Microsoft.Network applicationGateways 2020-04-01

The applicationGateways resource type can be deployed to: Resource groups.

To learn about resource group deployments, see Bicep or ARM template.

Template format

To create a Microsoft.Network/applicationGateways resource, add the following Bicep or JSON to your template.

resource symbolicname 'Microsoft.Network/applicationGateways@2020-04-01' = {
  name: 'string'
  location: 'string'
  tags: {
    tagName1: 'tagValue1'
    tagName2: 'tagValue2'
  }
  identity: {
    type: 'string'
    userAssignedIdentities: {}
  }
  properties: {
    authenticationCertificates: [
      {
        id: 'string'
        name: 'string'
        properties: {
          data: 'string'
        }
      }
    ]
    autoscaleConfiguration: {
      maxCapacity: int
      minCapacity: int
    }
    backendAddressPools: [
      {
        id: 'string'
        name: 'string'
        properties: {
          backendAddresses: [
            {
              fqdn: 'string'
              ipAddress: 'string'
            }
          ]
        }
      }
    ]
    backendHttpSettingsCollection: [
      {
        id: 'string'
        name: 'string'
        properties: {
          affinityCookieName: 'string'
          authenticationCertificates: [
            {
              id: 'string'
            }
          ]
          connectionDraining: {
            drainTimeoutInSec: int
            enabled: bool
          }
          cookieBasedAffinity: 'string'
          hostName: 'string'
          path: 'string'
          pickHostNameFromBackendAddress: bool
          port: int
          probe: {
            id: 'string'
          }
          probeEnabled: bool
          protocol: 'string'
          requestTimeout: int
          trustedRootCertificates: [
            {
              id: 'string'
            }
          ]
        }
      }
    ]
    customErrorConfigurations: [
      {
        customErrorPageUrl: 'string'
        statusCode: 'string'
      }
    ]
    enableFips: bool
    enableHttp2: bool
    firewallPolicy: {
      id: 'string'
    }
    forceFirewallPolicyAssociation: bool
    frontendIPConfigurations: [
      {
        id: 'string'
        name: 'string'
        properties: {
          privateIPAddress: 'string'
          privateIPAllocationMethod: 'string'
          publicIPAddress: {
            id: 'string'
          }
          subnet: {
            id: 'string'
          }
        }
      }
    ]
    frontendPorts: [
      {
        id: 'string'
        name: 'string'
        properties: {
          port: int
        }
      }
    ]
    gatewayIPConfigurations: [
      {
        id: 'string'
        name: 'string'
        properties: {
          subnet: {
            id: 'string'
          }
        }
      }
    ]
    httpListeners: [
      {
        id: 'string'
        name: 'string'
        properties: {
          customErrorConfigurations: [
            {
              customErrorPageUrl: 'string'
              statusCode: 'string'
            }
          ]
          firewallPolicy: {
            id: 'string'
          }
          frontendIPConfiguration: {
            id: 'string'
          }
          frontendPort: {
            id: 'string'
          }
          hostName: 'string'
          hostNames: [ 'string' ]
          protocol: 'string'
          requireServerNameIndication: bool
          sslCertificate: {
            id: 'string'
          }
        }
      }
    ]
    probes: [
      {
        id: 'string'
        name: 'string'
        properties: {
          host: 'string'
          interval: int
          match: {
            body: 'string'
            statusCodes: [ 'string' ]
          }
          minServers: int
          path: 'string'
          pickHostNameFromBackendHttpSettings: bool
          port: int
          protocol: 'string'
          timeout: int
          unhealthyThreshold: int
        }
      }
    ]
    redirectConfigurations: [
      {
        id: 'string'
        name: 'string'
        properties: {
          includePath: bool
          includeQueryString: bool
          pathRules: [
            {
              id: 'string'
            }
          ]
          redirectType: 'string'
          requestRoutingRules: [
            {
              id: 'string'
            }
          ]
          targetListener: {
            id: 'string'
          }
          targetUrl: 'string'
          urlPathMaps: [
            {
              id: 'string'
            }
          ]
        }
      }
    ]
    requestRoutingRules: [
      {
        id: 'string'
        name: 'string'
        properties: {
          backendAddressPool: {
            id: 'string'
          }
          backendHttpSettings: {
            id: 'string'
          }
          httpListener: {
            id: 'string'
          }
          priority: int
          redirectConfiguration: {
            id: 'string'
          }
          rewriteRuleSet: {
            id: 'string'
          }
          ruleType: 'string'
          urlPathMap: {
            id: 'string'
          }
        }
      }
    ]
    rewriteRuleSets: [
      {
        id: 'string'
        name: 'string'
        properties: {
          rewriteRules: [
            {
              actionSet: {
                requestHeaderConfigurations: [
                  {
                    headerName: 'string'
                    headerValue: 'string'
                  }
                ]
                responseHeaderConfigurations: [
                  {
                    headerName: 'string'
                    headerValue: 'string'
                  }
                ]
                urlConfiguration: {
                  modifiedPath: 'string'
                  modifiedQueryString: 'string'
                  reroute: bool
                }
              }
              conditions: [
                {
                  ignoreCase: bool
                  negate: bool
                  pattern: 'string'
                  variable: 'string'
                }
              ]
              name: 'string'
              ruleSequence: int
            }
          ]
        }
      }
    ]
    sku: {
      capacity: int
      name: 'string'
      tier: 'string'
    }
    sslCertificates: [
      {
        id: 'string'
        name: 'string'
        properties: {
          data: 'string'
          keyVaultSecretId: 'string'
          password: 'string'
        }
      }
    ]
    sslPolicy: {
      cipherSuites: [ 'string' ]
      disabledSslProtocols: [ 'string' ]
      minProtocolVersion: 'string'
      policyName: 'string'
      policyType: 'string'
    }
    trustedRootCertificates: [
      {
        id: 'string'
        name: 'string'
        properties: {
          data: 'string'
          keyVaultSecretId: 'string'
        }
      }
    ]
    urlPathMaps: [
      {
        id: 'string'
        name: 'string'
        properties: {
          defaultBackendAddressPool: {
            id: 'string'
          }
          defaultBackendHttpSettings: {
            id: 'string'
          }
          defaultRedirectConfiguration: {
            id: 'string'
          }
          defaultRewriteRuleSet: {
            id: 'string'
          }
          pathRules: [
            {
              id: 'string'
              name: 'string'
              properties: {
                backendAddressPool: {
                  id: 'string'
                }
                backendHttpSettings: {
                  id: 'string'
                }
                firewallPolicy: {
                  id: 'string'
                }
                paths: [ 'string' ]
                redirectConfiguration: {
                  id: 'string'
                }
                rewriteRuleSet: {
                  id: 'string'
                }
              }
            }
          ]
        }
      }
    ]
    webApplicationFirewallConfiguration: {
      disabledRuleGroups: [
        {
          ruleGroupName: 'string'
          rules: [ int ]
        }
      ]
      enabled: bool
      exclusions: [
        {
          matchVariable: 'string'
          selector: 'string'
          selectorMatchOperator: 'string'
        }
      ]
      fileUploadLimitInMb: int
      firewallMode: 'string'
      maxRequestBodySize: int
      maxRequestBodySizeInKb: int
      requestBodyCheck: bool
      ruleSetType: 'string'
      ruleSetVersion: 'string'
    }
  }
  zones: [ 'string' ]
}

Property values

applicationGateways

Name Description Value
type The resource type

For Bicep, set this value in the resource declaration.
'Microsoft.Network/applicationGateways'
apiVersion The resource api version

For Bicep, set this value in the resource declaration.
'2020-04-01'
name The resource name string (required)
location Resource location. string
tags Resource tags. Dictionary of tag names and values. See Tags in templates
identity Identity for the resource. ManagedServiceIdentity
properties Properties of the application gateway. ApplicationGatewayPropertiesFormat
zones A list of availability zones denoting where the resource needs to come from. string[]

ManagedServiceIdentity

Name Description Value
type The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. 'None'
'SystemAssigned'
'SystemAssigned, UserAssigned'
'UserAssigned'
userAssignedIdentities The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. object

ApplicationGatewayPropertiesFormat

Name Description Value
authenticationCertificates Authentication certificates of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayAuthenticationCertificate[]
autoscaleConfiguration Application Gateway autoscale configuration. ApplicationGatewayAutoscaleConfiguration
backendAddressPools Backend address pool of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayBackendAddressPool[]
backendHttpSettingsCollection Backend http settings of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayBackendHttpSettings[]
customErrorConfigurations Custom error configurations of the application gateway resource. ApplicationGatewayCustomError[]
enableFips Whether FIPS is enabled on the application gateway resource. bool
enableHttp2 Whether HTTP2 is enabled on the application gateway resource. bool
firewallPolicy Reference to another subresource. SubResource
forceFirewallPolicyAssociation If true, associates a firewall policy with an application gateway regardless whether the policy differs from the WAF Config. bool
frontendIPConfigurations Frontend IP addresses of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayFrontendIPConfiguration[]
frontendPorts Frontend ports of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayFrontendPort[]
gatewayIPConfigurations Subnets of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayIPConfiguration[]
httpListeners Http listeners of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayHttpListener[]
probes Probes of the application gateway resource. ApplicationGatewayProbe[]
redirectConfigurations Redirect configurations of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayRedirectConfiguration[]
requestRoutingRules Request routing rules of the application gateway resource. ApplicationGatewayRequestRoutingRule[]
rewriteRuleSets Rewrite rules for the application gateway resource. ApplicationGatewayRewriteRuleSet[]
sku SKU of an application gateway. ApplicationGatewaySku
sslCertificates SSL certificates of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewaySslCertificate[]
sslPolicy Application Gateway Ssl policy. ApplicationGatewaySslPolicy
trustedRootCertificates Trusted Root certificates of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayTrustedRootCertificate[]
urlPathMaps URL path map of the application gateway resource. For default limits, see Application Gateway limits. ApplicationGatewayUrlPathMap[]
webApplicationFirewallConfiguration Application gateway web application firewall configuration. ApplicationGatewayWebApplicationFirewallConfiguration

ApplicationGatewayAuthenticationCertificate

Name Description Value
id Resource ID. string
name Name of the authentication certificate that is unique within an Application Gateway. string
properties Authentication certificates properties of an application gateway. ApplicationGatewayAuthenticationCertificatePropertiesFormat

ApplicationGatewayAuthenticationCertificatePropertiesFormat

Name Description Value
data Certificate public data. string

ApplicationGatewayAutoscaleConfiguration

Name Description Value
maxCapacity Upper bound on number of Application Gateway capacity. int
minCapacity Lower bound on number of Application Gateway capacity. int (required)

ApplicationGatewayBackendAddressPool

Name Description Value
id Resource ID. string
name Name of the backend address pool that is unique within an Application Gateway. string
properties Properties of Backend Address Pool of an application gateway. ApplicationGatewayBackendAddressPoolPropertiesFormat

ApplicationGatewayBackendAddressPoolPropertiesFormat

Name Description Value
backendAddresses Backend addresses. ApplicationGatewayBackendAddress[]

ApplicationGatewayBackendAddress

Name Description Value
fqdn Fully qualified domain name (FQDN). string
ipAddress IP address. string

ApplicationGatewayBackendHttpSettings

Name Description Value
id Resource ID. string
name Name of the backend http settings that is unique within an Application Gateway. string
properties Properties of Backend address pool settings of an application gateway. ApplicationGatewayBackendHttpSettingsPropertiesFormat

ApplicationGatewayBackendHttpSettingsPropertiesFormat

Name Description Value
affinityCookieName Cookie name to use for the affinity cookie. string
authenticationCertificates Array of references to application gateway authentication certificates. SubResource[]
connectionDraining Connection draining allows open connections to a backend server to be active for a specified time after the backend server got removed from the configuration. ApplicationGatewayConnectionDraining
cookieBasedAffinity Cookie based affinity. 'Disabled'
'Enabled'
hostName Host header to be sent to the backend servers. string
path Path which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null. string
pickHostNameFromBackendAddress Whether to pick host header should be picked from the host name of the backend server. Default value is false. bool
port The destination port on the backend. int
probe Reference to another subresource. SubResource
probeEnabled Whether the probe is enabled. Default value is false. bool
protocol Application Gateway protocol. 'Http'
'Https'
requestTimeout Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds. int
trustedRootCertificates Array of references to application gateway trusted root certificates. SubResource[]

SubResource

Name Description Value
id Resource ID. string

ApplicationGatewayConnectionDraining

Name Description Value
drainTimeoutInSec The number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds. int (required)
enabled Whether connection draining is enabled or not. bool (required)

ApplicationGatewayCustomError

Name Description Value
customErrorPageUrl Error page URL of the application gateway customer error. string
statusCode Status code of the application gateway customer error. 'HttpStatus403'
'HttpStatus502'

ApplicationGatewayFrontendIPConfiguration

Name Description Value
id Resource ID. string
name Name of the frontend IP configuration that is unique within an Application Gateway. string
properties Properties of Frontend IP configuration of an application gateway. ApplicationGatewayFrontendIPConfigurationPropertiesFormat

ApplicationGatewayFrontendIPConfigurationPropertiesFormat

Name Description Value
privateIPAddress PrivateIPAddress of the network interface IP Configuration. string
privateIPAllocationMethod IP address allocation method. 'Dynamic'
'Static'
publicIPAddress Reference to another subresource. SubResource
subnet Reference to another subresource. SubResource

ApplicationGatewayFrontendPort

Name Description Value
id Resource ID. string
name Name of the frontend port that is unique within an Application Gateway. string
properties Properties of Frontend port of an application gateway. ApplicationGatewayFrontendPortPropertiesFormat

ApplicationGatewayFrontendPortPropertiesFormat

Name Description Value
port Frontend port. int

ApplicationGatewayIPConfiguration

Name Description Value
id Resource ID. string
name Name of the IP configuration that is unique within an Application Gateway. string
properties Properties of IP configuration of an application gateway. ApplicationGatewayIPConfigurationPropertiesFormat

ApplicationGatewayIPConfigurationPropertiesFormat

Name Description Value
subnet Reference to another subresource. SubResource

ApplicationGatewayHttpListener

Name Description Value
id Resource ID. string
name Name of the HTTP listener that is unique within an Application Gateway. string
properties Properties of HTTP listener of an application gateway. ApplicationGatewayHttpListenerPropertiesFormat

ApplicationGatewayHttpListenerPropertiesFormat

Name Description Value
customErrorConfigurations Custom error configurations of the HTTP listener. ApplicationGatewayCustomError[]
firewallPolicy Reference to another subresource. SubResource
frontendIPConfiguration Reference to another subresource. SubResource
frontendPort Reference to another subresource. SubResource
hostName Host name of HTTP listener. string
hostNames List of Host names for HTTP Listener that allows special wildcard characters as well. string[]
protocol Application Gateway protocol. 'Http'
'Https'
requireServerNameIndication Applicable only if protocol is https. Enables SNI for multi-hosting. bool
sslCertificate Reference to another subresource. SubResource

ApplicationGatewayProbe

Name Description Value
id Resource ID. string
name Name of the probe that is unique within an Application Gateway. string
properties Properties of probe of an application gateway. ApplicationGatewayProbePropertiesFormat

ApplicationGatewayProbePropertiesFormat

Name Description Value
host Host name to send the probe to. string
interval The probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds. int
match Application gateway probe health response match. ApplicationGatewayProbeHealthResponseMatch
minServers Minimum number of servers that are always marked healthy. Default value is 0. int
path Relative path of probe. Valid path starts from '/'. Probe is sent to {Protocol}://{host}:{port}{path}. string
pickHostNameFromBackendHttpSettings Whether the host header should be picked from the backend http settings. Default value is false. bool
port Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Standard_v2 and WAF_v2 only. int
protocol Application Gateway protocol. 'Http'
'Https'
timeout The probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds. int
unhealthyThreshold The probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20. int

ApplicationGatewayProbeHealthResponseMatch

Name Description Value
body Body that must be contained in the health response. Default value is empty. string
statusCodes Allowed ranges of healthy status codes. Default range of healthy status codes is 200-399. string[]

ApplicationGatewayRedirectConfiguration

Name Description Value
id Resource ID. string
name Name of the redirect configuration that is unique within an Application Gateway. string
properties Properties of redirect configuration of the application gateway. ApplicationGatewayRedirectConfigurationPropertiesFormat

ApplicationGatewayRedirectConfigurationPropertiesFormat

Name Description Value
includePath Include path in the redirected url. bool
includeQueryString Include query string in the redirected url. bool
pathRules Path rules specifying redirect configuration. SubResource[]
redirectType Redirect type enum. 'Found'
'Permanent'
'SeeOther'
'Temporary'
requestRoutingRules Request routing specifying redirect configuration. SubResource[]
targetListener Reference to another subresource. SubResource
targetUrl Url to redirect the request to. string
urlPathMaps Url path maps specifying default redirect configuration. SubResource[]

ApplicationGatewayRequestRoutingRule

Name Description Value
id Resource ID. string
name Name of the request routing rule that is unique within an Application Gateway. string
properties Properties of request routing rule of the application gateway. ApplicationGatewayRequestRoutingRulePropertiesFormat

ApplicationGatewayRequestRoutingRulePropertiesFormat

Name Description Value
backendAddressPool Reference to another subresource. SubResource
backendHttpSettings Reference to another subresource. SubResource
httpListener Reference to another subresource. SubResource
priority Priority of the request routing rule. int
redirectConfiguration Reference to another subresource. SubResource
rewriteRuleSet Reference to another subresource. SubResource
ruleType Rule type. 'Basic'
'PathBasedRouting'
urlPathMap Reference to another subresource. SubResource

ApplicationGatewayRewriteRuleSet

Name Description Value
id Resource ID. string
name Name of the rewrite rule set that is unique within an Application Gateway. string
properties Properties of rewrite rule set of the application gateway. ApplicationGatewayRewriteRuleSetPropertiesFormat

ApplicationGatewayRewriteRuleSetPropertiesFormat

Name Description Value
rewriteRules Rewrite rules in the rewrite rule set. ApplicationGatewayRewriteRule[]

ApplicationGatewayRewriteRule

Name Description Value
actionSet Set of actions in the Rewrite Rule in Application Gateway. ApplicationGatewayRewriteRuleActionSet
conditions Conditions based on which the action set execution will be evaluated. ApplicationGatewayRewriteRuleCondition[]
name Name of the rewrite rule that is unique within an Application Gateway. string
ruleSequence Rule Sequence of the rewrite rule that determines the order of execution of a particular rule in a RewriteRuleSet. int

ApplicationGatewayRewriteRuleActionSet

Name Description Value
requestHeaderConfigurations Request Header Actions in the Action Set. ApplicationGatewayHeaderConfiguration[]
responseHeaderConfigurations Response Header Actions in the Action Set. ApplicationGatewayHeaderConfiguration[]
urlConfiguration Url configuration of the Actions set in Application Gateway. ApplicationGatewayUrlConfiguration

ApplicationGatewayHeaderConfiguration

Name Description Value
headerName Header name of the header configuration. string
headerValue Header value of the header configuration. string

ApplicationGatewayUrlConfiguration

Name Description Value
modifiedPath Url path which user has provided for url rewrite. Null means no path will be updated. Default value is null. string
modifiedQueryString Query string which user has provided for url rewrite. Null means no query string will be updated. Default value is null. string
reroute If set as true, it will re-evaluate the url path map provided in path based request routing rules using modified path. Default value is false. bool

ApplicationGatewayRewriteRuleCondition

Name Description Value
ignoreCase Setting this parameter to truth value with force the pattern to do a case in-sensitive comparison. bool
negate Setting this value as truth will force to check the negation of the condition given by the user. bool
pattern The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition. string
variable The condition parameter of the RewriteRuleCondition. string

ApplicationGatewaySku

Name Description Value
capacity Capacity (instance count) of an application gateway. int
name Name of an application gateway SKU. 'Standard_Large'
'Standard_Medium'
'Standard_Small'
'Standard_v2'
'WAF_Large'
'WAF_Medium'
'WAF_v2'
tier Tier of an application gateway. 'Standard'
'Standard_v2'
'WAF'
'WAF_v2'

ApplicationGatewaySslCertificate

Name Description Value
id Resource ID. string
name Name of the SSL certificate that is unique within an Application Gateway. string
properties Properties of SSL certificates of an application gateway. ApplicationGatewaySslCertificatePropertiesFormat

ApplicationGatewaySslCertificatePropertiesFormat

Name Description Value
data Base-64 encoded pfx certificate. Only applicable in PUT Request. string
keyVaultSecretId Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault. string
password Password for the pfx file specified in data. Only applicable in PUT request. string

ApplicationGatewaySslPolicy

Name Description Value
cipherSuites Ssl cipher suites to be enabled in the specified order to application gateway. String array containing any of:
'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA'
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA'
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256'
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA'
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256'
'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'
'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256'
'TLS_DHE_RSA_WITH_AES_256_CBC_SHA'
'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384'
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA'
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256'
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256'
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA'
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384'
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384'
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA'
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256'
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA'
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384'
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'
'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
'TLS_RSA_WITH_AES_128_CBC_SHA'
'TLS_RSA_WITH_AES_128_CBC_SHA256'
'TLS_RSA_WITH_AES_128_GCM_SHA256'
'TLS_RSA_WITH_AES_256_CBC_SHA'
'TLS_RSA_WITH_AES_256_CBC_SHA256'
'TLS_RSA_WITH_AES_256_GCM_SHA384'
disabledSslProtocols Ssl protocols to be disabled on application gateway. String array containing any of:
'TLSv1_0'
'TLSv1_1'
'TLSv1_2'
minProtocolVersion Ssl protocol enums. 'TLSv1_0'
'TLSv1_1'
'TLSv1_2'
policyName Ssl predefined policy name enums. 'AppGwSslPolicy20150501'
'AppGwSslPolicy20170401'
'AppGwSslPolicy20170401S'
policyType Type of Ssl Policy. 'Custom'
'Predefined'

ApplicationGatewayTrustedRootCertificate

Name Description Value
id Resource ID. string
name Name of the trusted root certificate that is unique within an Application Gateway. string
properties Trusted Root certificates properties of an application gateway. ApplicationGatewayTrustedRootCertificatePropertiesFormat

ApplicationGatewayTrustedRootCertificatePropertiesFormat

Name Description Value
data Certificate public data. string
keyVaultSecretId Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault. string

ApplicationGatewayUrlPathMap

Name Description Value
id Resource ID. string
name Name of the URL path map that is unique within an Application Gateway. string
properties Properties of UrlPathMap of the application gateway. ApplicationGatewayUrlPathMapPropertiesFormat

ApplicationGatewayUrlPathMapPropertiesFormat

Name Description Value
defaultBackendAddressPool Reference to another subresource. SubResource
defaultBackendHttpSettings Reference to another subresource. SubResource
defaultRedirectConfiguration Reference to another subresource. SubResource
defaultRewriteRuleSet Reference to another subresource. SubResource
pathRules Path rule of URL path map resource. ApplicationGatewayPathRule[]

ApplicationGatewayPathRule

Name Description Value
id Resource ID. string
name Name of the path rule that is unique within an Application Gateway. string
properties Properties of path rule of an application gateway. ApplicationGatewayPathRulePropertiesFormat

ApplicationGatewayPathRulePropertiesFormat

Name Description Value
backendAddressPool Reference to another subresource. SubResource
backendHttpSettings Reference to another subresource. SubResource
firewallPolicy Reference to another subresource. SubResource
paths Path rules of URL path map. string[]
redirectConfiguration Reference to another subresource. SubResource
rewriteRuleSet Reference to another subresource. SubResource

ApplicationGatewayWebApplicationFirewallConfiguration

Name Description Value
disabledRuleGroups The disabled rule groups. ApplicationGatewayFirewallDisabledRuleGroup[]
enabled Whether the web application firewall is enabled or not. bool (required)
exclusions The exclusion list. ApplicationGatewayFirewallExclusion[]
fileUploadLimitInMb Maximum file upload size in Mb for WAF. int
firewallMode Web application firewall mode. 'Detection'
'Prevention'
maxRequestBodySize Maximum request body size for WAF. int
maxRequestBodySizeInKb Maximum request body size in Kb for WAF. int
requestBodyCheck Whether allow WAF to check request Body. bool
ruleSetType The type of the web application firewall rule set. Possible values are: 'OWASP'. string (required)
ruleSetVersion The version of the rule set type. string (required)

ApplicationGatewayFirewallDisabledRuleGroup

Name Description Value
ruleGroupName The name of the rule group that will be disabled. string (required)
rules The list of rules that will be disabled. If null, all rules of the rule group will be disabled. int[]

ApplicationGatewayFirewallExclusion

Name Description Value
matchVariable The variable to be excluded. string (required)
selector When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to. string (required)
selectorMatchOperator When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to. string (required)

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Autoscale LANSA Windows VM ScaleSet with Azure SQL Database

Deploy to Azure
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI)
SAS 9.4 with SAS Visual Analytics and SAS Visual Statistics

Deploy to Azure
The SAS 9.4 Quickstart Template for Azure with SAS Visual Analytics and SAS Visual Statistics deploys these products on the cloud: SAS Visual Analytics 7.51 and SAS Visual Statistics 7.51. This Quickstart is a reference architecture only. It is not intended for production use. Specifically, the Quickstart provides an example of how a SAS Visual Analytics in SAS 9.4 workload and a SAS Visual Statistics in SAS 9.4 workload running in a massively parallel processing (MPP) environment with SAS LASR Analytiic Server can be run on Azure.
SAS Viya 3.5 Quickstart Template for Azure

Deploy to Azure
The SAS Viya 3.5 Quickstart Template for Azure deploys these products on the cloud: SAS Visual Analytics 8.5 on Linux, SAS Visual Statistics 8.5 on Linux, and SAS Visual Data Mining and Machine Learning 8.5 on Linux. This Quickstart is a reference architecture for users who want to deploy the SAS Viya platform, using microservices and other cloud-friendly technologies. By deploying the SAS platform on Azure, you get SAS analytics, data visualization, and machine learning capabilities in an Azure-validated environment. SAS Viya is a cloud-enabled, in-memory analytics engine. It uses elastic, scalable, and fault-tolerant processing to address complex analytical challenges. SAS Viya provides faster processing for analytics by using a standardized code base that supports programming in SAS, Python, R, Java, and Lua. It also supports cloud, on-premises, or hybrid environments and deploys seamlessly to any infrastructure or application ecosystem.
Create a WordPress site in a virtual network

Deploy to Azure
This template creates a WordPress site on Container Instance in a virtual network. And output a public site FQDN which could access WordPress site.
Create an Azure Application Gateway v2

Deploy to Azure
This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Create an Azure WAF v2 on Azure Application Gateway

Deploy to Azure
This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool
Azure Application Gateway Demo Setup

Deploy to Azure
This template allows you to quickly deploy Azure Application Gateway demo to test load-balancing with or without cookie-based affinity.
eShop Website with ILB ASE

Deploy to Azure
An App Service Environment is a Premium service plan option of Azure App Service that provides a fully isolated and dedicated environment for securely running Azure App Service apps at high scale, including Web Apps, Mobile Apps, and API Apps.
Multi tier traffic manager, L4 ILB, L7 AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Multi tier App with NSG, ILB, AppGateway

Deploy to Azure
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing
Create API Management in Internal VNet with App Gateway

Deploy to Azure
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway.
Deploy an Ubuntu VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
Deploy a Windows VM scale set with Azure Application Gateway

Deploy to Azure
This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs
AKS cluster with the Application Gateway Ingress Controller

Deploy to Azure
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault
App Gateway with WAF, SSL, IIS and HTTPS redirection

Deploy to Azure
This template deploys an Application Gateway with WAF, end to end SSL and HTTP to HTTPS redirect on the IIS servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in a virtual network and sets up load balancing rules for any number of virtual machines
Create an Application Gateway V2 with Key Vault

Deploy to Azure
This template deploys an Application Gateway V2 in a Virtual Network, a user defined identity, Key Vault, a secret (cert data), and access policy on Key Vault and Application Gateway.
Application Gateway for Multi Hosting

Deploy to Azure
This template creates an Application Gateway and configures it for Multi Hosting on port 443.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway and shows usage of the path override feature for a backend address pool.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway with enhanced probe functionality.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Http Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway with Public IP

Deploy to Azure
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Ssl Offload and Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Redirect functionalities in a virtual network and sets up load balancing and redirect rules (basic and pathbased)
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Rewrite functionalities in a virtual network and sets up load balancing, rewrite rules
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a custom ssl policy.
Create an Application Gateway

Deploy to Azure
This template deploys an Application Gateway configured with a predefined ssl policy.
Application Gateway for Url Path Based Routing

Deploy to Azure
This template creates an Application Gateway and configures it for URL Path Based Routing.
Create an Application Gateway v2

Deploy to Azure
This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend
Create an Application Gateway

Deploy to Azure
This template creates an application gateway with Web Application Firewall functionality in a virtual network and sets up load balancing rules for any number of virtual machines
Application Gateway for a Web App with IP Restriction

Deploy to Azure
This template creates an application gateway in front of an Azure Web App with IP restriction enabled on the Web App.
Create an Application Gateway

Deploy to Azure
This template creates an application gateway in front of two Azure Web Apps with a custom probe enabled.
Front Door Standard/Premium with Application Gateway origin

Deploy to Azure
This template creates a Front Door Standard/Premium (Preview) and an Application Gateway instance, and uses an NSG and WAF policy to validate that traffic has come through the Front Door origin.
Front Door with Container Instances and Application Gateway

Deploy to Azure
This template creates a Front Door Standard/Premium (Preview) with a container group and Application Gateway.
Create a Web App protected by Application Gateway v2

Deploy to Azure
This template creates an Azure Web App with Access Restriction for an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet) which has a 'Microsoft.Web' Service Endpoint enabled. The Web App restricts access to traffic from the subnet.
SAS 9.4 with SAS Visual Analytics and SAS Visual Statistics

Deploy to Azure
The SAS 9.4 Quickstart Template for Azure with SAS Visual Analytics and SAS Visual Statistics deploys these products on the cloud: SAS Visual Analytics 7.51 and SAS Visual Statistics 7.51. This Quickstart is a reference architecture only. It is not intended for production use. Specifically, the Quickstart provides an example of how a SAS Visual Analytics in SAS 9.4 workload and a SAS Visual Statistics in SAS 9.4 workload running in a massively parallel processing (MPP) environment with SAS LASR Analytiic Server can be run on Azure.