Microsoft.Network applicationGateways 2019-12-01

Template format

To create a Microsoft.Network/applicationGateways resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/applicationGateways",
  "apiVersion": "2019-12-01",
  "location": "string",
  "tags": {},
  "properties": {
    "sku": {
      "name": "string",
      "tier": "string",
      "capacity": "integer"
    },
    "sslPolicy": {
      "disabledSslProtocols": [
        "string"
      ],
      "policyType": "string",
      "policyName": "string",
      "cipherSuites": [
        "string"
      ],
      "minProtocolVersion": "string"
    },
    "gatewayIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "subnet": {
            "id": "string"
          }
        },
        "name": "string"
      }
    ],
    "authenticationCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string"
        },
        "name": "string"
      }
    ],
    "trustedRootCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string"
      }
    ],
    "sslCertificates": [
      {
        "id": "string",
        "properties": {
          "data": "string",
          "password": "string",
          "keyVaultSecretId": "string"
        },
        "name": "string"
      }
    ],
    "frontendIPConfigurations": [
      {
        "id": "string",
        "properties": {
          "privateIPAddress": "string",
          "privateIPAllocationMethod": "string",
          "subnet": {
            "id": "string"
          },
          "publicIPAddress": {
            "id": "string"
          }
        },
        "name": "string"
      }
    ],
    "frontendPorts": [
      {
        "id": "string",
        "properties": {
          "port": "integer"
        },
        "name": "string"
      }
    ],
    "probes": [
      {
        "id": "string",
        "properties": {
          "protocol": "string",
          "host": "string",
          "path": "string",
          "interval": "integer",
          "timeout": "integer",
          "unhealthyThreshold": "integer",
          "pickHostNameFromBackendHttpSettings": "boolean",
          "minServers": "integer",
          "match": {
            "body": "string",
            "statusCodes": [
              "string"
            ]
          },
          "port": "integer"
        },
        "name": "string"
      }
    ],
    "backendAddressPools": [
      {
        "id": "string",
        "properties": {
          "backendAddresses": [
            {
              "fqdn": "string",
              "ipAddress": "string"
            }
          ]
        },
        "name": "string"
      }
    ],
    "backendHttpSettingsCollection": [
      {
        "id": "string",
        "properties": {
          "port": "integer",
          "protocol": "string",
          "cookieBasedAffinity": "string",
          "requestTimeout": "integer",
          "probe": {
            "id": "string"
          },
          "authenticationCertificates": [
            {
              "id": "string"
            }
          ],
          "trustedRootCertificates": [
            {
              "id": "string"
            }
          ],
          "connectionDraining": {
            "enabled": "boolean",
            "drainTimeoutInSec": "integer"
          },
          "hostName": "string",
          "pickHostNameFromBackendAddress": "boolean",
          "affinityCookieName": "string",
          "probeEnabled": "boolean",
          "path": "string"
        },
        "name": "string"
      }
    ],
    "httpListeners": [
      {
        "id": "string",
        "properties": {
          "frontendIPConfiguration": {
            "id": "string"
          },
          "frontendPort": {
            "id": "string"
          },
          "protocol": "string",
          "hostName": "string",
          "sslCertificate": {
            "id": "string"
          },
          "requireServerNameIndication": "boolean",
          "customErrorConfigurations": [
            {
              "statusCode": "string",
              "customErrorPageUrl": "string"
            }
          ],
          "firewallPolicy": {
            "id": "string"
          },
          "hostNames": [
            "string"
          ]
        },
        "name": "string"
      }
    ],
    "urlPathMaps": [
      {
        "id": "string",
        "properties": {
          "defaultBackendAddressPool": {
            "id": "string"
          },
          "defaultBackendHttpSettings": {
            "id": "string"
          },
          "defaultRewriteRuleSet": {
            "id": "string"
          },
          "defaultRedirectConfiguration": {
            "id": "string"
          },
          "pathRules": [
            {
              "id": "string",
              "properties": {
                "paths": [
                  "string"
                ],
                "backendAddressPool": {
                  "id": "string"
                },
                "backendHttpSettings": {
                  "id": "string"
                },
                "redirectConfiguration": {
                  "id": "string"
                },
                "rewriteRuleSet": {
                  "id": "string"
                },
                "firewallPolicy": {
                  "id": "string"
                }
              },
              "name": "string"
            }
          ]
        },
        "name": "string"
      }
    ],
    "requestRoutingRules": [
      {
        "id": "string",
        "properties": {
          "ruleType": "string",
          "priority": "integer",
          "backendAddressPool": {
            "id": "string"
          },
          "backendHttpSettings": {
            "id": "string"
          },
          "httpListener": {
            "id": "string"
          },
          "urlPathMap": {
            "id": "string"
          },
          "rewriteRuleSet": {
            "id": "string"
          },
          "redirectConfiguration": {
            "id": "string"
          }
        },
        "name": "string"
      }
    ],
    "rewriteRuleSets": [
      {
        "id": "string",
        "properties": {
          "rewriteRules": [
            {
              "name": "string",
              "ruleSequence": "integer",
              "conditions": [
                {
                  "variable": "string",
                  "pattern": "string",
                  "ignoreCase": "boolean",
                  "negate": "boolean"
                }
              ],
              "actionSet": {
                "requestHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ],
                "responseHeaderConfigurations": [
                  {
                    "headerName": "string",
                    "headerValue": "string"
                  }
                ],
                "urlConfiguration": {
                  "modifiedPath": "string",
                  "modifiedQueryString": "string",
                  "reroute": "boolean"
                }
              }
            }
          ]
        },
        "name": "string"
      }
    ],
    "redirectConfigurations": [
      {
        "id": "string",
        "properties": {
          "redirectType": "string",
          "targetListener": {
            "id": "string"
          },
          "targetUrl": "string",
          "includePath": "boolean",
          "includeQueryString": "boolean",
          "requestRoutingRules": [
            {
              "id": "string"
            }
          ],
          "urlPathMaps": [
            {
              "id": "string"
            }
          ],
          "pathRules": [
            {
              "id": "string"
            }
          ]
        },
        "name": "string"
      }
    ],
    "webApplicationFirewallConfiguration": {
      "enabled": "boolean",
      "firewallMode": "string",
      "ruleSetType": "string",
      "ruleSetVersion": "string",
      "disabledRuleGroups": [
        {
          "ruleGroupName": "string",
          "rules": [
            "integer"
          ]
        }
      ],
      "requestBodyCheck": "boolean",
      "maxRequestBodySize": "integer",
      "maxRequestBodySizeInKb": "integer",
      "fileUploadLimitInMb": "integer",
      "exclusions": [
        {
          "matchVariable": "string",
          "selectorMatchOperator": "string",
          "selector": "string"
        }
      ]
    },
    "firewallPolicy": {
      "id": "string"
    },
    "enableHttp2": "boolean",
    "enableFips": "boolean",
    "autoscaleConfiguration": {
      "minCapacity": "integer",
      "maxCapacity": "integer"
    },
    "customErrorConfigurations": [
      {
        "statusCode": "string",
        "customErrorPageUrl": "string"
      }
    ]
  },
  "zones": [
    "string"
  ],
  "identity": {
    "type": "string",
    "userAssignedIdentities": {}
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/applicationGateways object

Name Type Required Value
name string Yes The name of the application gateway.
type enum Yes Microsoft.Network/applicationGateways
apiVersion enum Yes 2019-12-01
location string Yes Resource location.
tags object No Resource tags.
properties object Yes Properties of the application gateway. - ApplicationGatewayPropertiesFormat object
zones array No A list of availability zones denoting where the resource needs to come from. - string
identity object No The identity of the application gateway, if configured. - ManagedServiceIdentity object

ApplicationGatewayPropertiesFormat object

Name Type Required Value
sku object No SKU of the application gateway resource. - ApplicationGatewaySku object
sslPolicy object No SSL policy of the application gateway resource. - ApplicationGatewaySslPolicy object
gatewayIPConfigurations array No Subnets of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayIPConfiguration object
authenticationCertificates array No Authentication certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayAuthenticationCertificate object
trustedRootCertificates array No Trusted Root certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayTrustedRootCertificate object
sslCertificates array No SSL certificates of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewaySslCertificate object
frontendIPConfigurations array No Frontend IP addresses of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayFrontendIPConfiguration object
frontendPorts array No Frontend ports of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayFrontendPort object
probes array No Probes of the application gateway resource. - ApplicationGatewayProbe object
backendAddressPools array No Backend address pool of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayBackendAddressPool object
backendHttpSettingsCollection array No Backend http settings of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayBackendHttpSettings object
httpListeners array No Http listeners of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayHttpListener object
urlPathMaps array No URL path map of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayUrlPathMap object
requestRoutingRules array No Request routing rules of the application gateway resource. - ApplicationGatewayRequestRoutingRule object
rewriteRuleSets array No Rewrite rules for the application gateway resource. - ApplicationGatewayRewriteRuleSet object
redirectConfigurations array No Redirect configurations of the application gateway resource. For default limits, see Application Gateway limits. - ApplicationGatewayRedirectConfiguration object
webApplicationFirewallConfiguration object No Web application firewall configuration. - ApplicationGatewayWebApplicationFirewallConfiguration object
firewallPolicy object No Reference to the FirewallPolicy resource. - SubResource object
enableHttp2 boolean No Whether HTTP2 is enabled on the application gateway resource.
enableFips boolean No Whether FIPS is enabled on the application gateway resource.
autoscaleConfiguration object No Autoscale Configuration. - ApplicationGatewayAutoscaleConfiguration object
customErrorConfigurations array No Custom error configurations of the application gateway resource. - ApplicationGatewayCustomError object

ManagedServiceIdentity object

Name Type Required Value
type enum No The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, SystemAssigned, UserAssigned, None
userAssignedIdentities object No The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ApplicationGatewaySku object

Name Type Required Value
name enum No Name of an application gateway SKU. - Standard_Small, Standard_Medium, Standard_Large, WAF_Medium, WAF_Large, Standard_v2, WAF_v2
tier enum No Tier of an application gateway. - Standard, WAF, Standard_v2, WAF_v2
capacity integer No Capacity (instance count) of an application gateway.

ApplicationGatewaySslPolicy object

Name Type Required Value
disabledSslProtocols array No Ssl protocols to be disabled on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2
policyType enum No Type of Ssl Policy. - Predefined or Custom
policyName enum No Name of Ssl predefined policy. - AppGwSslPolicy20150501, AppGwSslPolicy20170401, AppGwSslPolicy20170401S
cipherSuites array No Ssl cipher suites to be enabled in the specified order to application gateway. - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
minProtocolVersion enum No Minimum version of Ssl protocol to be supported on application gateway. - TLSv1_0, TLSv1_1, TLSv1_2

ApplicationGatewayIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway IP configuration. - ApplicationGatewayIPConfigurationPropertiesFormat object
name string No Name of the IP configuration that is unique within an Application Gateway.

ApplicationGatewayAuthenticationCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway authentication certificate. - ApplicationGatewayAuthenticationCertificatePropertiesFormat object
name string No Name of the authentication certificate that is unique within an Application Gateway.

ApplicationGatewayTrustedRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway trusted root certificate. - ApplicationGatewayTrustedRootCertificatePropertiesFormat object
name string No Name of the trusted root certificate that is unique within an Application Gateway.

ApplicationGatewaySslCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway SSL certificate. - ApplicationGatewaySslCertificatePropertiesFormat object
name string No Name of the SSL certificate that is unique within an Application Gateway.

ApplicationGatewayFrontendIPConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway frontend IP configuration. - ApplicationGatewayFrontendIPConfigurationPropertiesFormat object
name string No Name of the frontend IP configuration that is unique within an Application Gateway.

ApplicationGatewayFrontendPort object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway frontend port. - ApplicationGatewayFrontendPortPropertiesFormat object
name string No Name of the frontend port that is unique within an Application Gateway.

ApplicationGatewayProbe object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway probe. - ApplicationGatewayProbePropertiesFormat object
name string No Name of the probe that is unique within an Application Gateway.

ApplicationGatewayBackendAddressPool object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway backend address pool. - ApplicationGatewayBackendAddressPoolPropertiesFormat object
name string No Name of the backend address pool that is unique within an Application Gateway.

ApplicationGatewayBackendHttpSettings object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway backend HTTP settings. - ApplicationGatewayBackendHttpSettingsPropertiesFormat object
name string No Name of the backend http settings that is unique within an Application Gateway.

ApplicationGatewayHttpListener object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway HTTP listener. - ApplicationGatewayHttpListenerPropertiesFormat object
name string No Name of the HTTP listener that is unique within an Application Gateway.

ApplicationGatewayUrlPathMap object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway URL path map. - ApplicationGatewayUrlPathMapPropertiesFormat object
name string No Name of the URL path map that is unique within an Application Gateway.

ApplicationGatewayRequestRoutingRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway request routing rule. - ApplicationGatewayRequestRoutingRulePropertiesFormat object
name string No Name of the request routing rule that is unique within an Application Gateway.

ApplicationGatewayRewriteRuleSet object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway rewrite rule set. - ApplicationGatewayRewriteRuleSetPropertiesFormat object
name string No Name of the rewrite rule set that is unique within an Application Gateway.

ApplicationGatewayRedirectConfiguration object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway redirect configuration. - ApplicationGatewayRedirectConfigurationPropertiesFormat object
name string No Name of the redirect configuration that is unique within an Application Gateway.

ApplicationGatewayWebApplicationFirewallConfiguration object

Name Type Required Value
enabled boolean Yes Whether the web application firewall is enabled or not.
firewallMode enum Yes Web application firewall mode. - Detection or Prevention
ruleSetType string Yes The type of the web application firewall rule set. Possible values are: 'OWASP'.
ruleSetVersion string Yes The version of the rule set type.
disabledRuleGroups array No The disabled rule groups. - ApplicationGatewayFirewallDisabledRuleGroup object
requestBodyCheck boolean No Whether allow WAF to check request Body.
maxRequestBodySize integer No Maximum request body size for WAF.
maxRequestBodySizeInKb integer No Maximum request body size in Kb for WAF.
fileUploadLimitInMb integer No Maximum file upload size in Mb for WAF.
exclusions array No The exclusion list. - ApplicationGatewayFirewallExclusion object

SubResource object

Name Type Required Value
id string No Resource ID.

ApplicationGatewayAutoscaleConfiguration object

Name Type Required Value
minCapacity integer Yes Lower bound on number of Application Gateway capacity.
maxCapacity integer No Upper bound on number of Application Gateway capacity.

ApplicationGatewayCustomError object

Name Type Required Value
statusCode enum No Status code of the application gateway customer error. - HttpStatus403 or HttpStatus502
customErrorPageUrl string No Error page URL of the application gateway customer error.

ApplicationGatewayIPConfigurationPropertiesFormat object

Name Type Required Value
subnet object No Reference to the subnet resource. A subnet from where application gateway gets its private address. - SubResource object

ApplicationGatewayAuthenticationCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.

ApplicationGatewayTrustedRootCertificatePropertiesFormat object

Name Type Required Value
data string No Certificate public data.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewaySslCertificatePropertiesFormat object

Name Type Required Value
data string No Base-64 encoded pfx certificate. Only applicable in PUT Request.
password string No Password for the pfx file specified in data. Only applicable in PUT request.
keyVaultSecretId string No Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.

ApplicationGatewayFrontendIPConfigurationPropertiesFormat object

Name Type Required Value
privateIPAddress string No PrivateIPAddress of the network interface IP Configuration.
privateIPAllocationMethod enum No The private IP address allocation method. - Static or Dynamic
subnet object No Reference to the subnet resource. - SubResource object
publicIPAddress object No Reference to the PublicIP resource. - SubResource object

ApplicationGatewayFrontendPortPropertiesFormat object

Name Type Required Value
port integer No Frontend port.

ApplicationGatewayProbePropertiesFormat object

Name Type Required Value
protocol enum No The protocol used for the probe. - Http or Https
host string No Host name to send the probe to.
path string No Relative path of probe. Valid path starts from '/'. Probe is sent to ://:.
interval integer No The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds.
timeout integer No The probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds.
unhealthyThreshold integer No The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20.
pickHostNameFromBackendHttpSettings boolean No Whether the host header should be picked from the backend http settings. Default value is false.
minServers integer No Minimum number of servers that are always marked healthy. Default value is 0.
match object No Criterion for classifying a healthy probe response. - ApplicationGatewayProbeHealthResponseMatch object
port integer No Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Standard_v2 and WAF_v2 only.

ApplicationGatewayBackendAddressPoolPropertiesFormat object

Name Type Required Value
backendAddresses array No Backend addresses. - ApplicationGatewayBackendAddress object

ApplicationGatewayBackendHttpSettingsPropertiesFormat object

Name Type Required Value
port integer No The destination port on the backend.
protocol enum No The protocol used to communicate with the backend. - Http or Https
cookieBasedAffinity enum No Cookie based affinity. - Enabled or Disabled
requestTimeout integer No Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds.
probe object No Probe resource of an application gateway. - SubResource object
authenticationCertificates array No Array of references to application gateway authentication certificates. - SubResource object
trustedRootCertificates array No Array of references to application gateway trusted root certificates. - SubResource object
connectionDraining object No Connection draining of the backend http settings resource. - ApplicationGatewayConnectionDraining object
hostName string No Host header to be sent to the backend servers.
pickHostNameFromBackendAddress boolean No Whether to pick host header should be picked from the host name of the backend server. Default value is false.
affinityCookieName string No Cookie name to use for the affinity cookie.
probeEnabled boolean No Whether the probe is enabled. Default value is false.
path string No Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null.

ApplicationGatewayHttpListenerPropertiesFormat object

Name Type Required Value
frontendIPConfiguration object No Frontend IP configuration resource of an application gateway. - SubResource object
frontendPort object No Frontend port resource of an application gateway. - SubResource object
protocol enum No Protocol of the HTTP listener. - Http or Https
hostName string No Host name of HTTP listener.
sslCertificate object No SSL certificate resource of an application gateway. - SubResource object
requireServerNameIndication boolean No Applicable only if protocol is https. Enables SNI for multi-hosting.
customErrorConfigurations array No Custom error configurations of the HTTP listener. - ApplicationGatewayCustomError object
firewallPolicy object No Reference to the FirewallPolicy resource. - SubResource object
hostNames array No List of Host names for HTTP Listener that allows special wildcard characters as well. - string

ApplicationGatewayUrlPathMapPropertiesFormat object

Name Type Required Value
defaultBackendAddressPool object No Default backend address pool resource of URL path map. - SubResource object
defaultBackendHttpSettings object No Default backend http settings resource of URL path map. - SubResource object
defaultRewriteRuleSet object No Default Rewrite rule set resource of URL path map. - SubResource object
defaultRedirectConfiguration object No Default redirect configuration resource of URL path map. - SubResource object
pathRules array No Path rule of URL path map resource. - ApplicationGatewayPathRule object

ApplicationGatewayRequestRoutingRulePropertiesFormat object

Name Type Required Value
ruleType enum No Rule type. - Basic or PathBasedRouting
priority integer No Priority of the request routing rule.
backendAddressPool object No Backend address pool resource of the application gateway. - SubResource object
backendHttpSettings object No Backend http settings resource of the application gateway. - SubResource object
httpListener object No Http listener resource of the application gateway. - SubResource object
urlPathMap object No URL path map resource of the application gateway. - SubResource object
rewriteRuleSet object No Rewrite Rule Set resource in Basic rule of the application gateway. - SubResource object
redirectConfiguration object No Redirect configuration resource of the application gateway. - SubResource object

ApplicationGatewayRewriteRuleSetPropertiesFormat object

Name Type Required Value
rewriteRules array No Rewrite rules in the rewrite rule set. - ApplicationGatewayRewriteRule object

ApplicationGatewayRedirectConfigurationPropertiesFormat object

Name Type Required Value
redirectType enum No HTTP redirection type. - Permanent, Found, SeeOther, Temporary
targetListener object No Reference to a listener to redirect the request to. - SubResource object
targetUrl string No Url to redirect the request to.
includePath boolean No Include path in the redirected url.
includeQueryString boolean No Include query string in the redirected url.
requestRoutingRules array No Request routing specifying redirect configuration. - SubResource object
urlPathMaps array No Url path maps specifying default redirect configuration. - SubResource object
pathRules array No Path rules specifying redirect configuration. - SubResource object

ApplicationGatewayFirewallDisabledRuleGroup object

Name Type Required Value
ruleGroupName string Yes The name of the rule group that will be disabled.
rules array No The list of rules that will be disabled. If null, all rules of the rule group will be disabled. - integer

ApplicationGatewayFirewallExclusion object

Name Type Required Value
matchVariable string Yes The variable to be excluded.
selectorMatchOperator string Yes When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to.
selector string Yes When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to.

ApplicationGatewayProbeHealthResponseMatch object

Name Type Required Value
body string No Body that must be contained in the health response. Default value is empty.
statusCodes array No Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399. - string

ApplicationGatewayBackendAddress object

Name Type Required Value
fqdn string No Fully qualified domain name (FQDN).
ipAddress string No IP address.

ApplicationGatewayConnectionDraining object

Name Type Required Value
enabled boolean Yes Whether connection draining is enabled or not.
drainTimeoutInSec integer Yes The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.

ApplicationGatewayPathRule object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the application gateway path rule. - ApplicationGatewayPathRulePropertiesFormat object
name string No Name of the path rule that is unique within an Application Gateway.

ApplicationGatewayRewriteRule object

Name Type Required Value
name string No Name of the rewrite rule that is unique within an Application Gateway.
ruleSequence integer No Rule Sequence of the rewrite rule that determines the order of execution of a particular rule in a RewriteRuleSet.
conditions array No Conditions based on which the action set execution will be evaluated. - ApplicationGatewayRewriteRuleCondition object
actionSet object No Set of actions to be done as part of the rewrite Rule. - ApplicationGatewayRewriteRuleActionSet object

ApplicationGatewayPathRulePropertiesFormat object

Name Type Required Value
paths array No Path rules of URL path map. - string
backendAddressPool object No Backend address pool resource of URL path map path rule. - SubResource object
backendHttpSettings object No Backend http settings resource of URL path map path rule. - SubResource object
redirectConfiguration object No Redirect configuration resource of URL path map path rule. - SubResource object
rewriteRuleSet object No Rewrite rule set resource of URL path map path rule. - SubResource object
firewallPolicy object No Reference to the FirewallPolicy resource. - SubResource object

ApplicationGatewayRewriteRuleCondition object

Name Type Required Value
variable string No The condition parameter of the RewriteRuleCondition.
pattern string No The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignoreCase boolean No Setting this paramter to truth value with force the pattern to do a case in-sensitive comparison.
negate boolean No Setting this value as truth will force to check the negation of the condition given by the user.

ApplicationGatewayRewriteRuleActionSet object

Name Type Required Value
requestHeaderConfigurations array No Request Header Actions in the Action Set. - ApplicationGatewayHeaderConfiguration object
responseHeaderConfigurations array No Response Header Actions in the Action Set. - ApplicationGatewayHeaderConfiguration object
urlConfiguration object No Url Configuration Action in the Action Set. - ApplicationGatewayUrlConfiguration object

ApplicationGatewayHeaderConfiguration object

Name Type Required Value
headerName string No Header name of the header configuration.
headerValue string No Header value of the header configuration.

ApplicationGatewayUrlConfiguration object

Name Type Required Value
modifiedPath string No Url path which user has provided for url rewrite. Null means no path will be updated. Default value is null.
modifiedQueryString string No Query string which user has provided for url rewrite. Null means no query string will be updated. Default value is null.
reroute boolean No If set as true, it will re-evaluate the url path map provided in path based request routing rules using modified path. Default value is false.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in a virtual network and sets up load balancing rules for any number of virtual machines
Create an Application Gateway V2 with Key Vault

Deploy to Azure
This template deploys an Application Gateway V2 in a Virtual Network, a user defined identity, Key Vault, a secret (cert data), and access policy on Key Vault and Application Gateway.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Http Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Ssl Offload and Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Redirect functionalities in a virtual network and sets up load balancing and redirect rules (basic and pathbased)
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Rewrite functionalities in a virtual network and sets up load balancing, rewrite rules
Create an Application Gateway v2

Deploy to Azure
This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Web Application Firewall functionality in a virtual network and sets up load balancing rules for any number of virtual machines
Create a WordPress site in a virtual network

Deploy to Azure
This template creates a WordPress site on Container Instance in a virtual network. And output a public site FQDN which could access WordPress site.
App Gateway with WAF, SSL, IIS and HTTPS redirection

Deploy to Azure
This template deploys an Application Gateway with WAF, end to end SSL and HTTP to HTTPS redirect on the IIS servers.
Application Gateway for Multi Hosting

Deploy to Azure
This template creates an Application Gateway and configures it for Multi Hosting on port 443.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway and shows usage of the path override feature for a backend address pool.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway with enhanced probe functionality.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a custom ssl policy.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a predefined ssl policy.
Application Gateway for Url Path Based Routing

Deploy to Azure
This template creates an Application Gateway and configures it for URL Path Based Routing.
Application Gateway for a Web App with IP Restriction

Deploy to Azure
This template creates an application gateway in front of an Azure Web App with IP restriction enabled on the Web App.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in front of two Azure Web Apps with a custom probe enabled.
Deploy an Ubuntu VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Deploy a Windows VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Create a Web App protected by Application Gateway v2

Deploy to Azure
This template creates an Azure Web App with Access Restriction for an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet) which has a 'Microsoft.Web' Service Endpoint enabled. The Web App restricts access to traffic from the subnet.
Multi tier traffic manager, L4 ILB, L7 AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Multi tier App with NSG, ILB, AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Create an Azure Application Gateway v2

Deploy to Azure
This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Create an Azure WAF v2 on Azure Application Gateway

Deploy to Azure
This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Azure Application Gateway Demo Setup

Deploy to Azure
This template allows you to quickly deploy Azure Application Gateway demo to test load-balancing with or without cookie-based affinity.
eShop Website with ILB ASE

Deploy to Azure
An App Service Environment is a Premium service plan option of Azure App Service that provides a fully isolated and dedicated environment for securely running Azure App Service apps at high scale, including Web Apps, Mobile Apps, and API Apps.
Autoscale LANSA Windows VM ScaleSet with Azure SQL Database

Deploy to Azure
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI)
SAS Viya Quickstart Template for Azure

Deploy to Azure
The SAS Viya Quickstart Template for Azure deploys these products on the cloud: SAS Visual Analytics 8.5 on Linux, SAS Visual Statistics 8.5 on Linux, and SAS Visual Data Mining and Machine Learning 8.5 on Linux. This Quickstart is a reference architecture for users who want to deploy the SAS Viya platform, using microservices and other cloud-friendly technologies. By deploying the SAS platform on Azure, you get SAS analytics, data visualization, and machine learning capabilities in an Azure-validated environment. SAS Viya is a cloud-enabled, in-memory analytics engine. It uses elastic, scalable, and fault-tolerant processing to address complex analytical challenges. SAS Viya provides faster processing for analytics by using a standardized code base that supports programming in SAS, Python, R, Java, and Lua. It also supports cloud, on-premises, or hybrid environments and deploys seamlessly to any infrastructure or application ecosystem.