We recommend using Azure Native.
azure.network.ApplicationGateway
Explore with Pulumi AI
Manages an Application Gateway.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
AddressSpaces = new[]
{
"10.254.0.0/16",
},
});
var frontend = new Azure.Network.Subnet("frontend", new()
{
ResourceGroupName = exampleResourceGroup.Name,
VirtualNetworkName = exampleVirtualNetwork.Name,
AddressPrefixes = new[]
{
"10.254.0.0/24",
},
});
var backend = new Azure.Network.Subnet("backend", new()
{
ResourceGroupName = exampleResourceGroup.Name,
VirtualNetworkName = exampleVirtualNetwork.Name,
AddressPrefixes = new[]
{
"10.254.2.0/24",
},
});
var examplePublicIp = new Azure.Network.PublicIp("examplePublicIp", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
AllocationMethod = "Dynamic",
});
var backendAddressPoolName = exampleVirtualNetwork.Name.Apply(name => $"{name}-beap");
var frontendPortName = exampleVirtualNetwork.Name.Apply(name => $"{name}-feport");
var frontendIpConfigurationName = exampleVirtualNetwork.Name.Apply(name => $"{name}-feip");
var httpSettingName = exampleVirtualNetwork.Name.Apply(name => $"{name}-be-htst");
var listenerName = exampleVirtualNetwork.Name.Apply(name => $"{name}-httplstn");
var requestRoutingRuleName = exampleVirtualNetwork.Name.Apply(name => $"{name}-rqrt");
var redirectConfigurationName = exampleVirtualNetwork.Name.Apply(name => $"{name}-rdrcfg");
var network = new Azure.Network.ApplicationGateway("network", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
Sku = new Azure.Network.Inputs.ApplicationGatewaySkuArgs
{
Name = "Standard_Small",
Tier = "Standard",
Capacity = 2,
},
GatewayIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayGatewayIpConfigurationArgs
{
Name = "my-gateway-ip-configuration",
SubnetId = frontend.Id,
},
},
FrontendPorts = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendPortArgs
{
Name = frontendPortName,
Port = 80,
},
},
FrontendIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendIpConfigurationArgs
{
Name = frontendIpConfigurationName,
PublicIpAddressId = examplePublicIp.Id,
},
},
BackendAddressPools = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendAddressPoolArgs
{
Name = backendAddressPoolName,
},
},
BackendHttpSettings = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendHttpSettingArgs
{
Name = httpSettingName,
CookieBasedAffinity = "Disabled",
Path = "/path1/",
Port = 80,
Protocol = "Http",
RequestTimeout = 60,
},
},
HttpListeners = new[]
{
new Azure.Network.Inputs.ApplicationGatewayHttpListenerArgs
{
Name = listenerName,
FrontendIpConfigurationName = frontendIpConfigurationName,
FrontendPortName = frontendPortName,
Protocol = "Http",
},
},
RequestRoutingRules = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRequestRoutingRuleArgs
{
Name = requestRoutingRuleName,
RuleType = "Basic",
HttpListenerName = listenerName,
BackendAddressPoolName = backendAddressPoolName,
BackendHttpSettingsName = httpSettingName,
},
},
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
AddressSpaces: pulumi.StringArray{
pulumi.String("10.254.0.0/16"),
},
})
if err != nil {
return err
}
frontend, err := network.NewSubnet(ctx, "frontend", &network.SubnetArgs{
ResourceGroupName: exampleResourceGroup.Name,
VirtualNetworkName: exampleVirtualNetwork.Name,
AddressPrefixes: pulumi.StringArray{
pulumi.String("10.254.0.0/24"),
},
})
if err != nil {
return err
}
_, err = network.NewSubnet(ctx, "backend", &network.SubnetArgs{
ResourceGroupName: exampleResourceGroup.Name,
VirtualNetworkName: exampleVirtualNetwork.Name,
AddressPrefixes: pulumi.StringArray{
pulumi.String("10.254.2.0/24"),
},
})
if err != nil {
return err
}
examplePublicIp, err := network.NewPublicIp(ctx, "examplePublicIp", &network.PublicIpArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
AllocationMethod: pulumi.String("Dynamic"),
})
if err != nil {
return err
}
backendAddressPoolName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-beap", name), nil
}).(pulumi.StringOutput)
frontendPortName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-feport", name), nil
}).(pulumi.StringOutput)
frontendIpConfigurationName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-feip", name), nil
}).(pulumi.StringOutput)
httpSettingName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-be-htst", name), nil
}).(pulumi.StringOutput)
listenerName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-httplstn", name), nil
}).(pulumi.StringOutput)
requestRoutingRuleName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-rqrt", name), nil
}).(pulumi.StringOutput)
_ = exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-rdrcfg", name), nil
}).(pulumi.StringOutput)
_, err = network.NewApplicationGateway(ctx, "network", &network.ApplicationGatewayArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
Sku: &network.ApplicationGatewaySkuArgs{
Name: pulumi.String("Standard_Small"),
Tier: pulumi.String("Standard"),
Capacity: pulumi.Int(2),
},
GatewayIpConfigurations: network.ApplicationGatewayGatewayIpConfigurationArray{
&network.ApplicationGatewayGatewayIpConfigurationArgs{
Name: pulumi.String("my-gateway-ip-configuration"),
SubnetId: frontend.ID(),
},
},
FrontendPorts: network.ApplicationGatewayFrontendPortArray{
&network.ApplicationGatewayFrontendPortArgs{
Name: pulumi.String(frontendPortName),
Port: pulumi.Int(80),
},
},
FrontendIpConfigurations: network.ApplicationGatewayFrontendIpConfigurationArray{
&network.ApplicationGatewayFrontendIpConfigurationArgs{
Name: pulumi.String(frontendIpConfigurationName),
PublicIpAddressId: examplePublicIp.ID(),
},
},
BackendAddressPools: network.ApplicationGatewayBackendAddressPoolArray{
&network.ApplicationGatewayBackendAddressPoolArgs{
Name: pulumi.String(backendAddressPoolName),
},
},
BackendHttpSettings: network.ApplicationGatewayBackendHttpSettingArray{
&network.ApplicationGatewayBackendHttpSettingArgs{
Name: pulumi.String(httpSettingName),
CookieBasedAffinity: pulumi.String("Disabled"),
Path: pulumi.String("/path1/"),
Port: pulumi.Int(80),
Protocol: pulumi.String("Http"),
RequestTimeout: pulumi.Int(60),
},
},
HttpListeners: network.ApplicationGatewayHttpListenerArray{
&network.ApplicationGatewayHttpListenerArgs{
Name: pulumi.String(listenerName),
FrontendIpConfigurationName: pulumi.String(frontendIpConfigurationName),
FrontendPortName: pulumi.String(frontendPortName),
Protocol: pulumi.String("Http"),
},
},
RequestRoutingRules: network.ApplicationGatewayRequestRoutingRuleArray{
&network.ApplicationGatewayRequestRoutingRuleArgs{
Name: pulumi.String(requestRoutingRuleName),
RuleType: pulumi.String("Basic"),
HttpListenerName: pulumi.String(listenerName),
BackendAddressPoolName: pulumi.String(backendAddressPoolName),
BackendHttpSettingsName: pulumi.String(httpSettingName),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.ApplicationGateway;
import com.pulumi.azure.network.ApplicationGatewayArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewaySkuArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayGatewayIpConfigurationArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayFrontendPortArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayFrontendIpConfigurationArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayBackendAddressPoolArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayBackendHttpSettingArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayHttpListenerArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayRequestRoutingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.addressSpaces("10.254.0.0/16")
.build());
var frontend = new Subnet("frontend", SubnetArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.254.0.0/24")
.build());
var backend = new Subnet("backend", SubnetArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.254.2.0/24")
.build());
var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.allocationMethod("Dynamic")
.build());
final var backendAddressPoolName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-beap", name));
final var frontendPortName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-feport", name));
final var frontendIpConfigurationName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-feip", name));
final var httpSettingName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-be-htst", name));
final var listenerName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-httplstn", name));
final var requestRoutingRuleName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-rqrt", name));
final var redirectConfigurationName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-rdrcfg", name));
var network = new ApplicationGateway("network", ApplicationGatewayArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.sku(ApplicationGatewaySkuArgs.builder()
.name("Standard_Small")
.tier("Standard")
.capacity(2)
.build())
.gatewayIpConfigurations(ApplicationGatewayGatewayIpConfigurationArgs.builder()
.name("my-gateway-ip-configuration")
.subnetId(frontend.id())
.build())
.frontendPorts(ApplicationGatewayFrontendPortArgs.builder()
.name(frontendPortName)
.port(80)
.build())
.frontendIpConfigurations(ApplicationGatewayFrontendIpConfigurationArgs.builder()
.name(frontendIpConfigurationName)
.publicIpAddressId(examplePublicIp.id())
.build())
.backendAddressPools(ApplicationGatewayBackendAddressPoolArgs.builder()
.name(backendAddressPoolName)
.build())
.backendHttpSettings(ApplicationGatewayBackendHttpSettingArgs.builder()
.name(httpSettingName)
.cookieBasedAffinity("Disabled")
.path("/path1/")
.port(80)
.protocol("Http")
.requestTimeout(60)
.build())
.httpListeners(ApplicationGatewayHttpListenerArgs.builder()
.name(listenerName)
.frontendIpConfigurationName(frontendIpConfigurationName)
.frontendPortName(frontendPortName)
.protocol("Http")
.build())
.requestRoutingRules(ApplicationGatewayRequestRoutingRuleArgs.builder()
.name(requestRoutingRuleName)
.ruleType("Basic")
.httpListenerName(listenerName)
.backendAddressPoolName(backendAddressPoolName)
.backendHttpSettingsName(httpSettingName)
.build())
.build());
}
}
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
address_spaces=["10.254.0.0/16"])
frontend = azure.network.Subnet("frontend",
resource_group_name=example_resource_group.name,
virtual_network_name=example_virtual_network.name,
address_prefixes=["10.254.0.0/24"])
backend = azure.network.Subnet("backend",
resource_group_name=example_resource_group.name,
virtual_network_name=example_virtual_network.name,
address_prefixes=["10.254.2.0/24"])
example_public_ip = azure.network.PublicIp("examplePublicIp",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
allocation_method="Dynamic")
backend_address_pool_name = example_virtual_network.name.apply(lambda name: f"{name}-beap")
frontend_port_name = example_virtual_network.name.apply(lambda name: f"{name}-feport")
frontend_ip_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-feip")
http_setting_name = example_virtual_network.name.apply(lambda name: f"{name}-be-htst")
listener_name = example_virtual_network.name.apply(lambda name: f"{name}-httplstn")
request_routing_rule_name = example_virtual_network.name.apply(lambda name: f"{name}-rqrt")
redirect_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-rdrcfg")
network = azure.network.ApplicationGateway("network",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
sku=azure.network.ApplicationGatewaySkuArgs(
name="Standard_Small",
tier="Standard",
capacity=2,
),
gateway_ip_configurations=[azure.network.ApplicationGatewayGatewayIpConfigurationArgs(
name="my-gateway-ip-configuration",
subnet_id=frontend.id,
)],
frontend_ports=[azure.network.ApplicationGatewayFrontendPortArgs(
name=frontend_port_name,
port=80,
)],
frontend_ip_configurations=[azure.network.ApplicationGatewayFrontendIpConfigurationArgs(
name=frontend_ip_configuration_name,
public_ip_address_id=example_public_ip.id,
)],
backend_address_pools=[azure.network.ApplicationGatewayBackendAddressPoolArgs(
name=backend_address_pool_name,
)],
backend_http_settings=[azure.network.ApplicationGatewayBackendHttpSettingArgs(
name=http_setting_name,
cookie_based_affinity="Disabled",
path="/path1/",
port=80,
protocol="Http",
request_timeout=60,
)],
http_listeners=[azure.network.ApplicationGatewayHttpListenerArgs(
name=listener_name,
frontend_ip_configuration_name=frontend_ip_configuration_name,
frontend_port_name=frontend_port_name,
protocol="Http",
)],
request_routing_rules=[azure.network.ApplicationGatewayRequestRoutingRuleArgs(
name=request_routing_rule_name,
rule_type="Basic",
http_listener_name=listener_name,
backend_address_pool_name=backend_address_pool_name,
backend_http_settings_name=http_setting_name,
)])
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
addressSpaces: ["10.254.0.0/16"],
});
const frontend = new azure.network.Subnet("frontend", {
resourceGroupName: exampleResourceGroup.name,
virtualNetworkName: exampleVirtualNetwork.name,
addressPrefixes: ["10.254.0.0/24"],
});
const backend = new azure.network.Subnet("backend", {
resourceGroupName: exampleResourceGroup.name,
virtualNetworkName: exampleVirtualNetwork.name,
addressPrefixes: ["10.254.2.0/24"],
});
const examplePublicIp = new azure.network.PublicIp("examplePublicIp", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
allocationMethod: "Dynamic",
});
const backendAddressPoolName = pulumi.interpolate`${exampleVirtualNetwork.name}-beap`;
const frontendPortName = pulumi.interpolate`${exampleVirtualNetwork.name}-feport`;
const frontendIpConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-feip`;
const httpSettingName = pulumi.interpolate`${exampleVirtualNetwork.name}-be-htst`;
const listenerName = pulumi.interpolate`${exampleVirtualNetwork.name}-httplstn`;
const requestRoutingRuleName = pulumi.interpolate`${exampleVirtualNetwork.name}-rqrt`;
const redirectConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-rdrcfg`;
const network = new azure.network.ApplicationGateway("network", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
sku: {
name: "Standard_Small",
tier: "Standard",
capacity: 2,
},
gatewayIpConfigurations: [{
name: "my-gateway-ip-configuration",
subnetId: frontend.id,
}],
frontendPorts: [{
name: frontendPortName,
port: 80,
}],
frontendIpConfigurations: [{
name: frontendIpConfigurationName,
publicIpAddressId: examplePublicIp.id,
}],
backendAddressPools: [{
name: backendAddressPoolName,
}],
backendHttpSettings: [{
name: httpSettingName,
cookieBasedAffinity: "Disabled",
path: "/path1/",
port: 80,
protocol: "Http",
requestTimeout: 60,
}],
httpListeners: [{
name: listenerName,
frontendIpConfigurationName: frontendIpConfigurationName,
frontendPortName: frontendPortName,
protocol: "Http",
}],
requestRoutingRules: [{
name: requestRoutingRuleName,
ruleType: "Basic",
httpListenerName: listenerName,
backendAddressPoolName: backendAddressPoolName,
backendHttpSettingsName: httpSettingName,
}],
});
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
properties:
location: West Europe
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
addressSpaces:
- 10.254.0.0/16
frontend:
type: azure:network:Subnet
properties:
resourceGroupName: ${exampleResourceGroup.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.254.0.0/24
backend:
type: azure:network:Subnet
properties:
resourceGroupName: ${exampleResourceGroup.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.254.2.0/24
examplePublicIp:
type: azure:network:PublicIp
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
allocationMethod: Dynamic
network:
type: azure:network:ApplicationGateway
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
sku:
name: Standard_Small
tier: Standard
capacity: 2
gatewayIpConfigurations:
- name: my-gateway-ip-configuration
subnetId: ${frontend.id}
frontendPorts:
- name: ${frontendPortName}
port: 80
frontendIpConfigurations:
- name: ${frontendIpConfigurationName}
publicIpAddressId: ${examplePublicIp.id}
backendAddressPools:
- name: ${backendAddressPoolName}
backendHttpSettings:
- name: ${httpSettingName}
cookieBasedAffinity: Disabled
path: /path1/
port: 80
protocol: Http
requestTimeout: 60
httpListeners:
- name: ${listenerName}
frontendIpConfigurationName: ${frontendIpConfigurationName}
frontendPortName: ${frontendPortName}
protocol: Http
requestRoutingRules:
- name: ${requestRoutingRuleName}
ruleType: Basic
httpListenerName: ${listenerName}
backendAddressPoolName: ${backendAddressPoolName}
backendHttpSettingsName: ${httpSettingName}
variables:
backendAddressPoolName: ${exampleVirtualNetwork.name}-beap
frontendPortName: ${exampleVirtualNetwork.name}-feport
frontendIpConfigurationName: ${exampleVirtualNetwork.name}-feip
httpSettingName: ${exampleVirtualNetwork.name}-be-htst
listenerName: ${exampleVirtualNetwork.name}-httplstn
requestRoutingRuleName: ${exampleVirtualNetwork.name}-rqrt
redirectConfigurationName: ${exampleVirtualNetwork.name}-rdrcfg
Create ApplicationGateway Resource
new ApplicationGateway(name: string, args: ApplicationGatewayArgs, opts?: CustomResourceOptions);
@overload
def ApplicationGateway(resource_name: str,
opts: Optional[ResourceOptions] = None,
authentication_certificates: Optional[Sequence[ApplicationGatewayAuthenticationCertificateArgs]] = None,
autoscale_configuration: Optional[ApplicationGatewayAutoscaleConfigurationArgs] = None,
backend_address_pools: Optional[Sequence[ApplicationGatewayBackendAddressPoolArgs]] = None,
backend_http_settings: Optional[Sequence[ApplicationGatewayBackendHttpSettingArgs]] = None,
custom_error_configurations: Optional[Sequence[ApplicationGatewayCustomErrorConfigurationArgs]] = None,
enable_http2: Optional[bool] = None,
fips_enabled: Optional[bool] = None,
firewall_policy_id: Optional[str] = None,
force_firewall_policy_association: Optional[bool] = None,
frontend_ip_configurations: Optional[Sequence[ApplicationGatewayFrontendIpConfigurationArgs]] = None,
frontend_ports: Optional[Sequence[ApplicationGatewayFrontendPortArgs]] = None,
gateway_ip_configurations: Optional[Sequence[ApplicationGatewayGatewayIpConfigurationArgs]] = None,
global_: Optional[ApplicationGatewayGlobalArgs] = None,
http_listeners: Optional[Sequence[ApplicationGatewayHttpListenerArgs]] = None,
identity: Optional[ApplicationGatewayIdentityArgs] = None,
location: Optional[str] = None,
name: Optional[str] = None,
private_link_configurations: Optional[Sequence[ApplicationGatewayPrivateLinkConfigurationArgs]] = None,
probes: Optional[Sequence[ApplicationGatewayProbeArgs]] = None,
redirect_configurations: Optional[Sequence[ApplicationGatewayRedirectConfigurationArgs]] = None,
request_routing_rules: Optional[Sequence[ApplicationGatewayRequestRoutingRuleArgs]] = None,
resource_group_name: Optional[str] = None,
rewrite_rule_sets: Optional[Sequence[ApplicationGatewayRewriteRuleSetArgs]] = None,
sku: Optional[ApplicationGatewaySkuArgs] = None,
ssl_certificates: Optional[Sequence[ApplicationGatewaySslCertificateArgs]] = None,
ssl_policy: Optional[ApplicationGatewaySslPolicyArgs] = None,
ssl_profiles: Optional[Sequence[ApplicationGatewaySslProfileArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
trusted_client_certificates: Optional[Sequence[ApplicationGatewayTrustedClientCertificateArgs]] = None,
trusted_root_certificates: Optional[Sequence[ApplicationGatewayTrustedRootCertificateArgs]] = None,
url_path_maps: Optional[Sequence[ApplicationGatewayUrlPathMapArgs]] = None,
waf_configuration: Optional[ApplicationGatewayWafConfigurationArgs] = None,
zones: Optional[Sequence[str]] = None)
@overload
def ApplicationGateway(resource_name: str,
args: ApplicationGatewayArgs,
opts: Optional[ResourceOptions] = None)
func NewApplicationGateway(ctx *Context, name string, args ApplicationGatewayArgs, opts ...ResourceOption) (*ApplicationGateway, error)
public ApplicationGateway(string name, ApplicationGatewayArgs args, CustomResourceOptions? opts = null)
public ApplicationGateway(String name, ApplicationGatewayArgs args)
public ApplicationGateway(String name, ApplicationGatewayArgs args, CustomResourceOptions options)
type: azure:network:ApplicationGateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ApplicationGateway Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ApplicationGateway resource accepts the following input properties:
- Backend
Address List<ApplicationPools Gateway Backend Address Pool> One or more
backend_address_pool
blocks as defined below.- Backend
Http List<ApplicationSettings Gateway Backend Http Setting> One or more
backend_http_settings
blocks as defined below.- Frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> One or more
frontend_ip_configuration
blocks as defined below.- Frontend
Ports List<ApplicationGateway Frontend Port> One or more
frontend_port
blocks as defined below.- Gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> One or more
gateway_ip_configuration
blocks as defined below.- Http
Listeners List<ApplicationGateway Http Listener> One or more
http_listener
blocks as defined below.- Request
Routing List<ApplicationRules Gateway Request Routing Rule> One or more
request_routing_rule
blocks as defined below.- Resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Sku
Application
Gateway Sku A
sku
block as defined below.- Authentication
Certificates List<ApplicationGateway Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- Autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- Custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- Enable
Http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- Fips
Enabled bool Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association Is the Firewall Policy associated with the Application Gateway?
- Global
Application
Gateway Global A
global
block as defined below.- Identity
Application
Gateway Identity An
identity
block as defined below.- Location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Link List<ApplicationConfigurations Gateway Private Link Configuration> One or more
private_link_configuration
blocks as defined below.- Probes
List<Application
Gateway Probe> One or more
probe
blocks as defined below.- Redirect
Configurations List<ApplicationGateway Redirect Configuration> One or more
redirect_configuration
blocks as defined below.- Rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- Ssl
Certificates List<ApplicationGateway Ssl Certificate> One or more
ssl_certificate
blocks as defined below.- Ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- Ssl
Profiles List<ApplicationGateway Ssl Profile> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> One or more
trusted_client_certificate
blocks as defined below.- Trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> One or more
trusted_root_certificate
blocks as defined below.- Url
Path List<ApplicationMaps Gateway Url Path Map> One or more
url_path_map
blocks as defined below.- Waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- Zones List<string>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- Backend
Address []ApplicationPools Gateway Backend Address Pool Args One or more
backend_address_pool
blocks as defined below.- Backend
Http []ApplicationSettings Gateway Backend Http Setting Args One or more
backend_http_settings
blocks as defined below.- Frontend
Ip []ApplicationConfigurations Gateway Frontend Ip Configuration Args One or more
frontend_ip_configuration
blocks as defined below.- Frontend
Ports []ApplicationGateway Frontend Port Args One or more
frontend_port
blocks as defined below.- Gateway
Ip []ApplicationConfigurations Gateway Gateway Ip Configuration Args One or more
gateway_ip_configuration
blocks as defined below.- Http
Listeners []ApplicationGateway Http Listener Args One or more
http_listener
blocks as defined below.- Request
Routing []ApplicationRules Gateway Request Routing Rule Args One or more
request_routing_rule
blocks as defined below.- Resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Sku
Application
Gateway Sku Args A
sku
block as defined below.- Authentication
Certificates []ApplicationGateway Authentication Certificate Args One or more
authentication_certificate
blocks as defined below.- Autoscale
Configuration ApplicationGateway Autoscale Configuration Args A
autoscale_configuration
block as defined below.- Custom
Error []ApplicationConfigurations Gateway Custom Error Configuration Args One or more
custom_error_configuration
blocks as defined below.- Enable
Http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- Fips
Enabled bool Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association Is the Firewall Policy associated with the Application Gateway?
- Global
Application
Gateway Global Args A
global
block as defined below.- Identity
Application
Gateway Identity Args An
identity
block as defined below.- Location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Link []ApplicationConfigurations Gateway Private Link Configuration Args One or more
private_link_configuration
blocks as defined below.- Probes
[]Application
Gateway Probe Args One or more
probe
blocks as defined below.- Redirect
Configurations []ApplicationGateway Redirect Configuration Args One or more
redirect_configuration
blocks as defined below.- Rewrite
Rule []ApplicationSets Gateway Rewrite Rule Set Args One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- Ssl
Certificates []ApplicationGateway Ssl Certificate Args One or more
ssl_certificate
blocks as defined below.- Ssl
Policy ApplicationGateway Ssl Policy Args a
ssl_policy
block as defined below.- Ssl
Profiles []ApplicationGateway Ssl Profile Args One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- map[string]string
A mapping of tags to assign to the resource.
- Trusted
Client []ApplicationCertificates Gateway Trusted Client Certificate Args One or more
trusted_client_certificate
blocks as defined below.- Trusted
Root []ApplicationCertificates Gateway Trusted Root Certificate Args One or more
trusted_root_certificate
blocks as defined below.- Url
Path []ApplicationMaps Gateway Url Path Map Args One or more
url_path_map
blocks as defined below.- Waf
Configuration ApplicationGateway Waf Configuration Args A
waf_configuration
block as defined below.- Zones []string
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- backend
Address List<ApplicationPools Gateway Backend Address Pool> One or more
backend_address_pool
blocks as defined below.- backend
Http List<ApplicationSettings Gateway Backend Http Setting> One or more
backend_http_settings
blocks as defined below.- frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports List<ApplicationGateway Frontend Port> One or more
frontend_port
blocks as defined below.- gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> One or more
gateway_ip_configuration
blocks as defined below.- http
Listeners List<ApplicationGateway Http Listener> One or more
http_listener
blocks as defined below.- request
Routing List<ApplicationRules Gateway Request Routing Rule> One or more
request_routing_rule
blocks as defined below.- resource
Group StringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku A
sku
block as defined below.- authentication
Certificates List<ApplicationGateway Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- enable
Http2 Boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled Boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- global
Application
Gateway Global A
global
block as defined below.- identity
Application
Gateway Identity An
identity
block as defined below.- location String
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link List<ApplicationConfigurations Gateway Private Link Configuration> One or more
private_link_configuration
blocks as defined below.- probes
List<Application
Gateway Probe> One or more
probe
blocks as defined below.- redirect
Configurations List<ApplicationGateway Redirect Configuration> One or more
redirect_configuration
blocks as defined below.- rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- ssl
Certificates List<ApplicationGateway Ssl Certificate> One or more
ssl_certificate
blocks as defined below.- ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- ssl
Profiles List<ApplicationGateway Ssl Profile> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Map<String,String>
A mapping of tags to assign to the resource.
- trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> One or more
trusted_client_certificate
blocks as defined below.- trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> One or more
trusted_root_certificate
blocks as defined below.- url
Path List<ApplicationMaps Gateway Url Path Map> One or more
url_path_map
blocks as defined below.- waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- backend
Address ApplicationPools Gateway Backend Address Pool[] One or more
backend_address_pool
blocks as defined below.- backend
Http ApplicationSettings Gateway Backend Http Setting[] One or more
backend_http_settings
blocks as defined below.- frontend
Ip ApplicationConfigurations Gateway Frontend Ip Configuration[] One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports ApplicationGateway Frontend Port[] One or more
frontend_port
blocks as defined below.- gateway
Ip ApplicationConfigurations Gateway Gateway Ip Configuration[] One or more
gateway_ip_configuration
blocks as defined below.- http
Listeners ApplicationGateway Http Listener[] One or more
http_listener
blocks as defined below.- request
Routing ApplicationRules Gateway Request Routing Rule[] One or more
request_routing_rule
blocks as defined below.- resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku A
sku
block as defined below.- authentication
Certificates ApplicationGateway Authentication Certificate[] One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- custom
Error ApplicationConfigurations Gateway Custom Error Configuration[] One or more
custom_error_configuration
blocks as defined below.- enable
Http2 boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy stringId The ID of the Web Application Firewall Policy.
- force
Firewall booleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- global
Application
Gateway Global A
global
block as defined below.- identity
Application
Gateway Identity An
identity
block as defined below.- location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link ApplicationConfigurations Gateway Private Link Configuration[] One or more
private_link_configuration
blocks as defined below.- probes
Application
Gateway Probe[] One or more
probe
blocks as defined below.- redirect
Configurations ApplicationGateway Redirect Configuration[] One or more
redirect_configuration
blocks as defined below.- rewrite
Rule ApplicationSets Gateway Rewrite Rule Set[] One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- ssl
Certificates ApplicationGateway Ssl Certificate[] One or more
ssl_certificate
blocks as defined below.- ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- ssl
Profiles ApplicationGateway Ssl Profile[] One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- {[key: string]: string}
A mapping of tags to assign to the resource.
- trusted
Client ApplicationCertificates Gateway Trusted Client Certificate[] One or more
trusted_client_certificate
blocks as defined below.- trusted
Root ApplicationCertificates Gateway Trusted Root Certificate[] One or more
trusted_root_certificate
blocks as defined below.- url
Path ApplicationMaps Gateway Url Path Map[] One or more
url_path_map
blocks as defined below.- waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- zones string[]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- backend_
address_ Sequence[Applicationpools Gateway Backend Address Pool Args] One or more
backend_address_pool
blocks as defined below.- backend_
http_ Sequence[Applicationsettings Gateway Backend Http Setting Args] One or more
backend_http_settings
blocks as defined below.- frontend_
ip_ Sequence[Applicationconfigurations Gateway Frontend Ip Configuration Args] One or more
frontend_ip_configuration
blocks as defined below.- frontend_
ports Sequence[ApplicationGateway Frontend Port Args] One or more
frontend_port
blocks as defined below.- gateway_
ip_ Sequence[Applicationconfigurations Gateway Gateway Ip Configuration Args] One or more
gateway_ip_configuration
blocks as defined below.- http_
listeners Sequence[ApplicationGateway Http Listener Args] One or more
http_listener
blocks as defined below.- request_
routing_ Sequence[Applicationrules Gateway Request Routing Rule Args] One or more
request_routing_rule
blocks as defined below.- resource_
group_ strname The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku Args A
sku
block as defined below.- authentication_
certificates Sequence[ApplicationGateway Authentication Certificate Args] One or more
authentication_certificate
blocks as defined below.- autoscale_
configuration ApplicationGateway Autoscale Configuration Args A
autoscale_configuration
block as defined below.- custom_
error_ Sequence[Applicationconfigurations Gateway Custom Error Configuration Args] One or more
custom_error_configuration
blocks as defined below.- enable_
http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips_
enabled bool Is FIPS enabled on the Application Gateway?
- firewall_
policy_ strid The ID of the Web Application Firewall Policy.
- force_
firewall_ boolpolicy_ association Is the Firewall Policy associated with the Application Gateway?
- global_
Application
Gateway Global Args A
global
block as defined below.- identity
Application
Gateway Identity Args An
identity
block as defined below.- location str
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name str
The name of the Application Gateway. Changing this forces a new resource to be created.
- private_
link_ Sequence[Applicationconfigurations Gateway Private Link Configuration Args] One or more
private_link_configuration
blocks as defined below.- probes
Sequence[Application
Gateway Probe Args] One or more
probe
blocks as defined below.- redirect_
configurations Sequence[ApplicationGateway Redirect Configuration Args] One or more
redirect_configuration
blocks as defined below.- rewrite_
rule_ Sequence[Applicationsets Gateway Rewrite Rule Set Args] One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- ssl_
certificates Sequence[ApplicationGateway Ssl Certificate Args] One or more
ssl_certificate
blocks as defined below.- ssl_
policy ApplicationGateway Ssl Policy Args a
ssl_policy
block as defined below.- ssl_
profiles Sequence[ApplicationGateway Ssl Profile Args] One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Mapping[str, str]
A mapping of tags to assign to the resource.
- trusted_
client_ Sequence[Applicationcertificates Gateway Trusted Client Certificate Args] One or more
trusted_client_certificate
blocks as defined below.- trusted_
root_ Sequence[Applicationcertificates Gateway Trusted Root Certificate Args] One or more
trusted_root_certificate
blocks as defined below.- url_
path_ Sequence[Applicationmaps Gateway Url Path Map Args] One or more
url_path_map
blocks as defined below.- waf_
configuration ApplicationGateway Waf Configuration Args A
waf_configuration
block as defined below.- zones Sequence[str]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- backend
Address List<Property Map>Pools One or more
backend_address_pool
blocks as defined below.- backend
Http List<Property Map>Settings One or more
backend_http_settings
blocks as defined below.- frontend
Ip List<Property Map>Configurations One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports List<Property Map> One or more
frontend_port
blocks as defined below.- gateway
Ip List<Property Map>Configurations One or more
gateway_ip_configuration
blocks as defined below.- http
Listeners List<Property Map> One or more
http_listener
blocks as defined below.- request
Routing List<Property Map>Rules One or more
request_routing_rule
blocks as defined below.- resource
Group StringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku Property Map
A
sku
block as defined below.- authentication
Certificates List<Property Map> One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration Property Map A
autoscale_configuration
block as defined below.- custom
Error List<Property Map>Configurations One or more
custom_error_configuration
blocks as defined below.- enable
Http2 Boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled Boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- global Property Map
A
global
block as defined below.- identity Property Map
An
identity
block as defined below.- location String
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link List<Property Map>Configurations One or more
private_link_configuration
blocks as defined below.- probes List<Property Map>
One or more
probe
blocks as defined below.- redirect
Configurations List<Property Map> One or more
redirect_configuration
blocks as defined below.- rewrite
Rule List<Property Map>Sets One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- ssl
Certificates List<Property Map> One or more
ssl_certificate
blocks as defined below.- ssl
Policy Property Map a
ssl_policy
block as defined below.- ssl
Profiles List<Property Map> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Map<String>
A mapping of tags to assign to the resource.
- trusted
Client List<Property Map>Certificates One or more
trusted_client_certificate
blocks as defined below.- trusted
Root List<Property Map>Certificates One or more
trusted_root_certificate
blocks as defined below.- url
Path List<Property Map>Maps One or more
url_path_map
blocks as defined below.- waf
Configuration Property Map A
waf_configuration
block as defined below.- zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Outputs
All input properties are implicitly available as output properties. Additionally, the ApplicationGateway resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> A list of
private_endpoint_connection
blocks as defined below.
- Id string
The provider-assigned unique ID for this managed resource.
- Private
Endpoint []ApplicationConnections Gateway Private Endpoint Connection A list of
private_endpoint_connection
blocks as defined below.
- id String
The provider-assigned unique ID for this managed resource.
- private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> A list of
private_endpoint_connection
blocks as defined below.
- id string
The provider-assigned unique ID for this managed resource.
- private
Endpoint ApplicationConnections Gateway Private Endpoint Connection[] A list of
private_endpoint_connection
blocks as defined below.
- id str
The provider-assigned unique ID for this managed resource.
- private_
endpoint_ Sequence[Applicationconnections Gateway Private Endpoint Connection] A list of
private_endpoint_connection
blocks as defined below.
- id String
The provider-assigned unique ID for this managed resource.
- private
Endpoint List<Property Map>Connections A list of
private_endpoint_connection
blocks as defined below.
Look up Existing ApplicationGateway Resource
Get an existing ApplicationGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ApplicationGatewayState, opts?: CustomResourceOptions): ApplicationGateway
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_certificates: Optional[Sequence[ApplicationGatewayAuthenticationCertificateArgs]] = None,
autoscale_configuration: Optional[ApplicationGatewayAutoscaleConfigurationArgs] = None,
backend_address_pools: Optional[Sequence[ApplicationGatewayBackendAddressPoolArgs]] = None,
backend_http_settings: Optional[Sequence[ApplicationGatewayBackendHttpSettingArgs]] = None,
custom_error_configurations: Optional[Sequence[ApplicationGatewayCustomErrorConfigurationArgs]] = None,
enable_http2: Optional[bool] = None,
fips_enabled: Optional[bool] = None,
firewall_policy_id: Optional[str] = None,
force_firewall_policy_association: Optional[bool] = None,
frontend_ip_configurations: Optional[Sequence[ApplicationGatewayFrontendIpConfigurationArgs]] = None,
frontend_ports: Optional[Sequence[ApplicationGatewayFrontendPortArgs]] = None,
gateway_ip_configurations: Optional[Sequence[ApplicationGatewayGatewayIpConfigurationArgs]] = None,
global_: Optional[ApplicationGatewayGlobalArgs] = None,
http_listeners: Optional[Sequence[ApplicationGatewayHttpListenerArgs]] = None,
identity: Optional[ApplicationGatewayIdentityArgs] = None,
location: Optional[str] = None,
name: Optional[str] = None,
private_endpoint_connections: Optional[Sequence[ApplicationGatewayPrivateEndpointConnectionArgs]] = None,
private_link_configurations: Optional[Sequence[ApplicationGatewayPrivateLinkConfigurationArgs]] = None,
probes: Optional[Sequence[ApplicationGatewayProbeArgs]] = None,
redirect_configurations: Optional[Sequence[ApplicationGatewayRedirectConfigurationArgs]] = None,
request_routing_rules: Optional[Sequence[ApplicationGatewayRequestRoutingRuleArgs]] = None,
resource_group_name: Optional[str] = None,
rewrite_rule_sets: Optional[Sequence[ApplicationGatewayRewriteRuleSetArgs]] = None,
sku: Optional[ApplicationGatewaySkuArgs] = None,
ssl_certificates: Optional[Sequence[ApplicationGatewaySslCertificateArgs]] = None,
ssl_policy: Optional[ApplicationGatewaySslPolicyArgs] = None,
ssl_profiles: Optional[Sequence[ApplicationGatewaySslProfileArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
trusted_client_certificates: Optional[Sequence[ApplicationGatewayTrustedClientCertificateArgs]] = None,
trusted_root_certificates: Optional[Sequence[ApplicationGatewayTrustedRootCertificateArgs]] = None,
url_path_maps: Optional[Sequence[ApplicationGatewayUrlPathMapArgs]] = None,
waf_configuration: Optional[ApplicationGatewayWafConfigurationArgs] = None,
zones: Optional[Sequence[str]] = None) -> ApplicationGateway
func GetApplicationGateway(ctx *Context, name string, id IDInput, state *ApplicationGatewayState, opts ...ResourceOption) (*ApplicationGateway, error)
public static ApplicationGateway Get(string name, Input<string> id, ApplicationGatewayState? state, CustomResourceOptions? opts = null)
public static ApplicationGateway get(String name, Output<String> id, ApplicationGatewayState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Certificates List<ApplicationGateway Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- Autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- Backend
Address List<ApplicationPools Gateway Backend Address Pool> One or more
backend_address_pool
blocks as defined below.- Backend
Http List<ApplicationSettings Gateway Backend Http Setting> One or more
backend_http_settings
blocks as defined below.- Custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- Enable
Http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- Fips
Enabled bool Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association Is the Firewall Policy associated with the Application Gateway?
- Frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> One or more
frontend_ip_configuration
blocks as defined below.- Frontend
Ports List<ApplicationGateway Frontend Port> One or more
frontend_port
blocks as defined below.- Gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> One or more
gateway_ip_configuration
blocks as defined below.- Global
Application
Gateway Global A
global
block as defined below.- Http
Listeners List<ApplicationGateway Http Listener> One or more
http_listener
blocks as defined below.- Identity
Application
Gateway Identity An
identity
block as defined below.- Location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> A list of
private_endpoint_connection
blocks as defined below.- Private
Link List<ApplicationConfigurations Gateway Private Link Configuration> One or more
private_link_configuration
blocks as defined below.- Probes
List<Application
Gateway Probe> One or more
probe
blocks as defined below.- Redirect
Configurations List<ApplicationGateway Redirect Configuration> One or more
redirect_configuration
blocks as defined below.- Request
Routing List<ApplicationRules Gateway Request Routing Rule> One or more
request_routing_rule
blocks as defined below.- Resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- Sku
Application
Gateway Sku A
sku
block as defined below.- Ssl
Certificates List<ApplicationGateway Ssl Certificate> One or more
ssl_certificate
blocks as defined below.- Ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- Ssl
Profiles List<ApplicationGateway Ssl Profile> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> One or more
trusted_client_certificate
blocks as defined below.- Trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> One or more
trusted_root_certificate
blocks as defined below.- Url
Path List<ApplicationMaps Gateway Url Path Map> One or more
url_path_map
blocks as defined below.- Waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- Zones List<string>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- Authentication
Certificates []ApplicationGateway Authentication Certificate Args One or more
authentication_certificate
blocks as defined below.- Autoscale
Configuration ApplicationGateway Autoscale Configuration Args A
autoscale_configuration
block as defined below.- Backend
Address []ApplicationPools Gateway Backend Address Pool Args One or more
backend_address_pool
blocks as defined below.- Backend
Http []ApplicationSettings Gateway Backend Http Setting Args One or more
backend_http_settings
blocks as defined below.- Custom
Error []ApplicationConfigurations Gateway Custom Error Configuration Args One or more
custom_error_configuration
blocks as defined below.- Enable
Http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- Fips
Enabled bool Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association Is the Firewall Policy associated with the Application Gateway?
- Frontend
Ip []ApplicationConfigurations Gateway Frontend Ip Configuration Args One or more
frontend_ip_configuration
blocks as defined below.- Frontend
Ports []ApplicationGateway Frontend Port Args One or more
frontend_port
blocks as defined below.- Gateway
Ip []ApplicationConfigurations Gateway Gateway Ip Configuration Args One or more
gateway_ip_configuration
blocks as defined below.- Global
Application
Gateway Global Args A
global
block as defined below.- Http
Listeners []ApplicationGateway Http Listener Args One or more
http_listener
blocks as defined below.- Identity
Application
Gateway Identity Args An
identity
block as defined below.- Location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Endpoint []ApplicationConnections Gateway Private Endpoint Connection Args A list of
private_endpoint_connection
blocks as defined below.- Private
Link []ApplicationConfigurations Gateway Private Link Configuration Args One or more
private_link_configuration
blocks as defined below.- Probes
[]Application
Gateway Probe Args One or more
probe
blocks as defined below.- Redirect
Configurations []ApplicationGateway Redirect Configuration Args One or more
redirect_configuration
blocks as defined below.- Request
Routing []ApplicationRules Gateway Request Routing Rule Args One or more
request_routing_rule
blocks as defined below.- Resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Rewrite
Rule []ApplicationSets Gateway Rewrite Rule Set Args One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- Sku
Application
Gateway Sku Args A
sku
block as defined below.- Ssl
Certificates []ApplicationGateway Ssl Certificate Args One or more
ssl_certificate
blocks as defined below.- Ssl
Policy ApplicationGateway Ssl Policy Args a
ssl_policy
block as defined below.- Ssl
Profiles []ApplicationGateway Ssl Profile Args One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- map[string]string
A mapping of tags to assign to the resource.
- Trusted
Client []ApplicationCertificates Gateway Trusted Client Certificate Args One or more
trusted_client_certificate
blocks as defined below.- Trusted
Root []ApplicationCertificates Gateway Trusted Root Certificate Args One or more
trusted_root_certificate
blocks as defined below.- Url
Path []ApplicationMaps Gateway Url Path Map Args One or more
url_path_map
blocks as defined below.- Waf
Configuration ApplicationGateway Waf Configuration Args A
waf_configuration
block as defined below.- Zones []string
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- authentication
Certificates List<ApplicationGateway Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- backend
Address List<ApplicationPools Gateway Backend Address Pool> One or more
backend_address_pool
blocks as defined below.- backend
Http List<ApplicationSettings Gateway Backend Http Setting> One or more
backend_http_settings
blocks as defined below.- custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- enable
Http2 Boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled Boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports List<ApplicationGateway Frontend Port> One or more
frontend_port
blocks as defined below.- gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> One or more
gateway_ip_configuration
blocks as defined below.- global
Application
Gateway Global A
global
block as defined below.- http
Listeners List<ApplicationGateway Http Listener> One or more
http_listener
blocks as defined below.- identity
Application
Gateway Identity An
identity
block as defined below.- location String
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> A list of
private_endpoint_connection
blocks as defined below.- private
Link List<ApplicationConfigurations Gateway Private Link Configuration> One or more
private_link_configuration
blocks as defined below.- probes
List<Application
Gateway Probe> One or more
probe
blocks as defined below.- redirect
Configurations List<ApplicationGateway Redirect Configuration> One or more
redirect_configuration
blocks as defined below.- request
Routing List<ApplicationRules Gateway Request Routing Rule> One or more
request_routing_rule
blocks as defined below.- resource
Group StringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- sku
Application
Gateway Sku A
sku
block as defined below.- ssl
Certificates List<ApplicationGateway Ssl Certificate> One or more
ssl_certificate
blocks as defined below.- ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- ssl
Profiles List<ApplicationGateway Ssl Profile> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Map<String,String>
A mapping of tags to assign to the resource.
- trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> One or more
trusted_client_certificate
blocks as defined below.- trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> One or more
trusted_root_certificate
blocks as defined below.- url
Path List<ApplicationMaps Gateway Url Path Map> One or more
url_path_map
blocks as defined below.- waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- authentication
Certificates ApplicationGateway Authentication Certificate[] One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration ApplicationGateway Autoscale Configuration A
autoscale_configuration
block as defined below.- backend
Address ApplicationPools Gateway Backend Address Pool[] One or more
backend_address_pool
blocks as defined below.- backend
Http ApplicationSettings Gateway Backend Http Setting[] One or more
backend_http_settings
blocks as defined below.- custom
Error ApplicationConfigurations Gateway Custom Error Configuration[] One or more
custom_error_configuration
blocks as defined below.- enable
Http2 boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy stringId The ID of the Web Application Firewall Policy.
- force
Firewall booleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip ApplicationConfigurations Gateway Frontend Ip Configuration[] One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports ApplicationGateway Frontend Port[] One or more
frontend_port
blocks as defined below.- gateway
Ip ApplicationConfigurations Gateway Gateway Ip Configuration[] One or more
gateway_ip_configuration
blocks as defined below.- global
Application
Gateway Global A
global
block as defined below.- http
Listeners ApplicationGateway Http Listener[] One or more
http_listener
blocks as defined below.- identity
Application
Gateway Identity An
identity
block as defined below.- location string
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name string
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint ApplicationConnections Gateway Private Endpoint Connection[] A list of
private_endpoint_connection
blocks as defined below.- private
Link ApplicationConfigurations Gateway Private Link Configuration[] One or more
private_link_configuration
blocks as defined below.- probes
Application
Gateway Probe[] One or more
probe
blocks as defined below.- redirect
Configurations ApplicationGateway Redirect Configuration[] One or more
redirect_configuration
blocks as defined below.- request
Routing ApplicationRules Gateway Request Routing Rule[] One or more
request_routing_rule
blocks as defined below.- resource
Group stringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule ApplicationSets Gateway Rewrite Rule Set[] One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- sku
Application
Gateway Sku A
sku
block as defined below.- ssl
Certificates ApplicationGateway Ssl Certificate[] One or more
ssl_certificate
blocks as defined below.- ssl
Policy ApplicationGateway Ssl Policy a
ssl_policy
block as defined below.- ssl
Profiles ApplicationGateway Ssl Profile[] One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- {[key: string]: string}
A mapping of tags to assign to the resource.
- trusted
Client ApplicationCertificates Gateway Trusted Client Certificate[] One or more
trusted_client_certificate
blocks as defined below.- trusted
Root ApplicationCertificates Gateway Trusted Root Certificate[] One or more
trusted_root_certificate
blocks as defined below.- url
Path ApplicationMaps Gateway Url Path Map[] One or more
url_path_map
blocks as defined below.- waf
Configuration ApplicationGateway Waf Configuration A
waf_configuration
block as defined below.- zones string[]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- authentication_
certificates Sequence[ApplicationGateway Authentication Certificate Args] One or more
authentication_certificate
blocks as defined below.- autoscale_
configuration ApplicationGateway Autoscale Configuration Args A
autoscale_configuration
block as defined below.- backend_
address_ Sequence[Applicationpools Gateway Backend Address Pool Args] One or more
backend_address_pool
blocks as defined below.- backend_
http_ Sequence[Applicationsettings Gateway Backend Http Setting Args] One or more
backend_http_settings
blocks as defined below.- custom_
error_ Sequence[Applicationconfigurations Gateway Custom Error Configuration Args] One or more
custom_error_configuration
blocks as defined below.- enable_
http2 bool Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips_
enabled bool Is FIPS enabled on the Application Gateway?
- firewall_
policy_ strid The ID of the Web Application Firewall Policy.
- force_
firewall_ boolpolicy_ association Is the Firewall Policy associated with the Application Gateway?
- frontend_
ip_ Sequence[Applicationconfigurations Gateway Frontend Ip Configuration Args] One or more
frontend_ip_configuration
blocks as defined below.- frontend_
ports Sequence[ApplicationGateway Frontend Port Args] One or more
frontend_port
blocks as defined below.- gateway_
ip_ Sequence[Applicationconfigurations Gateway Gateway Ip Configuration Args] One or more
gateway_ip_configuration
blocks as defined below.- global_
Application
Gateway Global Args A
global
block as defined below.- http_
listeners Sequence[ApplicationGateway Http Listener Args] One or more
http_listener
blocks as defined below.- identity
Application
Gateway Identity Args An
identity
block as defined below.- location str
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name str
The name of the Application Gateway. Changing this forces a new resource to be created.
- private_
endpoint_ Sequence[Applicationconnections Gateway Private Endpoint Connection Args] A list of
private_endpoint_connection
blocks as defined below.- private_
link_ Sequence[Applicationconfigurations Gateway Private Link Configuration Args] One or more
private_link_configuration
blocks as defined below.- probes
Sequence[Application
Gateway Probe Args] One or more
probe
blocks as defined below.- redirect_
configurations Sequence[ApplicationGateway Redirect Configuration Args] One or more
redirect_configuration
blocks as defined below.- request_
routing_ Sequence[Applicationrules Gateway Request Routing Rule Args] One or more
request_routing_rule
blocks as defined below.- resource_
group_ strname The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite_
rule_ Sequence[Applicationsets Gateway Rewrite Rule Set Args] One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- sku
Application
Gateway Sku Args A
sku
block as defined below.- ssl_
certificates Sequence[ApplicationGateway Ssl Certificate Args] One or more
ssl_certificate
blocks as defined below.- ssl_
policy ApplicationGateway Ssl Policy Args a
ssl_policy
block as defined below.- ssl_
profiles Sequence[ApplicationGateway Ssl Profile Args] One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Mapping[str, str]
A mapping of tags to assign to the resource.
- trusted_
client_ Sequence[Applicationcertificates Gateway Trusted Client Certificate Args] One or more
trusted_client_certificate
blocks as defined below.- trusted_
root_ Sequence[Applicationcertificates Gateway Trusted Root Certificate Args] One or more
trusted_root_certificate
blocks as defined below.- url_
path_ Sequence[Applicationmaps Gateway Url Path Map Args] One or more
url_path_map
blocks as defined below.- waf_
configuration ApplicationGateway Waf Configuration Args A
waf_configuration
block as defined below.- zones Sequence[str]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
- authentication
Certificates List<Property Map> One or more
authentication_certificate
blocks as defined below.- autoscale
Configuration Property Map A
autoscale_configuration
block as defined below.- backend
Address List<Property Map>Pools One or more
backend_address_pool
blocks as defined below.- backend
Http List<Property Map>Settings One or more
backend_http_settings
blocks as defined below.- custom
Error List<Property Map>Configurations One or more
custom_error_configuration
blocks as defined below.- enable
Http2 Boolean Is HTTP2 enabled on the application gateway resource? Defaults to
false
.- fips
Enabled Boolean Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip List<Property Map>Configurations One or more
frontend_ip_configuration
blocks as defined below.- frontend
Ports List<Property Map> One or more
frontend_port
blocks as defined below.- gateway
Ip List<Property Map>Configurations One or more
gateway_ip_configuration
blocks as defined below.- global Property Map
A
global
block as defined below.- http
Listeners List<Property Map> One or more
http_listener
blocks as defined below.- identity Property Map
An
identity
block as defined below.- location String
The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint List<Property Map>Connections A list of
private_endpoint_connection
blocks as defined below.- private
Link List<Property Map>Configurations One or more
private_link_configuration
blocks as defined below.- probes List<Property Map>
One or more
probe
blocks as defined below.- redirect
Configurations List<Property Map> One or more
redirect_configuration
blocks as defined below.- request
Routing List<Property Map>Rules One or more
request_routing_rule
blocks as defined below.- resource
Group StringName The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule List<Property Map>Sets One or more
rewrite_rule_set
blocks as defined below. Only valid for v2 SKUs.- sku Property Map
A
sku
block as defined below.- ssl
Certificates List<Property Map> One or more
ssl_certificate
blocks as defined below.- ssl
Policy Property Map a
ssl_policy
block as defined below.- ssl
Profiles List<Property Map> One or more
ssl_profile
blocks as defined below.Please Note: Availability Zones are only supported in several regions at this time. They are also only supported for v2 SKUs
- Map<String>
A mapping of tags to assign to the resource.
- trusted
Client List<Property Map>Certificates One or more
trusted_client_certificate
blocks as defined below.- trusted
Root List<Property Map>Certificates One or more
trusted_root_certificate
blocks as defined below.- url
Path List<Property Map>Maps One or more
url_path_map
blocks as defined below.- waf
Configuration Property Map A
waf_configuration
block as defined below.- zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Supporting Types
ApplicationGatewayAuthenticationCertificate, ApplicationGatewayAuthenticationCertificateArgs
ApplicationGatewayAutoscaleConfiguration, ApplicationGatewayAutoscaleConfigurationArgs
- Min
Capacity int Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- Max
Capacity int Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
- Min
Capacity int Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- Max
Capacity int Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
- min
Capacity Integer Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- max
Capacity Integer Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
- min
Capacity number Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- max
Capacity number Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
- min_
capacity int Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- max_
capacity int Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
- min
Capacity Number Minimum capacity for autoscaling. Accepted values are in the range
0
to100
.- max
Capacity Number Maximum capacity for autoscaling. Accepted values are in the range
2
to125
.
ApplicationGatewayBackendAddressPool, ApplicationGatewayBackendAddressPoolArgs
- Name string
The name of the Backend Address Pool.
- Fqdns List<string>
A list of FQDN's which should be part of the Backend Address Pool.
- Id string
The ID of the Rewrite Rule Set
- Ip
Addresses List<string> A list of IP Addresses which should be part of the Backend Address Pool.
- Name string
The name of the Backend Address Pool.
- Fqdns []string
A list of FQDN's which should be part of the Backend Address Pool.
- Id string
The ID of the Rewrite Rule Set
- Ip
Addresses []string A list of IP Addresses which should be part of the Backend Address Pool.
- name String
The name of the Backend Address Pool.
- fqdns List<String>
A list of FQDN's which should be part of the Backend Address Pool.
- id String
The ID of the Rewrite Rule Set
- ip
Addresses List<String> A list of IP Addresses which should be part of the Backend Address Pool.
- name string
The name of the Backend Address Pool.
- fqdns string[]
A list of FQDN's which should be part of the Backend Address Pool.
- id string
The ID of the Rewrite Rule Set
- ip
Addresses string[] A list of IP Addresses which should be part of the Backend Address Pool.
- name str
The name of the Backend Address Pool.
- fqdns Sequence[str]
A list of FQDN's which should be part of the Backend Address Pool.
- id str
The ID of the Rewrite Rule Set
- ip_
addresses Sequence[str] A list of IP Addresses which should be part of the Backend Address Pool.
- name String
The name of the Backend Address Pool.
- fqdns List<String>
A list of FQDN's which should be part of the Backend Address Pool.
- id String
The ID of the Rewrite Rule Set
- ip
Addresses List<String> A list of IP Addresses which should be part of the Backend Address Pool.
ApplicationGatewayBackendHttpSetting, ApplicationGatewayBackendHttpSettingArgs
- string
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- Name string
The name of the Backend HTTP Settings Collection.
- Port int
The port which should be used for this Backend HTTP Settings Collection.
- Protocol string
The Protocol which should be used. Possible values are
Http
andHttps
.- string
The name of the affinity cookie.
- Authentication
Certificates List<ApplicationGateway Backend Http Setting Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- Connection
Draining ApplicationGateway Backend Http Setting Connection Draining A
connection_draining
block as defined below.- Host
Name string Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- Id string
The ID of the Rewrite Rule Set
- Path string
The Path which should be used as a prefix for all HTTP requests.
- Pick
Host boolName From Backend Address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- Probe
Id string The ID of the associated Probe.
- Probe
Name string The name of an associated HTTP Probe.
- Request
Timeout int The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- Trusted
Root List<string>Certificate Names A list of
trusted_root_certificate
names.
- string
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- Name string
The name of the Backend HTTP Settings Collection.
- Port int
The port which should be used for this Backend HTTP Settings Collection.
- Protocol string
The Protocol which should be used. Possible values are
Http
andHttps
.- string
The name of the affinity cookie.
- Authentication
Certificates []ApplicationGateway Backend Http Setting Authentication Certificate One or more
authentication_certificate
blocks as defined below.- Connection
Draining ApplicationGateway Backend Http Setting Connection Draining A
connection_draining
block as defined below.- Host
Name string Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- Id string
The ID of the Rewrite Rule Set
- Path string
The Path which should be used as a prefix for all HTTP requests.
- Pick
Host boolName From Backend Address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- Probe
Id string The ID of the associated Probe.
- Probe
Name string The name of an associated HTTP Probe.
- Request
Timeout int The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- Trusted
Root []stringCertificate Names A list of
trusted_root_certificate
names.
- String
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- name String
The name of the Backend HTTP Settings Collection.
- port Integer
The port which should be used for this Backend HTTP Settings Collection.
- protocol String
The Protocol which should be used. Possible values are
Http
andHttps
.- String
The name of the affinity cookie.
- authentication
Certificates List<ApplicationGateway Backend Http Setting Authentication Certificate> One or more
authentication_certificate
blocks as defined below.- connection
Draining ApplicationGateway Backend Http Setting Connection Draining A
connection_draining
block as defined below.- host
Name String Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- id String
The ID of the Rewrite Rule Set
- path String
The Path which should be used as a prefix for all HTTP requests.
- pick
Host BooleanName From Backend Address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- probe
Id String The ID of the associated Probe.
- probe
Name String The name of an associated HTTP Probe.
- request
Timeout Integer The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- trusted
Root List<String>Certificate Names A list of
trusted_root_certificate
names.
- string
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- name string
The name of the Backend HTTP Settings Collection.
- port number
The port which should be used for this Backend HTTP Settings Collection.
- protocol string
The Protocol which should be used. Possible values are
Http
andHttps
.- string
The name of the affinity cookie.
- authentication
Certificates ApplicationGateway Backend Http Setting Authentication Certificate[] One or more
authentication_certificate
blocks as defined below.- connection
Draining ApplicationGateway Backend Http Setting Connection Draining A
connection_draining
block as defined below.- host
Name string Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- id string
The ID of the Rewrite Rule Set
- path string
The Path which should be used as a prefix for all HTTP requests.
- pick
Host booleanName From Backend Address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- probe
Id string The ID of the associated Probe.
- probe
Name string The name of an associated HTTP Probe.
- request
Timeout number The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- trusted
Root string[]Certificate Names A list of
trusted_root_certificate
names.
- str
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- name str
The name of the Backend HTTP Settings Collection.
- port int
The port which should be used for this Backend HTTP Settings Collection.
- protocol str
The Protocol which should be used. Possible values are
Http
andHttps
.- str
The name of the affinity cookie.
- authentication_
certificates Sequence[ApplicationGateway Backend Http Setting Authentication Certificate] One or more
authentication_certificate
blocks as defined below.- connection_
draining ApplicationGateway Backend Http Setting Connection Draining A
connection_draining
block as defined below.- host_
name str Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- id str
The ID of the Rewrite Rule Set
- path str
The Path which should be used as a prefix for all HTTP requests.
- pick_
host_ boolname_ from_ backend_ address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- probe_
id str The ID of the associated Probe.
- probe_
name str The name of an associated HTTP Probe.
- request_
timeout int The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- trusted_
root_ Sequence[str]certificate_ names A list of
trusted_root_certificate
names.
- String
Is Cookie-Based Affinity enabled? Possible values are
Enabled
andDisabled
.- name String
The name of the Backend HTTP Settings Collection.
- port Number
The port which should be used for this Backend HTTP Settings Collection.
- protocol String
The Protocol which should be used. Possible values are
Http
andHttps
.- String
The name of the affinity cookie.
- authentication
Certificates List<Property Map> One or more
authentication_certificate
blocks as defined below.- connection
Draining Property Map A
connection_draining
block as defined below.- host
Name String Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_address
is set totrue
.- id String
The ID of the Rewrite Rule Set
- path String
The Path which should be used as a prefix for all HTTP requests.
- pick
Host BooleanName From Backend Address Whether host header should be picked from the host name of the backend server. Defaults to
false
.- probe
Id String The ID of the associated Probe.
- probe
Name String The name of an associated HTTP Probe.
- request
Timeout Number The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30
.- trusted
Root List<String>Certificate Names A list of
trusted_root_certificate
names.
ApplicationGatewayBackendHttpSettingAuthenticationCertificate, ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs
ApplicationGatewayBackendHttpSettingConnectionDraining, ApplicationGatewayBackendHttpSettingConnectionDrainingArgs
- Drain
Timeout intSec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- Enabled bool
If connection draining is enabled or not.
- Drain
Timeout intSec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- Enabled bool
If connection draining is enabled or not.
- drain
Timeout IntegerSec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- enabled Boolean
If connection draining is enabled or not.
- drain
Timeout numberSec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- enabled boolean
If connection draining is enabled or not.
- drain_
timeout_ intsec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- enabled bool
If connection draining is enabled or not.
- drain
Timeout NumberSec The number of seconds connection draining is active. Acceptable values are from
1
second to3600
seconds.- enabled Boolean
If connection draining is enabled or not.
ApplicationGatewayCustomErrorConfiguration, ApplicationGatewayCustomErrorConfigurationArgs
- Custom
Error stringPage Url Error page URL of the application gateway customer error.
- Status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- Id string
The ID of the Rewrite Rule Set
- Custom
Error stringPage Url Error page URL of the application gateway customer error.
- Status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- Id string
The ID of the Rewrite Rule Set
- custom
Error StringPage Url Error page URL of the application gateway customer error.
- status
Code String Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id String
The ID of the Rewrite Rule Set
- custom
Error stringPage Url Error page URL of the application gateway customer error.
- status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id string
The ID of the Rewrite Rule Set
- custom_
error_ strpage_ url Error page URL of the application gateway customer error.
- status_
code str Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id str
The ID of the Rewrite Rule Set
- custom
Error StringPage Url Error page URL of the application gateway customer error.
- status
Code String Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id String
The ID of the Rewrite Rule Set
ApplicationGatewayFrontendIpConfiguration, ApplicationGatewayFrontendIpConfigurationArgs
- Name string
The name of the Frontend IP Configuration.
- Id string
The ID of the Rewrite Rule Set
- Private
Ip stringAddress The Private IP Address to use for the Application Gateway.
- Private
Ip stringAddress Allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- Private
Link stringConfiguration Id The ID of the associated private link configuration.
- Private
Link stringConfiguration Name The name of the private link configuration to use for this frontend IP configuration.
- Public
Ip stringAddress Id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- Subnet
Id string The ID of the Subnet.
- Name string
The name of the Frontend IP Configuration.
- Id string
The ID of the Rewrite Rule Set
- Private
Ip stringAddress The Private IP Address to use for the Application Gateway.
- Private
Ip stringAddress Allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- Private
Link stringConfiguration Id The ID of the associated private link configuration.
- Private
Link stringConfiguration Name The name of the private link configuration to use for this frontend IP configuration.
- Public
Ip stringAddress Id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- Subnet
Id string The ID of the Subnet.
- name String
The name of the Frontend IP Configuration.
- id String
The ID of the Rewrite Rule Set
- private
Ip StringAddress The Private IP Address to use for the Application Gateway.
- private
Ip StringAddress Allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- private
Link StringConfiguration Id The ID of the associated private link configuration.
- private
Link StringConfiguration Name The name of the private link configuration to use for this frontend IP configuration.
- public
Ip StringAddress Id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- subnet
Id String The ID of the Subnet.
- name string
The name of the Frontend IP Configuration.
- id string
The ID of the Rewrite Rule Set
- private
Ip stringAddress The Private IP Address to use for the Application Gateway.
- private
Ip stringAddress Allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- private
Link stringConfiguration Id The ID of the associated private link configuration.
- private
Link stringConfiguration Name The name of the private link configuration to use for this frontend IP configuration.
- public
Ip stringAddress Id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- subnet
Id string The ID of the Subnet.
- name str
The name of the Frontend IP Configuration.
- id str
The ID of the Rewrite Rule Set
- private_
ip_ straddress The Private IP Address to use for the Application Gateway.
- private_
ip_ straddress_ allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- private_
link_ strconfiguration_ id The ID of the associated private link configuration.
- private_
link_ strconfiguration_ name The name of the private link configuration to use for this frontend IP configuration.
- public_
ip_ straddress_ id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- subnet_
id str The ID of the Subnet.
- name String
The name of the Frontend IP Configuration.
- id String
The ID of the Rewrite Rule Set
- private
Ip StringAddress The Private IP Address to use for the Application Gateway.
- private
Ip StringAddress Allocation The Allocation Method for the Private IP Address. Possible values are
Dynamic
andStatic
.- private
Link StringConfiguration Id The ID of the associated private link configuration.
- private
Link StringConfiguration Name The name of the private link configuration to use for this frontend IP configuration.
- public
Ip StringAddress Id The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
sku
of this Application Gateway. Please refer to the Azure documentation for public IP addresses for details.- subnet
Id String The ID of the Subnet.
ApplicationGatewayFrontendPort, ApplicationGatewayFrontendPortArgs
ApplicationGatewayGatewayIpConfiguration, ApplicationGatewayGatewayIpConfigurationArgs
ApplicationGatewayGlobal, ApplicationGatewayGlobalArgs
- Request
Buffering boolEnabled Whether Application Gateway's Request buffer is enabled.
- Response
Buffering boolEnabled Whether Application Gateway's Response buffer is enabled.
- Request
Buffering boolEnabled Whether Application Gateway's Request buffer is enabled.
- Response
Buffering boolEnabled Whether Application Gateway's Response buffer is enabled.
- request
Buffering BooleanEnabled Whether Application Gateway's Request buffer is enabled.
- response
Buffering BooleanEnabled Whether Application Gateway's Response buffer is enabled.
- request
Buffering booleanEnabled Whether Application Gateway's Request buffer is enabled.
- response
Buffering booleanEnabled Whether Application Gateway's Response buffer is enabled.
- request_
buffering_ boolenabled Whether Application Gateway's Request buffer is enabled.
- response_
buffering_ boolenabled Whether Application Gateway's Response buffer is enabled.
- request
Buffering BooleanEnabled Whether Application Gateway's Request buffer is enabled.
- response
Buffering BooleanEnabled Whether Application Gateway's Response buffer is enabled.
ApplicationGatewayHttpListener, ApplicationGatewayHttpListenerArgs
- Frontend
Ip stringConfiguration Name The Name of the Frontend IP Configuration used for this HTTP Listener.
- Frontend
Port stringName The Name of the Frontend Port use for this HTTP Listener.
- Name string
The Name of the HTTP Listener.
- Protocol string
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- Custom
Error List<ApplicationConfigurations Gateway Http Listener Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- Firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Id The ID of the associated Frontend Configuration.
- Frontend
Port stringId The ID of the associated Frontend Port.
- Host
Name string The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- Host
Names List<string> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- Id string
The ID of the Rewrite Rule Set
- Require
Sni bool Should Server Name Indication be Required? Defaults to
false
.- Ssl
Certificate stringId The ID of the associated SSL Certificate.
- Ssl
Certificate stringName The name of the associated SSL Certificate which should be used for this HTTP Listener.
- Ssl
Profile stringId The ID of the associated SSL Profile.
- Ssl
Profile stringName The name of the associated SSL Profile which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Name The Name of the Frontend IP Configuration used for this HTTP Listener.
- Frontend
Port stringName The Name of the Frontend Port use for this HTTP Listener.
- Name string
The Name of the HTTP Listener.
- Protocol string
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- Custom
Error []ApplicationConfigurations Gateway Http Listener Custom Error Configuration One or more
custom_error_configuration
blocks as defined below.- Firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Id The ID of the associated Frontend Configuration.
- Frontend
Port stringId The ID of the associated Frontend Port.
- Host
Name string The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- Host
Names []string A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- Id string
The ID of the Rewrite Rule Set
- Require
Sni bool Should Server Name Indication be Required? Defaults to
false
.- Ssl
Certificate stringId The ID of the associated SSL Certificate.
- Ssl
Certificate stringName The name of the associated SSL Certificate which should be used for this HTTP Listener.
- Ssl
Profile stringId The ID of the associated SSL Profile.
- Ssl
Profile stringName The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Name The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port StringName The Name of the Frontend Port use for this HTTP Listener.
- name String
The Name of the HTTP Listener.
- protocol String
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- custom
Error List<ApplicationConfigurations Gateway Http Listener Custom Error Configuration> One or more
custom_error_configuration
blocks as defined below.- firewall
Policy StringId The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Id The ID of the associated Frontend Configuration.
- frontend
Port StringId The ID of the associated Frontend Port.
- host
Name String The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names List<String> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- id String
The ID of the Rewrite Rule Set
- require
Sni Boolean Should Server Name Indication be Required? Defaults to
false
.- ssl
Certificate StringId The ID of the associated SSL Certificate.
- ssl
Certificate StringName The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile StringId The ID of the associated SSL Profile.
- ssl
Profile StringName The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip stringConfiguration Name The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port stringName The Name of the Frontend Port use for this HTTP Listener.
- name string
The Name of the HTTP Listener.
- protocol string
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- custom
Error ApplicationConfigurations Gateway Http Listener Custom Error Configuration[] One or more
custom_error_configuration
blocks as defined below.- firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip stringConfiguration Id The ID of the associated Frontend Configuration.
- frontend
Port stringId The ID of the associated Frontend Port.
- host
Name string The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names string[] A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- id string
The ID of the Rewrite Rule Set
- require
Sni boolean Should Server Name Indication be Required? Defaults to
false
.- ssl
Certificate stringId The ID of the associated SSL Certificate.
- ssl
Certificate stringName The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile stringId The ID of the associated SSL Profile.
- ssl
Profile stringName The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend_
ip_ strconfiguration_ name The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend_
port_ strname The Name of the Frontend Port use for this HTTP Listener.
- name str
The Name of the HTTP Listener.
- protocol str
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- custom_
error_ Sequence[Applicationconfigurations Gateway Http Listener Custom Error Configuration] One or more
custom_error_configuration
blocks as defined below.- firewall_
policy_ strid The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend_
ip_ strconfiguration_ id The ID of the associated Frontend Configuration.
- frontend_
port_ strid The ID of the associated Frontend Port.
- host_
name str The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host_
names Sequence[str] A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- id str
The ID of the Rewrite Rule Set
- require_
sni bool Should Server Name Indication be Required? Defaults to
false
.- ssl_
certificate_ strid The ID of the associated SSL Certificate.
- ssl_
certificate_ strname The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl_
profile_ strid The ID of the associated SSL Profile.
- ssl_
profile_ strname The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Name The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port StringName The Name of the Frontend Port use for this HTTP Listener.
- name String
The Name of the HTTP Listener.
- protocol String
The Protocol to use for this HTTP Listener. Possible values are
Http
andHttps
.- custom
Error List<Property Map>Configurations One or more
custom_error_configuration
blocks as defined below.- firewall
Policy StringId The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Id The ID of the associated Frontend Configuration.
- frontend
Port StringId The ID of the associated Frontend Port.
- host
Name String The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names List<String> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_names
andhost_name
are mutually exclusive and cannot both be set.- id String
The ID of the Rewrite Rule Set
- require
Sni Boolean Should Server Name Indication be Required? Defaults to
false
.- ssl
Certificate StringId The ID of the associated SSL Certificate.
- ssl
Certificate StringName The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile StringId The ID of the associated SSL Profile.
- ssl
Profile StringName The name of the associated SSL Profile which should be used for this HTTP Listener.
ApplicationGatewayHttpListenerCustomErrorConfiguration, ApplicationGatewayHttpListenerCustomErrorConfigurationArgs
- Custom
Error stringPage Url Error page URL of the application gateway customer error.
- Status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- Id string
The ID of the Rewrite Rule Set
- Custom
Error stringPage Url Error page URL of the application gateway customer error.
- Status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- Id string
The ID of the Rewrite Rule Set
- custom
Error StringPage Url Error page URL of the application gateway customer error.
- status
Code String Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id String
The ID of the Rewrite Rule Set
- custom
Error stringPage Url Error page URL of the application gateway customer error.
- status
Code string Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id string
The ID of the Rewrite Rule Set
- custom_
error_ strpage_ url Error page URL of the application gateway customer error.
- status_
code str Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id str
The ID of the Rewrite Rule Set
- custom
Error StringPage Url Error page URL of the application gateway customer error.
- status
Code String Status code of the application gateway customer error. Possible values are
HttpStatus403
andHttpStatus502
- id String
The ID of the Rewrite Rule Set
ApplicationGatewayIdentity, ApplicationGatewayIdentityArgs
- Identity
Ids List<string> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- Type string
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
- Identity
Ids []string Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- Type string
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type String
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
- identity
Ids string[] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type string
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
- identity_
ids Sequence[str] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type str
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type String
Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned
.
ApplicationGatewayPrivateEndpointConnection, ApplicationGatewayPrivateEndpointConnectionArgs
ApplicationGatewayPrivateLinkConfiguration, ApplicationGatewayPrivateLinkConfigurationArgs
- Ip
Configurations List<ApplicationGateway Private Link Configuration Ip Configuration> One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- Name string
The name of the private link configuration.
- Id string
The ID of the Rewrite Rule Set
- Ip
Configurations []ApplicationGateway Private Link Configuration Ip Configuration One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- Name string
The name of the private link configuration.
- Id string
The ID of the Rewrite Rule Set
- ip
Configurations List<ApplicationGateway Private Link Configuration Ip Configuration> One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- name String
The name of the private link configuration.
- id String
The ID of the Rewrite Rule Set
- ip
Configurations ApplicationGateway Private Link Configuration Ip Configuration[] One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- name string
The name of the private link configuration.
- id string
The ID of the Rewrite Rule Set
- ip_
configurations Sequence[ApplicationGateway Private Link Configuration Ip Configuration] One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- name str
The name of the private link configuration.
- id str
The ID of the Rewrite Rule Set
- ip
Configurations List<Property Map> One or more
ip_configuration
blocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLink
feature must be registered on the subscription before enabling private linkimport * as pulumi from "@pulumi/pulumi";
import pulumi
using System.Collections.Generic; using System.Linq; using Pulumi;
return await Deployment.RunAsync(() => { });
package main import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { } }
{}
- name String
The name of the private link configuration.
- id String
The ID of the Rewrite Rule Set
ApplicationGatewayPrivateLinkConfigurationIpConfiguration, ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs
- Name string
The name of the IP configuration.
- Primary bool
Is this the Primary IP Configuration?
- Private
Ip stringAddress Allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- Subnet
Id string The ID of the subnet the private link configuration should connect to.
- Private
Ip stringAddress The Static IP Address which should be used.
- Name string
The name of the IP configuration.
- Primary bool
Is this the Primary IP Configuration?
- Private
Ip stringAddress Allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- Subnet
Id string The ID of the subnet the private link configuration should connect to.
- Private
Ip stringAddress The Static IP Address which should be used.
- name String
The name of the IP configuration.
- primary Boolean
Is this the Primary IP Configuration?
- private
Ip StringAddress Allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- subnet
Id String The ID of the subnet the private link configuration should connect to.
- private
Ip StringAddress The Static IP Address which should be used.
- name string
The name of the IP configuration.
- primary boolean
Is this the Primary IP Configuration?
- private
Ip stringAddress Allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- subnet
Id string The ID of the subnet the private link configuration should connect to.
- private
Ip stringAddress The Static IP Address which should be used.
- name str
The name of the IP configuration.
- primary bool
Is this the Primary IP Configuration?
- private_
ip_ straddress_ allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- subnet_
id str The ID of the subnet the private link configuration should connect to.
- private_
ip_ straddress The Static IP Address which should be used.
- name String
The name of the IP configuration.
- primary Boolean
Is this the Primary IP Configuration?
- private
Ip StringAddress Allocation The allocation method used for the Private IP Address. Possible values are
Dynamic
andStatic
.- subnet
Id String The ID of the subnet the private link configuration should connect to.
- private
Ip StringAddress The Static IP Address which should be used.
ApplicationGatewayProbe, ApplicationGatewayProbeArgs
- Interval int
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- Name string
The Name of the Probe.
- Path string
The Path used for this Probe.
- Protocol string
The Protocol used for this Probe. Possible values are
Http
andHttps
.- Timeout int
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- Unhealthy
Threshold int The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- Host string
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- Id string
The ID of the Rewrite Rule Set
- Match
Application
Gateway Probe Match A
match
block as defined above.- Minimum
Servers int The minimum number of servers that are always marked as healthy. Defaults to
0
.- Pick
Host boolName From Backend Http Settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- Port int
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- Interval int
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- Name string
The Name of the Probe.
- Path string
The Path used for this Probe.
- Protocol string
The Protocol used for this Probe. Possible values are
Http
andHttps
.- Timeout int
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- Unhealthy
Threshold int The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- Host string
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- Id string
The ID of the Rewrite Rule Set
- Match
Application
Gateway Probe Match A
match
block as defined above.- Minimum
Servers int The minimum number of servers that are always marked as healthy. Defaults to
0
.- Pick
Host boolName From Backend Http Settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- Port int
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval Integer
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name String
The Name of the Probe.
- path String
The Path used for this Probe.
- protocol String
The Protocol used for this Probe. Possible values are
Http
andHttps
.- timeout Integer
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold Integer The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host String
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- id String
The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match A
match
block as defined above.- minimum
Servers Integer The minimum number of servers that are always marked as healthy. Defaults to
0
.- pick
Host BooleanName From Backend Http Settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- port Integer
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval number
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name string
The Name of the Probe.
- path string
The Path used for this Probe.
- protocol string
The Protocol used for this Probe. Possible values are
Http
andHttps
.- timeout number
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold number The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host string
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- id string
The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match A
match
block as defined above.- minimum
Servers number The minimum number of servers that are always marked as healthy. Defaults to
0
.- pick
Host booleanName From Backend Http Settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- port number
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval int
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name str
The Name of the Probe.
- path str
The Path used for this Probe.
- protocol str
The Protocol used for this Probe. Possible values are
Http
andHttps
.- timeout int
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy_
threshold int The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host str
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- id str
The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match A
match
block as defined above.- minimum_
servers int The minimum number of servers that are always marked as healthy. Defaults to
0
.- pick_
host_ boolname_ from_ backend_ http_ settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- port int
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval Number
The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name String
The Name of the Probe.
- path String
The Path used for this Probe.
- protocol String
The Protocol used for this Probe. Possible values are
Http
andHttps
.- timeout Number
The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold Number The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host String
The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1
, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settings
is set totrue
.- id String
The ID of the Rewrite Rule Set
- match Property Map
A
match
block as defined above.- minimum
Servers Number The minimum number of servers that are always marked as healthy. Defaults to
0
.- pick
Host BooleanName From Backend Http Settings Whether the host header should be picked from the backend HTTP settings. Defaults to
false
.- port Number
Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
ApplicationGatewayProbeMatch, ApplicationGatewayProbeMatchArgs
- Status
Codes List<string> A list of allowed status codes for this Health Probe.
- Body string
A snippet from the Response Body which must be present in the Response.
- Status
Codes []string A list of allowed status codes for this Health Probe.
- Body string
A snippet from the Response Body which must be present in the Response.
- status
Codes List<String> A list of allowed status codes for this Health Probe.
- body String
A snippet from the Response Body which must be present in the Response.
- status
Codes string[] A list of allowed status codes for this Health Probe.
- body string
A snippet from the Response Body which must be present in the Response.
- status_
codes Sequence[str] A list of allowed status codes for this Health Probe.
- body str
A snippet from the Response Body which must be present in the Response.
- status
Codes List<String> A list of allowed status codes for this Health Probe.
- body String
A snippet from the Response Body which must be present in the Response.
ApplicationGatewayRedirectConfiguration, ApplicationGatewayRedirectConfigurationArgs
- Name string
Unique name of the redirect configuration block
- Redirect
Type string The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- Id string
The ID of the Rewrite Rule Set
- Include
Path bool Whether or not to include the path in the redirected Url. Defaults to
false
- Include
Query boolString Whether or not to include the query string in the redirected Url. Default to
false
- Target
Listener stringId - Target
Listener stringName The name of the listener to redirect to. Cannot be set if
target_url
is set.- Target
Url string The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
- Name string
Unique name of the redirect configuration block
- Redirect
Type string The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- Id string
The ID of the Rewrite Rule Set
- Include
Path bool Whether or not to include the path in the redirected Url. Defaults to
false
- Include
Query boolString Whether or not to include the query string in the redirected Url. Default to
false
- Target
Listener stringId - Target
Listener stringName The name of the listener to redirect to. Cannot be set if
target_url
is set.- Target
Url string The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
- name String
Unique name of the redirect configuration block
- redirect
Type String The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- id String
The ID of the Rewrite Rule Set
- include
Path Boolean Whether or not to include the path in the redirected Url. Defaults to
false
- include
Query BooleanString Whether or not to include the query string in the redirected Url. Default to
false
- target
Listener StringId - target
Listener StringName The name of the listener to redirect to. Cannot be set if
target_url
is set.- target
Url String The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
- name string
Unique name of the redirect configuration block
- redirect
Type string The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- id string
The ID of the Rewrite Rule Set
- include
Path boolean Whether or not to include the path in the redirected Url. Defaults to
false
- include
Query booleanString Whether or not to include the query string in the redirected Url. Default to
false
- target
Listener stringId - target
Listener stringName The name of the listener to redirect to. Cannot be set if
target_url
is set.- target
Url string The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
- name str
Unique name of the redirect configuration block
- redirect_
type str The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- id str
The ID of the Rewrite Rule Set
- include_
path bool Whether or not to include the path in the redirected Url. Defaults to
false
- include_
query_ boolstring Whether or not to include the query string in the redirected Url. Default to
false
- target_
listener_ strid - target_
listener_ strname The name of the listener to redirect to. Cannot be set if
target_url
is set.- target_
url str The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
- name String
Unique name of the redirect configuration block
- redirect
Type String The type of redirect. Possible values are
Permanent
,Temporary
,Found
andSeeOther
- id String
The ID of the Rewrite Rule Set
- include
Path Boolean Whether or not to include the path in the redirected Url. Defaults to
false
- include
Query BooleanString Whether or not to include the query string in the redirected Url. Default to
false
- target
Listener StringId - target
Listener StringName The name of the listener to redirect to. Cannot be set if
target_url
is set.- target
Url String The Url to redirect the request to. Cannot be set if
target_listener_name
is set.
ApplicationGatewayRequestRoutingRule, ApplicationGatewayRequestRoutingRuleArgs
- Http
Listener stringName The Name of the HTTP Listener which should be used for this Routing Rule.
- Name string
The Name of this Request Routing Rule.
- Rule
Type string The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- Backend
Address stringPool Id The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- Backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- Http
Listener stringId The ID of the associated HTTP Listener.
- Id string
The ID of the Rewrite Rule Set
- Priority int
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- Redirect
Configuration stringId The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- Rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- Url
Path stringMap Id The ID of the associated URL Path Map.
- Url
Path stringMap Name The Name of the URL Path Map which should be associated with this Routing Rule.
- Http
Listener stringName The Name of the HTTP Listener which should be used for this Routing Rule.
- Name string
The Name of this Request Routing Rule.
- Rule
Type string The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- Backend
Address stringPool Id The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- Backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- Http
Listener stringId The ID of the associated HTTP Listener.
- Id string
The ID of the Rewrite Rule Set
- Priority int
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- Redirect
Configuration stringId The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- Rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- Url
Path stringMap Id The ID of the associated URL Path Map.
- Url
Path stringMap Name The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener StringName The Name of the HTTP Listener which should be used for this Routing Rule.
- name String
The Name of this Request Routing Rule.
- rule
Type String The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- backend
Address StringPool Id The ID of the associated Backend Address Pool.
- backend
Address StringPool Name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http StringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- http
Listener StringId The ID of the associated HTTP Listener.
- id String
The ID of the Rewrite Rule Set
- priority Integer
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- redirect
Configuration StringId The ID of the associated Redirect Configuration.
- redirect
Configuration StringName The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule StringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- url
Path StringMap Id The ID of the associated URL Path Map.
- url
Path StringMap Name The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener stringName The Name of the HTTP Listener which should be used for this Routing Rule.
- name string
The Name of this Request Routing Rule.
- rule
Type string The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- backend
Address stringPool Id The ID of the associated Backend Address Pool.
- backend
Address stringPool Name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- http
Listener stringId The ID of the associated HTTP Listener.
- id string
The ID of the Rewrite Rule Set
- priority number
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- redirect
Configuration stringId The ID of the associated Redirect Configuration.
- redirect
Configuration stringName The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- url
Path stringMap Id The ID of the associated URL Path Map.
- url
Path stringMap Name The Name of the URL Path Map which should be associated with this Routing Rule.
- http_
listener_ strname The Name of the HTTP Listener which should be used for this Routing Rule.
- name str
The Name of this Request Routing Rule.
- rule_
type str The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- backend_
address_ strpool_ id The ID of the associated Backend Address Pool.
- backend_
address_ strpool_ name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- backend_
http_ strsettings_ id The ID of the associated Backend HTTP Settings Configuration.
- backend_
http_ strsettings_ name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- http_
listener_ strid The ID of the associated HTTP Listener.
- id str
The ID of the Rewrite Rule Set
- priority int
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- redirect_
configuration_ strid The ID of the associated Redirect Configuration.
- redirect_
configuration_ strname The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite_
rule_ strset_ id The ID of the associated Rewrite Rule Set.
- rewrite_
rule_ strset_ name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- url_
path_ strmap_ id The ID of the associated URL Path Map.
- url_
path_ strmap_ name The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener StringName The Name of the HTTP Listener which should be used for this Routing Rule.
- name String
The Name of this Request Routing Rule.
- rule
Type String The Type of Routing that should be used for this Rule. Possible values are
Basic
andPathBasedRouting
.- backend
Address StringPool Id The ID of the associated Backend Address Pool.
- backend
Address StringPool Name The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http StringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_name
is set.- http
Listener StringId The ID of the associated HTTP Listener.
- id String
The ID of the Rewrite Rule Set
- priority Number
Rule evaluation order can be dictated by specifying an integer value from
1
to20000
with1
being the highest priority and20000
being the lowest priority.NOTE:
priority
is required whensku.0.tier
is set to*_v2
.- redirect
Configuration StringId The ID of the associated Redirect Configuration.
- redirect
Configuration StringName The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule StringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name
,backend_http_settings_name
,redirect_configuration_name
, andrewrite_rule_set_name
are applicable only whenrule_type
isBasic
.- url
Path StringMap Id The ID of the associated URL Path Map.
- url
Path StringMap Name The Name of the URL Path Map which should be associated with this Routing Rule.
ApplicationGatewayRewriteRuleSet, ApplicationGatewayRewriteRuleSetArgs
- Name string
Unique name of the rewrite rule set block
- Id string
The ID of the Rewrite Rule Set
- Rewrite
Rules List<ApplicationGateway Rewrite Rule Set Rewrite Rule> One or more
rewrite_rule
blocks as defined above.
- Name string
Unique name of the rewrite rule set block
- Id string
The ID of the Rewrite Rule Set
- Rewrite
Rules []ApplicationGateway Rewrite Rule Set Rewrite Rule One or more
rewrite_rule
blocks as defined above.
- name String
Unique name of the rewrite rule set block
- id String
The ID of the Rewrite Rule Set
- rewrite
Rules List<ApplicationGateway Rewrite Rule Set Rewrite Rule> One or more
rewrite_rule
blocks as defined above.
- name string
Unique name of the rewrite rule set block
- id string
The ID of the Rewrite Rule Set
- rewrite
Rules ApplicationGateway Rewrite Rule Set Rewrite Rule[] One or more
rewrite_rule
blocks as defined above.
- name str
Unique name of the rewrite rule set block
- id str
The ID of the Rewrite Rule Set
- rewrite_
rules Sequence[ApplicationGateway Rewrite Rule Set Rewrite Rule] One or more
rewrite_rule
blocks as defined above.
- name String
Unique name of the rewrite rule set block
- id String
The ID of the Rewrite Rule Set
- rewrite
Rules List<Property Map> One or more
rewrite_rule
blocks as defined above.
ApplicationGatewayRewriteRuleSetRewriteRule, ApplicationGatewayRewriteRuleSetRewriteRuleArgs
- Name string
Unique name of the rewrite rule block
- Rule
Sequence int Rule sequence of the rewrite rule that determines the order of execution in a set.
- Conditions
List<Application
Gateway Rewrite Rule Set Rewrite Rule Condition> One or more
condition
blocks as defined above.- Request
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration> One or more
request_header_configuration
blocks as defined above.- Response
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration> One or more
response_header_configuration
blocks as defined above.- Url
Application
Gateway Rewrite Rule Set Rewrite Rule Url One
url
block as defined below
- Name string
Unique name of the rewrite rule block
- Rule
Sequence int Rule sequence of the rewrite rule that determines the order of execution in a set.
- Conditions
[]Application
Gateway Rewrite Rule Set Rewrite Rule Condition One or more
condition
blocks as defined above.- Request
Header []ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration One or more
request_header_configuration
blocks as defined above.- Response
Header []ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration One or more
response_header_configuration
blocks as defined above.- Url
Application
Gateway Rewrite Rule Set Rewrite Rule Url One
url
block as defined below
- name String
Unique name of the rewrite rule block
- rule
Sequence Integer Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
List<Application
Gateway Rewrite Rule Set Rewrite Rule Condition> One or more
condition
blocks as defined above.- request
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration> One or more
request_header_configuration
blocks as defined above.- response
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration> One or more
response_header_configuration
blocks as defined above.- url
Application
Gateway Rewrite Rule Set Rewrite Rule Url One
url
block as defined below
- name string
Unique name of the rewrite rule block
- rule
Sequence number Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
Application
Gateway Rewrite Rule Set Rewrite Rule Condition[] One or more
condition
blocks as defined above.- request
Header ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration[] One or more
request_header_configuration
blocks as defined above.- response
Header ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration[] One or more
response_header_configuration
blocks as defined above.- url
Application
Gateway Rewrite Rule Set Rewrite Rule Url One
url
block as defined below
- name str
Unique name of the rewrite rule block
- rule_
sequence int Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
Sequence[Application
Gateway Rewrite Rule Set Rewrite Rule Condition] One or more
condition
blocks as defined above.- request_
header_ Sequence[Applicationconfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration] One or more
request_header_configuration
blocks as defined above.- response_
header_ Sequence[Applicationconfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration] One or more
response_header_configuration
blocks as defined above.- url
Application
Gateway Rewrite Rule Set Rewrite Rule Url One
url
block as defined below
- name String
Unique name of the rewrite rule block
- rule
Sequence Number Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions List<Property Map>
One or more
condition
blocks as defined above.- request
Header List<Property Map>Configurations One or more
request_header_configuration
blocks as defined above.- response
Header List<Property Map>Configurations One or more
response_header_configuration
blocks as defined above.- url Property Map
One
url
block as defined below
ApplicationGatewayRewriteRuleSetRewriteRuleCondition, ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs
- Pattern string
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- Variable string
The variable of the condition.
- Ignore
Case bool Perform a case in-sensitive comparison. Defaults to
false
- Negate bool
Negate the result of the condition evaluation. Defaults to
false
- Pattern string
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- Variable string
The variable of the condition.
- Ignore
Case bool Perform a case in-sensitive comparison. Defaults to
false
- Negate bool
Negate the result of the condition evaluation. Defaults to
false
- pattern String
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable String
The variable of the condition.
- ignore
Case Boolean Perform a case in-sensitive comparison. Defaults to
false
- negate Boolean
Negate the result of the condition evaluation. Defaults to
false
- pattern string
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable string
The variable of the condition.
- ignore
Case boolean Perform a case in-sensitive comparison. Defaults to
false
- negate boolean
Negate the result of the condition evaluation. Defaults to
false
- pattern str
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable str
The variable of the condition.
- ignore_
case bool Perform a case in-sensitive comparison. Defaults to
false
- negate bool
Negate the result of the condition evaluation. Defaults to
false
- pattern String
The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable String
The variable of the condition.
- ignore
Case Boolean Perform a case in-sensitive comparison. Defaults to
false
- negate Boolean
Negate the result of the condition evaluation. Defaults to
false
ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfiguration, ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs
- Header
Name string Header name of the header configuration.
- Header
Value string Header value of the header configuration. To delete a request header set this property to an empty string.
- Header
Name string Header name of the header configuration.
- Header
Value string Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name String Header name of the header configuration.
- header
Value String Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name string Header name of the header configuration.
- header
Value string Header value of the header configuration. To delete a request header set this property to an empty string.
- header_
name str Header name of the header configuration.
- header_
value str Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name String Header name of the header configuration.
- header
Value String Header value of the header configuration. To delete a request header set this property to an empty string.
ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfiguration, ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs
- Header
Name string Header name of the header configuration.
- Header
Value string Header value of the header configuration. To delete a response header set this property to an empty string.
- Header
Name string Header name of the header configuration.
- Header
Value string Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name String Header name of the header configuration.
- header
Value String Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name string Header name of the header configuration.
- header
Value string Header value of the header configuration. To delete a response header set this property to an empty string.
- header_
name str Header name of the header configuration.
- header_
value str Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name String Header name of the header configuration.
- header
Value String Header value of the header configuration. To delete a response header set this property to an empty string.
ApplicationGatewayRewriteRuleSetRewriteRuleUrl, ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs
- Components string
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- Path string
The URL path to rewrite.
- Query
String string The query string to rewrite.
- Reroute bool
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
- Components string
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- Path string
The URL path to rewrite.
- Query
String string The query string to rewrite.
- Reroute bool
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
- components String
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- path String
The URL path to rewrite.
- query
String String The query string to rewrite.
- reroute Boolean
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
- components string
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- path string
The URL path to rewrite.
- query
String string The query string to rewrite.
- reroute boolean
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
- components str
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- path str
The URL path to rewrite.
- query_
string str The query string to rewrite.
- reroute bool
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
- components String
The components used to rewrite the URL. Possible values are
path_only
andquery_string_only
to limit the rewrite to the URL Path or URL Query String only.Note: One or both of
path
andquery_string
must be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepath
orquery_string
, usecomponents
.- path String
The URL path to rewrite.
- query
String String The query string to rewrite.
- reroute Boolean
Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configutation
ApplicationGatewaySku, ApplicationGatewaySkuArgs
- Name string
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- Tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- Capacity int
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
- Name string
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- Tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- Capacity int
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
- name String
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- tier String
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- capacity Integer
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
- name string
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- capacity number
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
- name str
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- tier str
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- capacity int
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
- name String
The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small
,Standard_Medium
,Standard_Large
,Standard_v2
,WAF_Medium
,WAF_Large
, andWAF_v2
.- tier String
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard
,Standard_v2
,WAF
andWAF_v2
.- capacity Number
The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between 1 and 32, and 1 to 125 for a V2 SKU. This property is optional if
autoscale_configuration
is set.
ApplicationGatewaySslCertificate, ApplicationGatewaySslCertificateArgs
- Name string
The Name of the SSL certificate that is unique within this Application Gateway
- Data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- Id string
The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- Password string
Password for the pfx file specified in data. Required if
data
is set.- Public
Cert stringData The Public Certificate Data associated with the SSL Certificate.
- Name string
The Name of the SSL certificate that is unique within this Application Gateway
- Data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- Id string
The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- Password string
Password for the pfx file specified in data. Required if
data
is set.- Public
Cert stringData The Public Certificate Data associated with the SSL Certificate.
- name String
The Name of the SSL certificate that is unique within this Application Gateway
- data String
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- id String
The ID of the Rewrite Rule Set
- key
Vault StringSecret Id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password String
Password for the pfx file specified in data. Required if
data
is set.- public
Cert StringData The Public Certificate Data associated with the SSL Certificate.
- name string
The Name of the SSL certificate that is unique within this Application Gateway
- data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- id string
The ID of the Rewrite Rule Set
- key
Vault stringSecret Id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password string
Password for the pfx file specified in data. Required if
data
is set.- public
Cert stringData The Public Certificate Data associated with the SSL Certificate.
- name str
The Name of the SSL certificate that is unique within this Application Gateway
- data str
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- id str
The ID of the Rewrite Rule Set
- key_
vault_ strsecret_ id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password str
Password for the pfx file specified in data. Required if
data
is set.- public_
cert_ strdata The Public Certificate Data associated with the SSL Certificate.
- name String
The Name of the SSL certificate that is unique within this Application Gateway
- data String
The base64-encoded PFX certificate data. Required if
key_vault_secret_id
is not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")
to encode the contents of that file.- id String
The ID of the Rewrite Rule Set
- key
Vault StringSecret Id Secret Id of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password String
Password for the pfx file specified in data. Required if
data
is set.- public
Cert StringData The Public Certificate Data associated with the SSL Certificate.
ApplicationGatewaySslPolicy, ApplicationGatewaySslPolicyArgs
- Cipher
Suites List<string> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- Disabled
Protocols List<string> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- Min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- Policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- Policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- Cipher
Suites []string A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- Disabled
Protocols []string A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- Min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- Policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- Policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites List<String> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol StringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name String The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type String The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites string[] A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols string[] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher_
suites Sequence[str] A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled_
protocols Sequence[str] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min_
protocol_ strversion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy_
name str The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy_
type str The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites List<String> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol StringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name String The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type String The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
ApplicationGatewaySslProfile, ApplicationGatewaySslProfileArgs
- Name string
The name of the SSL Profile that is unique within this Application Gateway.
- Id string
The ID of the Rewrite Rule Set
- Ssl
Policy ApplicationGateway Ssl Profile Ssl Policy a
ssl_policy
block as defined below.- Trusted
Client List<string>Certificate Names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- Verify
Client boolCert Issuer Dn Should client certificate issuer DN be verified? Defaults to
false
.
- Name string
The name of the SSL Profile that is unique within this Application Gateway.
- Id string
The ID of the Rewrite Rule Set
- Ssl
Policy ApplicationGateway Ssl Profile Ssl Policy a
ssl_policy
block as defined below.- Trusted
Client []stringCertificate Names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- Verify
Client boolCert Issuer Dn Should client certificate issuer DN be verified? Defaults to
false
.
- name String
The name of the SSL Profile that is unique within this Application Gateway.
- id String
The ID of the Rewrite Rule Set
- ssl
Policy ApplicationGateway Ssl Profile Ssl Policy a
ssl_policy
block as defined below.- trusted
Client List<String>Certificate Names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client BooleanCert Issuer Dn Should client certificate issuer DN be verified? Defaults to
false
.
- name string
The name of the SSL Profile that is unique within this Application Gateway.
- id string
The ID of the Rewrite Rule Set
- ssl
Policy ApplicationGateway Ssl Profile Ssl Policy a
ssl_policy
block as defined below.- trusted
Client string[]Certificate Names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client booleanCert Issuer Dn Should client certificate issuer DN be verified? Defaults to
false
.
- name str
The name of the SSL Profile that is unique within this Application Gateway.
- id str
The ID of the Rewrite Rule Set
- ssl_
policy ApplicationGateway Ssl Profile Ssl Policy a
ssl_policy
block as defined below.- trusted_
client_ Sequence[str]certificate_ names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify_
client_ boolcert_ issuer_ dn Should client certificate issuer DN be verified? Defaults to
false
.
- name String
The name of the SSL Profile that is unique within this Application Gateway.
- id String
The ID of the Rewrite Rule Set
- ssl
Policy Property Map a
ssl_policy
block as defined below.- trusted
Client List<String>Certificate Names The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client BooleanCert Issuer Dn Should client certificate issuer DN be verified? Defaults to
false
.
ApplicationGatewaySslProfileSslPolicy, ApplicationGatewaySslProfileSslPolicyArgs
- Cipher
Suites List<string> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- Disabled
Protocols List<string> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- Min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- Policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- Policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- Cipher
Suites []string A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- Disabled
Protocols []string A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- Min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- Policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- Policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites List<String> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol StringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name String The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type String The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites string[] A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols string[] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol stringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name string The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type string The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher_
suites Sequence[str] A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled_
protocols Sequence[str] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min_
protocol_ strversion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy_
name str The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy_
type str The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
- cipher
Suites List<String> A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,TLS_RSA_WITH_3DES_EDE_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA
,TLS_RSA_WITH_AES_128_CBC_SHA256
,TLS_RSA_WITH_AES_128_GCM_SHA256
,TLS_RSA_WITH_AES_256_CBC_SHA
,TLS_RSA_WITH_AES_256_CBC_SHA256
andTLS_RSA_WITH_AES_256_GCM_SHA384
.- disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.NOTE:
disabled_protocols
cannot be set whenpolicy_name
orpolicy_type
are set.- min
Protocol StringVersion The minimal TLS version. Possible values are
TLSv1_0
,TLSv1_1
,TLSv1_2
andTLSv1_3
.- policy
Name String The Name of the Policy e.g AppGwSslPolicy20170401S. Required if
policy_type
is set toPredefined
. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols
.- policy
Type String The Type of the Policy. Possible values are
Predefined
,Custom
andCustomV2
.NOTE:
policy_type
is Required whenpolicy_name
is set - cannot be set ifdisabled_protocols
is set.
ApplicationGatewayTrustedClientCertificate, ApplicationGatewayTrustedClientCertificateArgs
ApplicationGatewayTrustedRootCertificate, ApplicationGatewayTrustedRootCertificateArgs
- Name string
The Name of the Trusted Root Certificate to use.
- Data string
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- Id string
The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- Name string
The Name of the Trusted Root Certificate to use.
- Data string
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- Id string
The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name String
The Name of the Trusted Root Certificate to use.
- data String
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- id String
The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name string
The Name of the Trusted Root Certificate to use.
- data string
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- id string
The ID of the Rewrite Rule Set
- key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name str
The Name of the Trusted Root Certificate to use.
- data str
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- id str
The ID of the Rewrite Rule Set
- key_
vault_ strsecret_ id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name String
The Name of the Trusted Root Certificate to use.
- data String
The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_id
is not set.- id String
The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
Secret
orCertificate
object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdata
is not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identity
block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
ApplicationGatewayUrlPathMap, ApplicationGatewayUrlPathMapArgs
- Name string
The Name of the URL Path Map.
- Path
Rules List<ApplicationGateway Url Path Map Path Rule> One or more
path_rule
blocks as defined above.- Default
Backend stringAddress Pool Id The ID of the Default Backend Address Pool.
- Default
Backend stringAddress Pool Name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- Default
Backend stringHttp Settings Id The ID of the Default Backend HTTP Settings Collection.
- Default
Backend stringHttp Settings Name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- Default
Redirect stringConfiguration Id The ID of the Default Redirect Configuration.
- Default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- Default
Rewrite stringRule Set Id - Default
Rewrite stringRule Set Name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Id string
The ID of the Rewrite Rule Set
- Name string
The Name of the URL Path Map.
- Path
Rules []ApplicationGateway Url Path Map Path Rule One or more
path_rule
blocks as defined above.- Default
Backend stringAddress Pool Id The ID of the Default Backend Address Pool.
- Default
Backend stringAddress Pool Name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- Default
Backend stringHttp Settings Id The ID of the Default Backend HTTP Settings Collection.
- Default
Backend stringHttp Settings Name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- Default
Redirect stringConfiguration Id The ID of the Default Redirect Configuration.
- Default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- Default
Rewrite stringRule Set Id - Default
Rewrite stringRule Set Name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Id string
The ID of the Rewrite Rule Set
- name String
The Name of the URL Path Map.
- path
Rules List<ApplicationGateway Url Path Map Path Rule> One or more
path_rule
blocks as defined above.- default
Backend StringAddress Pool Id The ID of the Default Backend Address Pool.
- default
Backend StringAddress Pool Name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Backend StringHttp Settings Id The ID of the Default Backend HTTP Settings Collection.
- default
Backend StringHttp Settings Name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Redirect StringConfiguration Id The ID of the Default Redirect Configuration.
- default
Redirect StringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- default
Rewrite StringRule Set Id - default
Rewrite StringRule Set Name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id String
The ID of the Rewrite Rule Set
- name string
The Name of the URL Path Map.
- path
Rules ApplicationGateway Url Path Map Path Rule[] One or more
path_rule
blocks as defined above.- default
Backend stringAddress Pool Id The ID of the Default Backend Address Pool.
- default
Backend stringAddress Pool Name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Backend stringHttp Settings Id The ID of the Default Backend HTTP Settings Collection.
- default
Backend stringHttp Settings Name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Redirect stringConfiguration Id The ID of the Default Redirect Configuration.
- default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- default
Rewrite stringRule Set Id - default
Rewrite stringRule Set Name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id string
The ID of the Rewrite Rule Set
- name str
The Name of the URL Path Map.
- path_
rules Sequence[ApplicationGateway Url Path Map Path Rule] One or more
path_rule
blocks as defined above.- default_
backend_ straddress_ pool_ id The ID of the Default Backend Address Pool.
- default_
backend_ straddress_ pool_ name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default_
backend_ strhttp_ settings_ id The ID of the Default Backend HTTP Settings Collection.
- default_
backend_ strhttp_ settings_ name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default_
redirect_ strconfiguration_ id The ID of the Default Redirect Configuration.
- default_
redirect_ strconfiguration_ name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- default_
rewrite_ strrule_ set_ id - default_
rewrite_ strrule_ set_ name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id str
The ID of the Rewrite Rule Set
- name String
The Name of the URL Path Map.
- path
Rules List<Property Map> One or more
path_rule
blocks as defined above.- default
Backend StringAddress Pool Id The ID of the Default Backend Address Pool.
- default
Backend StringAddress Pool Name The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Backend StringHttp Settings Id The ID of the Default Backend HTTP Settings Collection.
- default
Backend StringHttp Settings Name The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_name
is set.- default
Redirect StringConfiguration Id The ID of the Default Redirect Configuration.
- default
Redirect StringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_name
ordefault_backend_http_settings_name
is set.NOTE: Both
default_backend_address_pool_name
anddefault_backend_http_settings_name
ordefault_redirect_configuration_name
should be specified.- default
Rewrite StringRule Set Id - default
Rewrite StringRule Set Name The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id String
The ID of the Rewrite Rule Set
ApplicationGatewayUrlPathMapPathRule, ApplicationGatewayUrlPathMapPathRuleArgs
- Name string
The Name of the Path Rule.
- Paths List<string>
A list of Paths used in this Path Rule.
- Backend
Address stringPool Id The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- Backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- Firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- Id string
The ID of the Rewrite Rule Set
- Redirect
Configuration stringId The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- Rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Name string
The Name of the Path Rule.
- Paths []string
A list of Paths used in this Path Rule.
- Backend
Address stringPool Id The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- Backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- Firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- Id string
The ID of the Rewrite Rule Set
- Redirect
Configuration stringId The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- Rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name String
The Name of the Path Rule.
- paths List<String>
A list of Paths used in this Path Rule.
- backend
Address StringPool Id The ID of the associated Backend Address Pool.
- backend
Address StringPool Name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http StringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- firewall
Policy StringId The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- id String
The ID of the Rewrite Rule Set
- redirect
Configuration StringId The ID of the associated Redirect Configuration.
- redirect
Configuration StringName The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule StringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name string
The Name of the Path Rule.
- paths string[]
A list of Paths used in this Path Rule.
- backend
Address stringPool Id The ID of the associated Backend Address Pool.
- backend
Address stringPool Name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http stringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http stringSettings Name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- firewall
Policy stringId The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- id string
The ID of the Rewrite Rule Set
- redirect
Configuration stringId The ID of the associated Redirect Configuration.
- redirect
Configuration stringName The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule stringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name str
The Name of the Path Rule.
- paths Sequence[str]
A list of Paths used in this Path Rule.
- backend_
address_ strpool_ id The ID of the associated Backend Address Pool.
- backend_
address_ strpool_ name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- backend_
http_ strsettings_ id The ID of the associated Backend HTTP Settings Configuration.
- backend_
http_ strsettings_ name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- firewall_
policy_ strid The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- id str
The ID of the Rewrite Rule Set
- redirect_
configuration_ strid The ID of the associated Redirect Configuration.
- redirect_
configuration_ strname The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite_
rule_ strset_ id The ID of the associated Rewrite Rule Set.
- rewrite_
rule_ strset_ name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name String
The Name of the Path Rule.
- paths List<String>
A list of Paths used in this Path Rule.
- backend
Address StringPool Id The ID of the associated Backend Address Pool.
- backend
Address StringPool Name The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- backend
Http StringSettings Id The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_name
is set.- firewall
Policy StringId The ID of the Web Application Firewall Policy which should be used as a HTTP Listener.
- id String
The ID of the Rewrite Rule Set
- redirect
Configuration StringId The ID of the associated Redirect Configuration.
- redirect
Configuration StringName The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_name
orbackend_http_settings_name
is set.- rewrite
Rule StringSet Id The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
ApplicationGatewayWafConfiguration, ApplicationGatewayWafConfigurationArgs
- Enabled bool
Is the Web Application Firewall enabled?
- Firewall
Mode string The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- Rule
Set stringVersion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- Disabled
Rule List<ApplicationGroups Gateway Waf Configuration Disabled Rule Group> one or more
disabled_rule_group
blocks as defined below.- Exclusions
List<Application
Gateway Waf Configuration Exclusion> one or more
exclusion
blocks as defined below.- File
Upload intLimit Mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- Max
Request intBody Size Kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- Request
Body boolCheck Is Request Body Inspection enabled? Defaults to
true
.- Rule
Set stringType The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
- Enabled bool
Is the Web Application Firewall enabled?
- Firewall
Mode string The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- Rule
Set stringVersion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- Disabled
Rule []ApplicationGroups Gateway Waf Configuration Disabled Rule Group one or more
disabled_rule_group
blocks as defined below.- Exclusions
[]Application
Gateway Waf Configuration Exclusion one or more
exclusion
blocks as defined below.- File
Upload intLimit Mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- Max
Request intBody Size Kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- Request
Body boolCheck Is Request Body Inspection enabled? Defaults to
true
.- Rule
Set stringType The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
- enabled Boolean
Is the Web Application Firewall enabled?
- firewall
Mode String The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- rule
Set StringVersion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- disabled
Rule List<ApplicationGroups Gateway Waf Configuration Disabled Rule Group> one or more
disabled_rule_group
blocks as defined below.- exclusions
List<Application
Gateway Waf Configuration Exclusion> one or more
exclusion
blocks as defined below.- file
Upload IntegerLimit Mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- max
Request IntegerBody Size Kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- request
Body BooleanCheck Is Request Body Inspection enabled? Defaults to
true
.- rule
Set StringType The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
- enabled boolean
Is the Web Application Firewall enabled?
- firewall
Mode string The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- rule
Set stringVersion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- disabled
Rule ApplicationGroups Gateway Waf Configuration Disabled Rule Group[] one or more
disabled_rule_group
blocks as defined below.- exclusions
Application
Gateway Waf Configuration Exclusion[] one or more
exclusion
blocks as defined below.- file
Upload numberLimit Mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- max
Request numberBody Size Kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- request
Body booleanCheck Is Request Body Inspection enabled? Defaults to
true
.- rule
Set stringType The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
- enabled bool
Is the Web Application Firewall enabled?
- firewall_
mode str The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- rule_
set_ strversion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- disabled_
rule_ Sequence[Applicationgroups Gateway Waf Configuration Disabled Rule Group] one or more
disabled_rule_group
blocks as defined below.- exclusions
Sequence[Application
Gateway Waf Configuration Exclusion] one or more
exclusion
blocks as defined below.- file_
upload_ intlimit_ mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- max_
request_ intbody_ size_ kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- request_
body_ boolcheck Is Request Body Inspection enabled? Defaults to
true
.- rule_
set_ strtype The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
- enabled Boolean
Is the Web Application Firewall enabled?
- firewall
Mode String The Web Application Firewall Mode. Possible values are
Detection
andPrevention
.- rule
Set StringVersion The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1
,1.0
,2.2.9
,3.0
,3.1
and3.2
.- disabled
Rule List<Property Map>Groups one or more
disabled_rule_group
blocks as defined below.- exclusions List<Property Map>
one or more
exclusion
blocks as defined below.- file
Upload NumberLimit Mb The File Upload Limit in MB. Accepted values are in the range
1
MB to750
MB for theWAF_v2
SKU, and1
MB to500
MB for all other SKUs. Defaults to100
MB.- max
Request NumberBody Size Kb The Maximum Request Body Size in KB. Accepted values are in the range
1
KB to128
KB. Defaults to128
KB.- request
Body BooleanCheck Is Request Body Inspection enabled? Defaults to
true
.- rule
Set StringType The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP
andMicrosoft_BotManagerRuleSet
.
ApplicationGatewayWafConfigurationDisabledRuleGroup, ApplicationGatewayWafConfigurationDisabledRuleGroupArgs
- Rule
Group stringName The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- Rules List<int>
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
- Rule
Group stringName The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- Rules []int
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
- rule
Group StringName The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- rules List<Integer>
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
- rule
Group stringName The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- rules number[]
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
- rule_
group_ strname The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- rules Sequence[int]
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
- rule
Group StringName The rule group where specific rules should be disabled. Possible values are
BadBots
,crs_20_protocol_violations
,crs_21_protocol_anomalies
,crs_23_request_limits
,crs_30_http_policy
,crs_35_bad_robots
,crs_40_generic_attacks
,crs_41_sql_injection_attacks
,crs_41_xss_attacks
,crs_42_tight_security
,crs_45_trojans
,General
,GoodBots
,Known-CVEs
,REQUEST-911-METHOD-ENFORCEMENT
,REQUEST-913-SCANNER-DETECTION
,REQUEST-920-PROTOCOL-ENFORCEMENT
,REQUEST-921-PROTOCOL-ATTACK
,REQUEST-930-APPLICATION-ATTACK-LFI
,REQUEST-931-APPLICATION-ATTACK-RFI
,REQUEST-932-APPLICATION-ATTACK-RCE
,REQUEST-933-APPLICATION-ATTACK-PHP
,REQUEST-941-APPLICATION-ATTACK-XSS
,REQUEST-942-APPLICATION-ATTACK-SQLI
,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION
,REQUEST-944-APPLICATION-ATTACK-JAVA
andUnknownBots
.- rules List<Number>
A list of rules which should be disabled in that group. Disables all rules in the specified group if
rules
is not specified.
ApplicationGatewayWafConfigurationExclusion, ApplicationGatewayWafConfigurationExclusionArgs
- Match
Variable string Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- Selector string
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- Selector
Match stringOperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
- Match
Variable string Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- Selector string
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- Selector
Match stringOperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
- match
Variable String Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- selector String
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- selector
Match StringOperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
- match
Variable string Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- selector string
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- selector
Match stringOperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
- match_
variable str Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- selector str
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- selector_
match_ stroperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
- match
Variable String Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys
,RequestArgNames
,RequestArgValues
,RequestCookieKeys
,RequestCookieNames
,RequestCookieValues
,RequestHeaderKeys
,RequestHeaderNames
andRequestHeaderValues
- selector String
String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable
- selector
Match StringOperator Operator which will be used to search in the variable content. Possible values are
Contains
,EndsWith
,Equals
,EqualsAny
andStartsWith
. If empty will exclude all traffic on thismatch_variable
Import
Application Gateway’s can be imported using the resource id
, e.g.
$ pulumi import azure:network/applicationGateway:ApplicationGateway example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurerm
Terraform Provider.