "id": "string",
                                  "location": "string",
                                  "tags": {},
                                  "properties": {}
                                }
                              ],
                              "sourcePortRanges": [
                                "string"
                              ],
                              "destinationPortRanges": [
                                "string"
                              ],
                              "access": "string",
                              "priority": "integer",
                              "direction": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "resourceGuid": "string"
                      }
                    },
                    "routeTable": {
                      "id": "string",
                      "location": "string",
                      "tags": {},
                      "properties": {
                        "routes": [
                          {
                            "id": "string",
                            "properties": {
                              "addressPrefix": "string",
                              "nextHopType": "string",
                              "nextHopIpAddress": "string"
                            },
                            "name": "string"
                          }
                        ],
                        "disableBgpRoutePropagation": "boolean"
                      }
                    },
                    "natGateway": {
                      "id": "string"
                    },
                    "serviceEndpoints": [
                      {
                        "service": "string",
                        "locations": [
                          "string"
                        ]
                      }
                    ],
                    "serviceEndpointPolicies": [
                      {
                        "id": "string",
                        "location": "string",
                        "tags": {},
                        "properties": {
                          "serviceEndpointPolicyDefinitions": [
                            {
                              "id": "string",
                              "properties": {
                                "description": "string",
                                "service": "string",
                                "serviceResources": [
                                  "string"
                                ]
                              },
                              "name": "string"
                            }
                          ]
                        }
                      }
                    ],
                    "resourceNavigationLinks": [
                      {
                        "id": "string",
                        "properties": {
                          "linkedResourceType": "string",
                          "link": "string"
                        },
                        "name": "string"
                      }
                    ],
                    "serviceAssociationLinks": [
                      {
                        "id": "string",
                        "properties": {
                          "linkedResourceType": "string",
                          "link": "string",
                          "allowDelete": "boolean",
                          "locations": [
                            "string"
                          ]
                        },
                        "name": "string",
                        "type": "string"
                      }
                    ],
                    "delegations": [
                      {
                        "id": "string",
                        "properties": {
                          "serviceName": "string",
                          "actions": [
                            "string"
                          ]
                        },
                        "name": "string"
                      }
                    ],
                    "privateEndpointNetworkPolicies": "string",
                    "privateLinkServiceNetworkPolicies": "string"
                  },
                  "name": "string"
                },
                "primary": "boolean",
                "publicIPAddress": {
                  "id": "string",
                  "location": "string",
                  "tags": {},
                  "sku": {
                    "name": "string"
                  },
                  "properties": {
                    "publicIPAllocationMethod": "string",
                    "publicIPAddressVersion": "string",
                    "dnsSettings": {
                      "domainNameLabel": "string",
                      "fqdn": "string",
                      "reverseFqdn": "string"
                    },
                    "ddosSettings": {
                      "ddosCustomPolicy": {
                        "id": "string"
                      },
                      "protectionCoverage": "string"
                    },
                    "ipTags": [
                      {
                        "ipTagType": "string",
                        "tag": "string"
                      }
                    ],
                    "ipAddress": "string",
                    "publicIPPrefix": {
                      "id": "string"
                    },
                    "idleTimeoutInMinutes": "integer",
                    "resourceGuid": "string"
                  },
                  "zones": [
                    "string"
                  ]
                },
                "applicationSecurityGroups": [
                  {
                    "id": "string",
                    "location": "string",
                    "tags": {},
                    "properties": {}
                  }
                ]
              },
              "name": "string"
            }
          ],
          "backendAddresses": [
            {
              "fqdn": "string",
              "ipAddress": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "backendHttpSettingsCollection": [
      {
        "id": "string",
        "properties": {
          "port": "integer",
          "protocol": "string",
          "cookieBasedAffinity": "string",
          "requestTimeout": "integer",
          "probe": {
            "id": "string"
          },
          "authenticationCertificates": [
            {
              "id": "string"
            }
          ],
          "trustedRootCertificates": [
            {
              "id": "string"
            }
          ],
          "connectionDraining": {
            "enabled": "boolean",
            "drainTimeoutInSec": "integer"
          },
          "hostName": "string",
          "pickHostNameFromBackendAddress": "boolean",
          "affinityCookieName": "string",
          "probeEnabled": "boolean",
          "path": "string"
        },
        "name": "string",
        "type": "string"
      }
    ],
    "httpListeners": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": {
            "id": "string"
          },
          "protocol": "string",
          "hostName": "string",
          "sslCertificate": {
            "id": "string"
          },
          "requireServerNameIndication": "boolean",
          "customErrorConfigurations": [
            {
              "statusCode": "string",
              "customErrorPageUrl": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "urlPathMaps": [
      {
        "id": "string",
        "properties": {
          "defaultBackendAddressPool": {
            "id": "string"
          },
          "defaultBackendHttpSettings": {
            "id": "string"
          },
          "defaultRewriteRuleSet": {
            "id": "string"
          },
          "defaultRedirectConfiguration": {
            "id": "string"
          },
          "pathRules": [
            {
              "id": "string",
              "properties": {
                "paths": [
                  "string"
                ],
                "backendAddressPool": {
                  "id": "string"
                },
                "backendHttpSettings": {
                  "id": "string"
                },
                "redirectConfiguration": {
                  "id": "string"
                },
                "rewriteRuleSet": {
                  "id": "string"
                }
              },
              "name": "string",
              "type": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "requestRoutingRules": [
      {
        "id": "string",
        "properties": {
          "ruleType": "string",
          "backendAddressPool": {
            "id": "string"
          },
          "backendHttpSettings": {
            "id": "string"
          },
          "httpListener": {
            "id": "string"
          },
          "urlPathMap": {
            "id": "string"
          },
          "rewriteRuleSet": {
            "id": "string"
          },
          "redirectConfiguration": {
            "id": "string"
          }
        },
        "name": "string",
        "type": "string"
      }
    ],
    "rewriteRuleSets": [
      {
        "id": "string",
        "properties": {
          "rewriteRules": [
            {
              "name": "string",
              "ruleSequence": "integer",
              "conditions": [
                {
                  "variable": "string",
                  "pattern": "string",
                  "ignoreCase": "boolean",
                  "negate": "boolean"
                }
              ],
              "actionSet": {
                "requestHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ],
                "responseHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ]
              }
            }
          ]
        },
        "name": "string"
      }
    ],
    "redirectConfigurations": [
      {
        "id": "string",
        "properties": {
          "redirectType": "string",
          "targetListener": {
            "id": "string"
          },
          "targetUrl": "string",
          "includePath": "boolean",
          "includeQueryString": "boolean",
          "requestRoutingRules": [
            {
              "id": "string"
            }
          ],
          "urlPathMaps": [
            {
              "id": "string"
            }
          ],
          "pathRules": [
            {
              "id": "string"
            }
          ]
        },
        "name": "string",
        "type": "string"
      }
    ],
    "webApplicationFirewallConfiguration": {
      "enabled": "boolean",
      "firewallMode": "string",
      "ruleSetType": "string",
      "ruleSetVersion": "string",
      "disabledRuleGroups": [
        {
          "ruleGroupName": "string",
          "rules": [
            "integer"
          ]
        }
      ],
      "requestBodyCheck": "boolean",
      "maxRequestBodySize": "integer",
      "maxRequestBodySizeInKb": "integer",
      "fileUploadLimitInMb": "integer",
      "exclusions": [
        {
          "matchVariable": "string",
          "selectorMatchOperator": "string",
          "selector": "string"
        }
      ]
    },
    "firewallPolicy": {
      "id": "string"
    },
    "enableHttp2": "boolean",
    "enableFips": "boolean",
    "autoscaleConfiguration": {
      "minCapacity": "integer",
      "maxCapacity": "integer"
    },
    "resourceGuid": "string",
    "customErrorConfigurations": [
      {
        "statusCode": "string",
        "customErrorPageUrl": "string"
      }
    ]
  },
  "zones": [
    "string"
  ],
  "identity": {
    "type": "string",
    "userAssignedIdentities": {}
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/applicationGateways object

Note

In Bicep, type and apiVersion are specified in the first line of the resource declaration. Use the format <type>@<apiVersion>. Don't set those properties in the resource body.

Name Type Required Value
name string Yes The name of the application gateway.
type enum Yes For JSON - Microsoft.Network/applicationGateways
apiVersion enum Yes For JSON - 2019-04-01
location string Yes Resource location.
tags object No Resource tags.
properties object Yes Properties of the application gateway. - ApplicationGatewayPropertiesFormat object
zones array No A list of availability zones denoting where the resource needs to come from. - string
identity object No The identity of the application gateway, if configured. - ManagedServiceIdentity object

ApplicationGatewayPropertiesFormat object

Name Type Required Value
sku object No SKU of the application gateway resource. - ApplicationGatewaySku object
sslPolicy object No SSL policy of the application gateway resource. - ApplicationGatewaySslPolicy object
gatewayIPConfigurations array No Subnets of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayIPConfiguration object
authenticationCertificates array No Authentication certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayAuthenticationCertificate object
trustedRootCertificates array No Trusted Root certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayTrustedRootCertificate object
sslCertificates array No SSL certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewaySslCertificate object
frontendIPConfigurations array No Frontend IP addresses of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayFrontendIPConfiguration object
frontendPorts array No Frontend ports of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayFrontendPort object
probes array No Probes of the application gateway resource. - ApplicationGatewayProbe object
backendAddressPools array No Backend address pool of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayBackendAddressPool object
backendHttpSettingsCollection array No Backend http settings of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayBackendHttpSettings object
httpListeners array No Http listeners of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayHttpListener object
urlPathMaps array No URL path map of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayUrlPathMap object
requestRoutingRules array No Request routing rules of the application gateway resource. - ApplicationGatewayRequestRoutingRule object
rewriteRuleSets array No Rewrite rules for the application gateway resource. - ApplicationGatewayRewriteRuleSet object
redirectConfigurations array No Redirect configurations of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayRedirectConfiguration object
webApplicationFirewallConfiguration object No Web application firewall configuration. - ApplicationGatewayWebApplicationFirewallConfiguration object
firewallPolicy object No Reference of the FirewallPolicy resource. - SubResource object
enableHttp2 boolean No Whether HTTP2 is enabled on the application gateway resource.
enableFips boolean No Whether FIPS is enabled on the application gateway resource.
autoscaleConfiguration object No Autoscale Configuration. - ApplicationGatewayAutoscaleConfiguration object
resourceGuid string No Resource GUID property of the application gateway resource.
customErrorConfigurations array No Custom error configurations of the application gateway resource. - ApplicationGatewayCustomError object

ManagedServiceIdentity object

Name Type Required Value
type enum No The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, SystemAssigned, UserAssigned, None
userAssignedIdentities object No The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ApplicationGatewaySku object

Name Type Required Value
name enum No Name of an application gateway SKU. - Standard_Small, Standard_Medium, Standard_Large, WAF_Medium, WAF_Large, Standard_v2, WAF_v2
tier enum No Tier of an application gateway. - Standard, WAF, Standard_v2, WAF_v2
capacity integer No Capacity (instance count) of an application gateway.

ApplicationGatewaySslPolicy object

Name Type Required Value
disabledSslProtocols array No Ssl protocols to be disabled on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2
policyType enum No Type of Ssl Policy. - Predefined or Custom
policyName enum No Name of Ssl predefined policy. - AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S
cipherSuites array No Ssl cipher suites to be enabled in the specified order to application gateway. - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
minProtocolVersion enum No Minimum version of Ssl protocol to be supported on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2

ApplicationGatewayIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway IP configuration. - ApplicationGatewayIPConfigurationPropertiesFormat object
name string No Name of the IP configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayAuthenticationCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway authentication certificate. - ApplicationGatewayAuthenticationCertificatePropertiesFormat object
name string No Name of the authentication certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayTrustedRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway trusted root certificate. - ApplicationGatewayTrustedRootCertificatePropertiesFormat object
name string No Name of the trusted root certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewaySslCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway SSL certificate. - ApplicationGatewaySslCertificatePropertiesFormat object
name string No Name of the SSL certificate that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayFrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway frontend IP configuration. - ApplicationGatewayFrontendIPConfigurationPropertiesFormat object
name string No Name of the frontend IP configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayFrontendPort object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway frontend port. - ApplicationGatewayFrontendPortPropertiesFormat object
name string No Name of the frontend port that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayProbe object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway probe. - ApplicationGatewayProbePropertiesFormat object
name string No Name of the probe that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayBackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway backend address pool. - ApplicationGatewayBackendAddressPoolPropertiesFormat object
name string No Name of the backend address pool that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayBackendHttpSettings object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway backend HTTP settings. - ApplicationGatewayBackendHttpSettingsPropertiesFormat object
name string No Name of the backend http settings that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayHttpListener object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway HTTP listener. - ApplicationGatewayHttpListenerPropertiesFormat object
name string No Name of the HTTP listener that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayUrlPathMap object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway URL path map. - ApplicationGatewayUrlPathMapPropertiesFormat object
name string No Name of the URL path map that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRequestRoutingRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway request routing rule. - ApplicationGatewayRequestRoutingRulePropertiesFormat object
name string No Name of the request routing rule that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRewriteRuleSet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway rewrite rule set. - ApplicationGatewayRewriteRuleSetPropertiesFormat object
name string No Name of the rewrite rule set that is unique within an Application Gateway.

ApplicationGatewayRedirectConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway redirect configuration. - ApplicationGatewayRedirectConfigurationPropertiesFormat object
name string No Name of the redirect configuration that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayWebApplicationFirewallConfiguration object

Name Type Required Value
enabled boolean Yes Whether the web application firewall is enabled or not.
firewallMode enum Yes Web application firewall mode. - Detection or Prevention
ruleSetType string Yes The type of the web application firewall rule set. Possible values are: 'OWASP'.
ruleSetVersion string Yes The version of the rule set type.
disabledRuleGroups array No The disabled rule groups. - ApplicationGatewayFirewallDisabledRuleGroup object
requestBodyCheck boolean No Whether allow WAF to check request Body.
maxRequestBodySize integer No Maximum request body size for WAF.
maxRequestBodySizeInKb integer No Maximum request body size in Kb for WAF.
fileUploadLimitInMb integer No Maximum file upload size in Mb for WAF.
exclusions array No The exclusion list. - ApplicationGatewayFirewallExclusion object

SubResource object

Name Type Required Value
id string No Resource ID.

ApplicationGatewayAutoscaleConfiguration object

Name Type Required Value
minCapacity integer Yes Lower bound on number of Application Gateway capacity.
maxCapacity integer No Upper bound on number of Application Gateway capacity.

ApplicationGatewayCustomError object

Name Type Required Value
statusCode enum No Status code of the application gateway customer error. - HttpStatus403 or HttpStatus502
customErrorPageUrl string No Error page URL of the application gateway customer error.

ApplicationGatewayIPConfigurationPropertiesFormat object

Name Type Required Value
subnet object No Reference of the subnet resource. A subnet from where application gateway gets its private address. - SubResource object

ApplicationGatewayAuthenticationCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.

ApplicationGatewayTrustedRootCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewaySslCertificatePropertiesFormat object

Name Type Required Value
data string No Base-64 encoded pfx certificate. Only applicable in PUT Request.
password string No Password for the pfx file specified in data. Only applicable in PUT request.
publicCertData string No Base-64 encoded Public cert data corresponding to pfx specified in data. Only applicable in GET request.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewayFrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No PrivateIPAddress of the network interface IP Configuration.
privateIPAllocationMethod enum No The private IP address allocation method. - Static or Dynamic
subnet object No Reference of the subnet resource. - SubResource object
publicIPAddress object No Reference of the PublicIP resource. - SubResource object

ApplicationGatewayFrontendPortPropertiesFormat object

Name Type Required Value
port integer No Frontend port.

ApplicationGatewayProbePropertiesFormat object

Name Type Required Value
protocol enum No The protocol used for the probe. - Http or Https
host string No Host name to send the probe to.
path string No Relative path of probe. Valid path starts from '/'. Probe is sent to ://:.
interval integer No The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds.
timeout integer No The probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds.
unhealthyThreshold integer No The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20.
pickHostNameFromBackendHttpSettings boolean No Whether the host header should be picked from the backend http settings. Default value is false.
minServers integer No Minimum number of servers that are always marked healthy. Default value is 0.
match object No Criterion for classifying a healthy probe response. - ApplicationGatewayProbeHealthResponseMatch object
port integer No Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Standard_v2 and WAF_v2 only.

ApplicationGatewayBackendAddressPoolPropertiesFormat object

Name Type Required Value
backendIPConfigurations array No Collection of references to IPs defined in network interfaces. - NetworkInterfaceIPConfiguration object
backendAddresses array No Backend addresses. - ApplicationGatewayBackendAddress object

ApplicationGatewayBackendHttpSettingsPropertiesFormat object

Name Type Required Value
port integer No The destination port on the backend.
protocol enum No The protocol used to communicate with the backend. - Http or Https
cookieBasedAffinity enum No Cookie based affinity. - Enabled or Disabled
requestTimeout integer No Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds.
probe object No Probe resource of an application gateway. - SubResource object
authenticationCertificates array No Array of references to application gateway authentication certificates. - SubResource object
trustedRootCertificates array No Array of references to application gateway trusted root certificates. - SubResource object
connectionDraining object No Connection draining of the backend http settings resource. - ApplicationGatewayConnectionDraining object
hostName string No Host header to be sent to the backend servers.
pickHostNameFromBackendAddress boolean No Whether to pick host header should be picked from the host name of the backend server. Default value is false.
affinityCookieName string No Cookie name to use for the affinity cookie.
probeEnabled boolean No Whether the probe is enabled. Default value is false.
path string No Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null.

ApplicationGatewayHttpListenerPropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No Frontend IP configuration resource of an application gateway. - SubResource object
frontendPort object No Frontend port resource of an application gateway. - SubResource object
protocol enum No Protocol of the HTTP listener. - Http or Https
hostName string No Host name of HTTP listener.
sslCertificate object No SSL certificate resource of an application gateway. - SubResource object
requireServerNameIndication boolean No Applicable only if protocol is https. Enables SNI for multi-hosting.
customErrorConfigurations array No Custom error configurations of the HTTP listener. - ApplicationGatewayCustomError object

ApplicationGatewayUrlPathMapPropertiesFormat object

Name Type Required Value
defaultBackendAddressPool object No Default backend address pool resource of URL path map. - SubResource object
defaultBackendHttpSettings object No Default backend http settings resource of URL path map. - SubResource object
defaultRewriteRuleSet object No Default Rewrite rule set resource of URL path map. - SubResource object
defaultRedirectConfiguration object No Default redirect configuration resource of URL path map. - SubResource object
pathRules array No Path rule of URL path map resource. - ApplicationGatewayPathRule object

ApplicationGatewayRequestRoutingRulePropertiesFormat object

Name Type Required Value
ruleType enum No Rule type. - Basic or PathBasedRouting
backendAddressPool object No Backend address pool resource of the application gateway. - SubResource object
backendHttpSettings object No Backend http settings resource of the application gateway. - SubResource object
httpListener object No Http listener resource of the application gateway. - SubResource object
urlPathMap object No URL path map resource of the application gateway. - SubResource object
rewriteRuleSet object No Rewrite Rule Set resource in Basic rule of the application gateway. - SubResource object
redirectConfiguration object No Redirect configuration resource of the application gateway. - SubResource object

ApplicationGatewayRewriteRuleSetPropertiesFormat object

Name Type Required Value
rewriteRules array No Rewrite rules in the rewrite rule set. - ApplicationGatewayRewriteRule object

ApplicationGatewayRedirectConfigurationPropertiesFormat object

Name Type Required Value
redirectType enum No HTTP redirection type. - Permanent, Found, SeeOther, Temporary
targetListener object No Reference to a listener to redirect the request to. - SubResource object
targetUrl string No Url to redirect the request to.
includePath boolean No Include path in the redirected url.
includeQueryString boolean No Include query string in the redirected url.
requestRoutingRules array No Request routing specifying redirect configuration. - SubResource object
urlPathMaps array No Url path maps specifying default redirect configuration. - SubResource object
pathRules array No Path rules specifying redirect configuration. - SubResource object

ApplicationGatewayFirewallDisabledRuleGroup object

Name Type Required Value
ruleGroupName string Yes The name of the rule group that will be disabled.
rules array No The list of rules that will be disabled. If null, all rules of the rule group will be disabled. - integer

ApplicationGatewayFirewallExclusion object

Name Type Required Value
matchVariable string Yes The variable to be excluded.
selectorMatchOperator string Yes When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to.
selector string Yes When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to.

ApplicationGatewayProbeHealthResponseMatch object

Name Type Required Value
body string No Body that must be contained in the health response. Default value is empty.
statusCodes array No Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399. - string

NetworkInterfaceIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Network interface IP configuration properties. - NetworkInterfaceIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ApplicationGatewayBackendAddress object

Name Type Required Value
fqdn string No Fully qualified domain name (FQDN).
ipAddress string No IP address.

ApplicationGatewayConnectionDraining object

Name Type Required Value
enabled boolean Yes Whether connection draining is enabled or not.
drainTimeoutInSec integer Yes The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

ApplicationGatewayPathRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway path rule. - ApplicationGatewayPathRulePropertiesFormat object
name string No Name of the path rule that is unique within an Application Gateway.
type string No Type of the resource.

ApplicationGatewayRewriteRule object

Name Type Required Value
name string No Name of the rewrite rule that is unique within an Application Gateway.
ruleSequence integer No Rule Sequence of the rewrite rule that determines the order of execution of a particular rule in a RewriteRuleSet.
conditions array No Conditions based on which the action set execution will be evaluated. - ApplicationGatewayRewriteRuleCondition object
actionSet object No Set of actions to be done as part of the rewrite Rule. - ApplicationGatewayRewriteRuleActionSet object

NetworkInterfaceIPConfigurationPropertiesFormat object

Name Type Required Value
virtualNetworkTaps array No The reference to Virtual Network Taps. - VirtualNetworkTap object
applicationGatewayBackendAddressPools array No The reference of ApplicationGatewayBackendAddressPool resource. - ApplicationGatewayBackendAddressPool object
loadBalancerBackendAddressPools array No The reference of LoadBalancerBackendAddressPool resource. - BackendAddressPool object
loadBalancerInboundNatRules array No A list of references of LoadBalancerInboundNatRules. - InboundNatRule object
privateIPAddress string No Private IP address of the IP configuration.
privateIPAllocationMethod enum No The private IP address allocation method. - Static or Dynamic
privateIPAddressVersion enum No Available from Api-Version 2016-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. - IPv4 or IPv6
subnet object No Subnet bound to the IP configuration. - Subnet object
primary boolean No Gets whether this is a primary customer address on the network interface.
publicIPAddress object No Public IP address bound to the IP configuration. - PublicIPAddress object
applicationSecurityGroups array No Application security groups in which the IP configuration is included. - ApplicationSecurityGroup object

ApplicationGatewayPathRulePropertiesFormat object

Name Type Required Value
paths array No Path rules of URL path map. - string
backendAddressPool object No Backend address pool resource of URL path map path rule. - SubResource object
backendHttpSettings object No Backend http settings resource of URL path map path rule. - SubResource object
redirectConfiguration object No Redirect configuration resource of URL path map path rule. - SubResource object
rewriteRuleSet object No Rewrite rule set resource of URL path map path rule. - SubResource object

ApplicationGatewayRewriteRuleCondition object

Name Type Required Value
variable string No The condition parameter of the RewriteRuleCondition.
pattern string No The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignoreCase boolean No Setting this paramter to truth value with force the pattern to do a case in-sensitive comparison.
negate boolean No Setting this value as truth will force to check the negation of the condition given by the user.

ApplicationGatewayRewriteRuleActionSet object

Name Type Required Value
requestHeaderConfigurations array No Request Header Actions in the Action Set. - ApplicationGatewayHeaderConfiguration object
responseHeaderConfigurations array No Response Header Actions in the Action Set. - ApplicationGatewayHeaderConfiguration object

VirtualNetworkTap object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Virtual Network Tap Properties. - VirtualNetworkTapPropertiesFormat object

BackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer backend address pool. - BackendAddressPoolPropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

InboundNatRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of load balancer inbound nat rule. - InboundNatRulePropertiesFormat object
name string No Gets name of the resource that is unique within a resource group. This name can be used to access the resource.

Subnet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - SubnetPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

PublicIPAddress object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
sku object No The public IP address SKU. - PublicIPAddressSku object
properties object No Public IP address properties. - PublicIPAddressPropertiesFormat object
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

ApplicationSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the application security group.

ApplicationGatewayHeaderConfiguration object

Name Type Required Value
headerName string No Header name of the header configuration.
headerValue string No Header value of the header configuration.

VirtualNetworkTapPropertiesFormat object

Name Type Required Value
destinationNetworkInterfaceIPConfiguration object No The reference to the private IP Address of the collector nic that will receive the tap. - NetworkInterfaceIPConfiguration object
destinationLoadBalancerFrontEndIPConfiguration object No The reference to the private IP address on the internal Load Balancer that will receive the tap. - FrontendIPConfiguration object
destinationPort integer No The VXLAN destination port that will receive the tapped traffic.

BackendAddressPoolPropertiesFormat object

Name Type Required Value

InboundNatRulePropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No A reference to frontend IP addresses. - SubResource object
protocol enum No The reference to the transport protocol used by the load balancing rule. - Udp, Tcp, All
frontendPort integer No The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values range from 1 to 65534.
backendPort integer No The port used for the internal endpoint. Acceptable values range from 1 to 65535.
idleTimeoutInMinutes integer No The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP.
enableFloatingIP boolean No Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint.
enableTcpReset boolean No Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP.

SubnetPropertiesFormat object

Name Type Required Value
addressPrefix string No The address prefix for the subnet.
addressPrefixes array No List of address prefixes for the subnet. - string
networkSecurityGroup object No The reference of the NetworkSecurityGroup resource. - NetworkSecurityGroup object
routeTable object No The reference of the RouteTable resource. - RouteTable object
natGateway object No Nat gateway associated with this subnet. - SubResource object
serviceEndpoints array No An array of service endpoints. - ServiceEndpointPropertiesFormat object
serviceEndpointPolicies array No An array of service endpoint policies. - ServiceEndpointPolicy object
resourceNavigationLinks array No Gets an array of references to the external resources using subnet. - ResourceNavigationLink object
serviceAssociationLinks array No Gets an array of references to services injecting into this subnet. - ServiceAssociationLink object
delegations array No Gets an array of references to the delegations on the subnet. - Delegation object
privateEndpointNetworkPolicies string No Enable or Disable private end point on the subnet.
privateLinkServiceNetworkPolicies string No Enable or Disable private link service on the subnet.

PublicIPAddressSku object

Name Type Required Value
name enum No Name of a public IP address SKU. - Basic or Standard

PublicIPAddressPropertiesFormat object

Name Type Required Value
publicIPAllocationMethod enum No The public IP address allocation method. - Static or Dynamic
publicIPAddressVersion enum No The public IP address version. - IPv4 or IPv6
dnsSettings object No The FQDN of the DNS record associated with the public IP address. - PublicIPAddressDnsSettings object
ddosSettings object No The DDoS protection custom policy associated with the public IP address. - DdosSettings object
ipTags array No The list of tags associated with the public IP address. - IpTag object
ipAddress string No The IP address associated with the public IP address resource.
publicIPPrefix object No The Public IP Prefix this Public IP Address should be allocated from. - SubResource object
idleTimeoutInMinutes integer No The idle timeout of the public IP address.
resourceGuid string No The resource GUID property of the public IP resource.

FrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the load balancer probe. - FrontendIPConfigurationPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.
zones array No A list of availability zones denoting the IP allocated for the resource needs to come from. - string

NetworkSecurityGroup object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the network security group. - NetworkSecurityGroupPropertiesFormat object

RouteTable object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the route table. - RouteTablePropertiesFormat object

ServiceEndpointPropertiesFormat object

Name Type Required Value
service string No The type of the endpoint service.
locations array No A list of locations. - string

ServiceEndpointPolicy object

Name Type Required Value
id string No Resource ID.
location string No Resource location.
tags object No Resource tags.
properties object No Properties of the service end point policy. - ServiceEndpointPolicyPropertiesFormat object

Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ResourceNavigationLinkFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.

Name Type Required Value
id string No Resource ID.
properties object No Resource navigation link properties format. - ServiceAssociationLinkPropertiesFormat object
name string No Name of the resource that is unique within a resource group. This name can be used to access the resource.
type string No Resource type.

Delegation object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the subnet. - ServiceDelegationPropertiesFormat object
name string No The name of the resource that is unique within a subnet. This name can be used to access the resource.

PublicIPAddressDnsSettings object

Name Type Required Value
domainNameLabel string No Gets or sets the Domain name label.The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system.
fqdn string No Gets the FQDN, Fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
reverseFqdn string No Gets or Sets the Reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN.

DdosSettings object

Name Type Required Value
ddosCustomPolicy object No The DDoS custom policy associated with the public IP. - SubResource object
protectionCoverage enum No The DDoS protection policy customizability of the public IP. Only standard coverage will have the ability to be customized. - Basic or Standard

IpTag object

Name Type Required Value
ipTagType string No Gets or sets the ipTag type: Example FirstPartyUsage.
tag string No Gets or sets value of the IpTag associated with the public IP. Example SQL, Storage etc.

FrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No The private IP address of the IP configuration.
privateIPAllocationMethod enum No The Private IP allocation method. - Static or Dynamic
privateIPAddressVersion enum No It represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4. - IPv4 or IPv6
subnet object No The reference of the subnet resource. - Subnet object
publicIPAddress object No The reference of the Public IP resource. - PublicIPAddress object
publicIPPrefix object No The reference of the Public IP Prefix resource. - SubResource object

NetworkSecurityGroupPropertiesFormat object

Name Type Required Value
securityRules array No A collection of security rules of the network security group. - SecurityRule object
defaultSecurityRules array No The default security rules of network security group. - SecurityRule object
resourceGuid string No The resource GUID property of the network security group resource.

RouteTablePropertiesFormat object

Name Type Required Value
routes array No Collection of routes contained within a route table. - Route object
disableBgpRoutePropagation boolean No Gets or sets whether to disable the routes learned by BGP on that route table. True means disable.

ServiceEndpointPolicyPropertiesFormat object

Name Type Required Value
serviceEndpointPolicyDefinitions array No A collection of service endpoint policy definitions of the service endpoint policy. - ServiceEndpointPolicyDefinition object

ResourceNavigationLinkFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource.

ServiceAssociationLinkPropertiesFormat object

Name Type Required Value
linkedResourceType string No Resource type of the linked resource.
link string No Link to the external resource.
allowDelete boolean No If true, the resource can be deleted.
locations array No A list of locations. - string

ServiceDelegationPropertiesFormat object

Name Type Required Value
serviceName string No The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).
actions array No Describes the actions permitted to the service upon delegation. - string

SecurityRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the security rule. - SecurityRulePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

Route object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the route. - RoutePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

ServiceEndpointPolicyDefinition object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the service endpoint policy definition. - ServiceEndpointPolicyDefinitionPropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

SecurityRulePropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
protocol enum Yes Network protocol this rule applies to. - Tcp, Udp, Icmp, Esp, *
sourcePortRange string No The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
destinationPortRange string No The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports.
sourceAddressPrefix string No The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from.
sourceAddressPrefixes array No The CIDR or source IP ranges. - string
sourceApplicationSecurityGroups array No The application security group specified as source. - ApplicationSecurityGroup object
destinationAddressPrefix string No The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
destinationAddressPrefixes array No The destination address prefixes. CIDR or destination IP ranges. - string
destinationApplicationSecurityGroups array No The application security group specified as destination. - ApplicationSecurityGroup object
sourcePortRanges array No The source port ranges. - string
destinationPortRanges array No The destination port ranges. - string
access enum Yes The network traffic is allowed or denied. - Allow or Deny
priority integer No The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule.
direction enum Yes The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. - Inbound or Outbound

RoutePropertiesFormat object

Name Type Required Value
addressPrefix string No The destination CIDR to which the route applies.
nextHopType enum Yes The type of Azure hop the packet should be sent to. - VirtualNetworkGateway, VnetLocal, Internet, VirtualAppliance, None
nextHopIpAddress string No The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance.

ServiceEndpointPolicyDefinitionPropertiesFormat object

Name Type Required Value
description string No A description for this rule. Restricted to 140 chars.
service string No Service endpoint name.
serviceResources array No A list of service resources. - string

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Autoscale LANSA Windows VM ScaleSet with Azure SQL Database

Deploy to Azure
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI)
SAS 9.4 with SAS Visual Analytics and SAS Visual Statistics

Deploy to Azure
The SAS 9.4 Quickstart Template for Azure with SAS Visual Analytics and SAS Visual Statistics deploys these products on the cloud: SAS Visual Analytics 7.51 and SAS Visual Statistics 7.51. This Quickstart is a reference architecture only. It is not intended for production use. Specifically, the Quickstart provides an example of how a SAS Visual Analytics in SAS 9.4 workload and a SAS Visual Statistics in SAS 9.4 workload running in a massively parallel processing (MPP) environment with SAS LASR Analytiic Server can be run on Azure.
SAS Viya 3.5 Quickstart Template for Azure

Deploy to Azure
The SAS Viya 3.5 Quickstart Template for Azure deploys these products on the cloud: SAS Visual Analytics 8.5 on Linux, SAS Visual Statistics 8.5 on Linux, and SAS Visual Data Mining and Machine Learning 8.5 on Linux. This Quickstart is a reference architecture for users who want to deploy the SAS Viya platform, using microservices and other cloud-friendly technologies. By deploying the SAS platform on Azure, you get SAS analytics, data visualization, and machine learning capabilities in an Azure-validated environment. SAS Viya is a cloud-enabled, in-memory analytics engine. It uses elastic, scalable, and fault-tolerant processing to address complex analytical challenges. SAS Viya provides faster processing for analytics by using a standardized code base that supports programming in SAS, Python, R, Java, and Lua. It also supports cloud, on-premises, or hybrid environments and deploys seamlessly to any infrastructure or application ecosystem.
Create a WordPress site in a virtual network

Deploy to Azure
This template creates a WordPress site on Container Instance in a virtual network. And output a public site FQDN which could access WordPress site.
Create an Azure Application Gateway v2

Deploy to Azure
This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Create an Azure WAF v2 on Azure Application Gateway

Deploy to Azure
This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Azure Application Gateway Demo Setup

Deploy to Azure
This template allows you to quickly deploy Azure Application Gateway demo to test load-balancing with or without cookie-based affinity.
eShop Website with ILB ASE

Deploy to Azure
An App Service Environment is a Premium service plan option of Azure App Service that provides a fully isolated and dedicated environment for securely running Azure App Service apps at high scale, including Web Apps, Mobile Apps, and API Apps.
Multi tier traffic manager, L4 ILB, L7 AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Multi tier App with NSG, ILB, AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Create API Management in Internal VNet with App Gateway

Deploy to Azure
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway.
Deploy an Ubuntu VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Deploy a Windows VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
AKS cluster with the Application Gateway Ingress Controller

Deploy to Azure
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault
App Gateway with WAF, SSL, IIS and HTTPS redirection

Deploy to Azure
This template deploys an Application Gateway with WAF, end to end SSL and HTTP to HTTPS redirect on the IIS servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in a virtual network and sets up load balancing rules for any number of virtual machines
Create an Application Gateway V2 with Key Vault

Deploy to Azure
This template deploys an Application Gateway V2 in a Virtual Network, a user defined identity, Key Vault, a secret (cert data), and access policy on Key Vault and Application Gateway.
Application Gateway for Multi Hosting

Deploy to Azure
This template creates an Application Gateway and configures it for Multi Hosting on port 443.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway and shows usage of the path override feature for a backend address pool.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway with enhanced probe functionality.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Http Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Ssl Offload and Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Redirect functionalities in a virtual network and sets up load balancing and redirect rules (basic and pathbased)
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Rewrite functionalities in a virtual network and sets up load balancing, rewrite rules
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a custom ssl policy.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a predefined ssl policy.
Application Gateway for Url Path Based Routing

Deploy to Azure
This template creates an Application Gateway and configures it for URL Path Based Routing.
Create an Application Gateway v2

Deploy to Azure
This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Web Application Firewall functionality in a virtual network and sets up load balancing rules for any number of virtual machines
Application Gateway for a Web App with IP Restriction

Deploy to Azure
This template creates an application gateway in front of an Azure Web App with IP restriction enabled on the Web App.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in front of two Azure Web Apps with a custom probe enabled.
Front Door Standard/Premium with Application Gateway origin

Deploy to Azure
This template creates a Front Door Standard/Premium (Preview) and an Application Gateway instance, and uses an NSG and WAF policy to validate that traffic has come through the Front Door origin.
Create a Web App protected by Application Gateway v2

Deploy to Azure
This template creates an Azure Web App with Access Restriction for an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet) which has a 'Microsoft.Web' Service Endpoint enabled. The Web App restricts access to traffic from the subnet.
SAS 9.4 with SAS Visual Analytics and SAS Visual Statistics

Deploy to Azure
The SAS 9.4 Quickstart Template for Azure with SAS Visual Analytics and SAS Visual Statistics deploys these products on the cloud: SAS Visual Analytics 7.51 and SAS Visual Statistics 7.51. This Quickstart is a reference architecture only. It is not intended for production use. Specifically, the Quickstart provides an example of how a SAS Visual Analytics in SAS 9.4 workload and a SAS Visual Statistics in SAS 9.4 workload running in a massively parallel processing (MPP) environment with SAS LASR Analytiic Server can be run on Azure.